urlscan.io logo urlscan.io
SecurityTrails logo

www.playamo43.com Open in urlscan Pro
92.53.189.75  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://plastomanowak.pl/0.07891491340181389
Effective URL: https://www.playamo43.com/refer/b070aa70?__layerref=
Submission: On November 06 via api from US — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 9 countries across 41 domains to perform 89 HTTP transactions. The main IP is 92.53.189.75, located in Alpharetta, United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.playamo43.com.
TLS certificate: Issued by WE1 on September 13th 2024. Valid for: 3 months.
This is the only time www.playamo43.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 79.96.24.253 12824 (HOMEPL-AS)
1 104.21.235.214 13335 (CLOUDFLAR...)
1 2 151.101.192.241 54113 (FASTLY)
1 207.241.234.146 7941 (INTERNET-...)
1 1 91.188.56.54 20910 (BALTKOM-AS)
1 172.64.154.31 13335 (CLOUDFLAR...)
2 5 92.53.189.75 209242 (CLOUDFLAR...)
1 142.250.186.74 15169 (GOOGLE)
2 142.250.185.168 15169 (GOOGLE)
1 142.250.186.99 15169 (GOOGLE)
2 142.250.185.130 15169 (GOOGLE)
3 157.240.253.1 32934 (FACEBOOK)
8 99.86.8.175 16509 (AMAZON-02)
1 151.101.64.64 54113 (FASTLY)
3 23.76.204.35 20940 (AKAMAI-ASN1)
1 169.150.247.37 60068 (CDN77 _)
2 216.239.32.36 15169 (GOOGLE)
1 74.125.206.154 15169 (GOOGLE)
2 142.250.185.99 15169 (GOOGLE)
2 88.214.206.32 46636 (NATCOWEB)
1 66.254.114.154 29789 (REFLECTED)
8 157.240.253.35 32934 (FACEBOOK)
1 1 142.250.181.226 15169 (GOOGLE)
1 1 142.250.185.68 15169 (GOOGLE)
1 35.163.144.222 16509 (AMAZON-02)
1 188.42.63.49 7979 (SERVERS-COM)
1 188.42.63.48 7979 (SERVERS-COM)
1 18.66.102.51 16509 (AMAZON-02)
4 9 77.88.21.119 13238 (YANDEX)
2 216.58.206.46 15169 (GOOGLE)
2 188.114.96.3 13335 (CLOUDFLAR...)
1 95.211.229.248 60781 (LEASEWEB-...)
3 95.211.229.246 60781 (LEASEWEB-...)
1 2 35.214.174.141 15169 (GOOGLE)
1 159.69.137.49 24940 (HETZNER-AS)
1 151.101.129.44 54113 (FASTLY)
1 13.32.27.19 16509 (AMAZON-02)
3 4 35.214.136.108 15169 (GOOGLE)
1 18.184.206.66 16509 (AMAZON-02)
2 51.75.86.98 16276 (OVH)
1 18.66.112.15 16509 (AMAZON-02)
89 39
6    79.96.24.253 (Poland)

ASN12824 (HOMEPL-AS, PL)
PTR: cloudserver057149.home.pl
plastomanowak.pl
1    104.21.235.214 (None, )

ASN13335 (CLOUDFLARENET, US)
icons.iconarchive.com
2    151.101.192.241 (San Francisco, United States)

ASN54113 (FASTLY, US)
rlv.zcache.fr
asset.zcache.com
1    207.241.234.146 (United States)

ASN7941 (INTERNET-ARCHIVE, US)
PTR: ol-covers0.us.archive.org
covers.openlibrary.org
1    91.188.56.54 (Dobele, Latvia)

ASN20910 (BALTKOM-AS, LV)
books.odintara.com
1    172.64.154.31 (None, )

ASN13335 (CLOUDFLARENET, US)
www.amocasino.com
5    92.53.189.75 (Alpharetta, United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
playamo43.com
www.playamo43.com
1    142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net
fonts.googleapis.com
2    142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net
www.googletagmanager.com
1    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
fonts.gstatic.com
2    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
www.googleadservices.com
3    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
8    99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net
cdn.segment.com
1    151.101.64.64 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.cooladata.com
3    23.76.204.35 (Schiphol, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-76-204-35.deploy.static.akamaitechnologies.com
tm.ads.sportradar.com
tracker.ads.sportradar.com
1    169.150.247.37 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 169-150-247-37.bunnyinfra.net
dsp-media.eskimi.com
2    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    74.125.206.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f154.1e100.net
stats.g.doubleclick.net
2    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
www.google.pl
2    88.214.206.32 (Clifton, United States)

ASN46636 (NATCOWEB, US)
track.trackingtraffo.com
1    66.254.114.154 (United States)

ASN29789 (REFLECTED, US)
PTR: reflectededge.reflected.net
ads.trafficjunky.net
8    157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com
www.facebook.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net
www.google.com
1    35.163.144.222 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-144-222.us-west-2.compute.amazonaws.com
api.segment.io
1    188.42.63.49 (Luxembourg)

ASN7979 (SERVERS-COM, US)
dsp-trk.eskimi.com
1    188.42.63.48 (Luxembourg)

ASN7979 (SERVERS-COM, US)
dsp-ap.eskimi.com
1    18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net
static.hotjar.com
9    77.88.21.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
2    216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f14.1e100.net
www.google-analytics.com
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
my.rtmark.net
1    95.211.229.248 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ds03.evo.0x3e.net
s.magsrv.com
3    95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
s.opoxv.com
s.pemsrv.com
syndication.realsrv.com
2    35.214.174.141 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 141.174.214.35.bc.googleusercontent.com
a.sportradarserving.com
1    159.69.137.49 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.137.69.159.clients.your-server.de
tsyndicate.com
1    151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net
script.hotjar.com
4    35.214.136.108 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 108.136.214.35.bc.googleusercontent.com
x.bidswitch.net
1    18.184.206.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-206-66.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    18.66.112.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-15.fra56.r.cloudfront.net
vc.hotjar.io
Apex Domain
Subdomains		 Transfer
8 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
7 KB
8 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1794
67 KB
6 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9307
4 KB
6 plastomanowak.pl
plastomanowak.pl
146 KB
5 playamo43.com
playamo43.com
www.playamo43.com
66 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 399
504 B
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4610
56 KB
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4401
www.google.com — Cisco Umbrella Rank: 3
1 KB
3 eskimi.com
dsp-media.eskimi.com — Cisco Umbrella Rank: 56427
dsp-trk.eskimi.com — Cisco Umbrella Rank: 51181
dsp-ap.eskimi.com — Cisco Umbrella Rank: 13939
4 KB
3 sportradar.com
tm.ads.sportradar.com — Cisco Umbrella Rank: 42908
tracker.ads.sportradar.com — Cisco Umbrella Rank: 44932
62 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
80 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 691
401 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2448
3 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10912
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
22 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 877
script.hotjar.com — Cisco Umbrella Rank: 1177
61 KB
2 trackingtraffo.com
track.trackingtraffo.com — Cisco Umbrella Rank: 124677
1 KB
2 google.pl
www.google.pl — Cisco Umbrella Rank: 29079
562 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
571 B
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 89
23 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
193 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3185
232 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 521
58 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 686
362 B
1 tsyndicate.com
tsyndicate.com — Cisco Umbrella Rank: 8875
437 B
1 realsrv.com
syndication.realsrv.com — Cisco Umbrella Rank: 37847
449 B
1 pemsrv.com
s.pemsrv.com — Cisco Umbrella Rank: 28055
448 B
1 opoxv.com
s.opoxv.com — Cisco Umbrella Rank: 51864
447 B
1 magsrv.com
s.magsrv.com — Cisco Umbrella Rank: 12861
448 B
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1324
176 B
1 trafficjunky.net
ads.trafficjunky.net — Cisco Umbrella Rank: 61690
592 B
1 cooladata.com
cdn.cooladata.com — Cisco Umbrella Rank: 153685
api.cooladata.com Failed
6 KB
1 gstatic.com
fonts.gstatic.com
21 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
1 amocasino.com
www.amocasino.com
3 KB
1 odintara.com
books.odintara.com Failed
348 B
1 openlibrary.org
covers.openlibrary.org — Cisco Umbrella Rank: 146085
1 zcache.com
asset.zcache.com — Cisco Umbrella Rank: 86840
258 B
1 zcache.fr
rlv.zcache.fr
536 B
1 iconarchive.com
icons.iconarchive.com — Cisco Umbrella Rank: 132001 Failed
6 KB
0 thetasgroup.com Failed
www2.thetasgroup.com Failed
89 41
Domain Requested by
8 www.facebook.com
8 cdn.segment.com plastomanowak.pl
cdn.segment.com
6 mc.yandex.com 3 redirects mc.yandex.ru
6 plastomanowak.pl plastomanowak.pl
4 x.bidswitch.net 3 redirects
3 mc.yandex.ru 1 redirects cdn.segment.com
3 connect.facebook.net plastomanowak.pl
connect.facebook.net
3 www.playamo43.com www.amocasino.com
2 onetag-sys.com
2 a.sportradarserving.com 1 redirects
2 tracker.ads.sportradar.com tm.ads.sportradar.com
tracker.ads.sportradar.com
2 my.rtmark.net www.googletagmanager.com
2 www.google-analytics.com cdn.segment.com
www.google-analytics.com
2 track.trackingtraffo.com www.googletagmanager.com
2 www.google.pl
2 region1.analytics.google.com www.googletagmanager.com
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 www.googletagmanager.com www.playamo43.com
www.googletagmanager.com
2 playamo43.com 2 redirects
1 vc.hotjar.io script.hotjar.com
1 match.sharethrough.com
1 script.hotjar.com static.hotjar.com
1 trc.taboola.com
1 tsyndicate.com
1 syndication.realsrv.com
1 s.pemsrv.com
1 s.opoxv.com
1 s.magsrv.com
1 static.hotjar.com cdn.segment.com
1 dsp-ap.eskimi.com dsp-media.eskimi.com
1 dsp-trk.eskimi.com dsp-media.eskimi.com
1 api.segment.io cdn.segment.com
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 ads.trafficjunky.net
1 stats.g.doubleclick.net www.googletagmanager.com
1 dsp-media.eskimi.com plastomanowak.pl
1 tm.ads.sportradar.com plastomanowak.pl
1 cdn.cooladata.com plastomanowak.pl
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com www.playamo43.com
1 www.amocasino.com plastomanowak.pl
1 books.odintara.com plastomanowak.pl
1 covers.openlibrary.org plastomanowak.pl
1 asset.zcache.com
1 rlv.zcache.fr 1 redirects
1 icons.iconarchive.com plastomanowak.pl
0 api.cooladata.com Failed
0 www2.thetasgroup.com Failed plastomanowak.pl
89 49

This site contains no links.

Subject Issuer Validity Valid
plastomanowak.pl
Certyfikat SSL		 2024-09-03 -
2025-09-03		 a year crt.sh
iconarchive.com
WE1		 2024-09-27 -
2024-12-26		 3 months crt.sh
covers.openlibrary.org
R10		 2024-10-26 -
2025-01-24		 3 months crt.sh
www.amocasino.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh
playamo43.com
WE1		 2024-09-13 -
2024-12-12		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.googleadservices.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-15 -
2024-11-13		 3 months crt.sh
*.segment.com
Amazon RSA 2048 M02		 2024-10-15 -
2025-11-14		 a year crt.sh
*.cooladata.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2		 2024-06-23 -
2025-07-25		 a year crt.sh
tracker.ads.sportradar.com
R10		 2024-09-19 -
2024-12-18		 3 months crt.sh
*.eskimi.com
GeoTrust TLS RSA CA G1		 2024-04-08 -
2025-05-09		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.pl
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
trackingtraffo.com
Sectigo RSA Domain Validation Secure Server CA		 2024-09-05 -
2025-09-05		 a year crt.sh
*.trafficjunky.net
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2023-11-14 -
2024-12-14		 a year crt.sh
*.segment.io
Amazon RSA 2048 M03		 2023-12-13 -
2025-01-11		 a year crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-10-20 -
2025-04-01		 5 months crt.sh
my.rtmark.net
WE1		 2024-11-06 -
2025-02-04		 3 months crt.sh
magsrv.com
E5		 2024-09-12 -
2024-12-11		 3 months crt.sh
opoxv.com
E6		 2024-09-12 -
2024-12-11		 3 months crt.sh
pemsrv.com
E5		 2024-09-12 -
2024-12-11		 3 months crt.sh
realsrv.com
E6		 2024-09-12 -
2024-12-11		 3 months crt.sh
tsyndicate.com
E6		 2024-10-14 -
2025-01-12		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2024-12-31		 5 months crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-23 -
2024-12-21		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-02-07 -
2025-03-08		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.playamo43.com/refer/b070aa70?__layerref=
Frame ID: 9FDBDBEB8FAABA8E66CA2C003A872376
Requests: 90 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 24B93CD43AEB01515BBE090773E32C9C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Engineering works

Page URL History Show full URLs

  1. https://plastomanowak.pl/0.07891491340181389 Page URL
  2. http://books.odintara.com:1080/read.html?keyword=0.07891491340181389&se=12-27-08-2019-5&ur=1&default_keywor... HTTP 307
    https://books.odintara.com:1080/read.html?keyword=0.07891491340181389&se=12-27-08-2019-5&ur=1&default_keywor... HTTP 307
    http://books.odintara.com:1080/read.html?keyword=0.07891491340181389&se=12-27-08-2019-5&ur=1&default_keywor... HTTP 302
    https://www.amocasino.com/refer/b070aa70 Page URL
  3. https://playamo43.com/refer/b070aa70?__layerref= HTTP 301
    https://www.playamo43.com/refer/b070aa70?__layerref= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

89
Requests

76 %
HTTPS

0 %
IPv6

41
Domains

49
Subdomains

39
IPs

9
Countries

835 kB
Transfer

2390 kB
Size

51
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://plastomanowak.pl/0.07891491340181389 Page URL
  2. http://books.odintara.com:1080/read.html?keyword=0.07891491340181389&se=12-27-08-2019-5&ur=1&default_keyword=0.07891491340181389&HTTP_REFERER=http://plastomanowak.pl/0.07891491340181389 HTTP 307
    https://books.odintara.com:1080/read.html?keyword=0.07891491340181389&se=12-27-08-2019-5&ur=1&default_keyword=0.07891491340181389&HTTP_REFERER=http://plastomanowak.pl/0.07891491340181389 HTTP 307
    http://books.odintara.com:1080/read.html?keyword=0.07891491340181389&se=12-27-08-2019-5&ur=1&default_keyword=0.07891491340181389&HTTP_REFERER=http://plastomanowak.pl/0.07891491340181389 HTTP 302
    https://www.amocasino.com/refer/b070aa70 Page URL
  3. https://playamo43.com/refer/b070aa70?__layerref= HTTP 301
    https://www.playamo43.com/refer/b070aa70?__layerref= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://rlv.zcache.fr/etiquette_texte_blanc_noir_de_coutume_de_maths_dalgebre-r14d61f65ebdd40e8828ab7c7478c5ce2_v113i_8byvr_307.jpg HTTP 302
  • https://asset.zcache.com/assets/graphics/design/err/blank.gif
Request Chain 20
  • http://books.odintara.com:1080/read.html?keyword=0.07891491340181389&se=12-27-08-2019-5&ur=1&default_keyword=0.07891491340181389&HTTP_REFERER=http://plastomanowak.pl/0.07891491340181389 HTTP 307
  • https://books.odintara.com:1080/read.html?keyword=0.07891491340181389&se=12-27-08-2019-5&ur=1&default_keyword=0.07891491340181389&HTTP_REFERER=http://plastomanowak.pl/0.07891491340181389 HTTP 307
  • http://books.odintara.com:1080/read.html?keyword=0.07891491340181389&se=12-27-08-2019-5&ur=1&default_keyword=0.07891491340181389&HTTP_REFERER=http://plastomanowak.pl/0.07891491340181389 HTTP 302
  • https://www.amocasino.com/refer/b070aa70
Request Chain 21
  • https://playamo43.com/resources/images/favicon.png?1730910263198 HTTP 301
  • https://www.playamo43.com/resources/images/favicon.png?1730910263198
Request Chain 50
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/941914539/?random=2027010844&cv=9&fst=1730910264404&num=1&label=NZfjCJuYhngQq_ORwQM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&ref=https%3A%2F%2Fwww.amocasino.com%2F&tiba=Engineering%20works&capi=1&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCKXGsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIj8nMm4_IiQMVwZb9Bx3tOxYqMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3d3dy5wbGF5YW1vNDMuY29tLw HTTP 302
  • https://www.google.com/pagead/1p-conversion/941914539/?random=2027010844&cv=9&fst=1730910264404&num=1&label=NZfjCJuYhngQq_ORwQM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&ref=https%3A%2F%2Fwww.amocasino.com%2F&tiba=Engineering%20works&capi=1&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCKXGsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIj8nMm4_IiQMVwZb9Bx3tOxYqMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3d3dy5wbGF5YW1vNDMuY29tLw&is_vtc=1&cid=CAQSGwCa7L7dDiyYi3le2ez-wVoOICG4dQxlDihjQA&random=4015102584&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.pl/pagead/1p-conversion/941914539/?random=2027010844&cv=9&fst=1730910264404&num=1&label=NZfjCJuYhngQq_ORwQM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&ref=https%3A%2F%2Fwww.amocasino.com%2F&tiba=Engineering%20works&capi=1&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCKXGsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIj8nMm4_IiQMVwZb9Bx3tOxYqMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3d3dy5wbGF5YW1vNDMuY29tLw&is_vtc=1&cid=CAQSGwCa7L7dDiyYi3le2ez-wVoOICG4dQxlDihjQA&random=4015102584&resp=GooglemKTybQhCsO&ipr=y
Request Chain 74
  • https://a.sportradarserving.com/pixel?type=js&aid=1076&id=1393 HTTP 302
  • https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1076&id=1393
Request Chain 75
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10545.ZyjrkXicWMf6SYV9323oexnCZxA45lXbJXhFGMU_0W22aF0eZkQ7Z-bc_JRQnKyM.8-DBB_YV3B9BYfKnJjV9vjY0vY0%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10545.7Dpv6r1Epeug183yHuUDXHsx7WwElXk8JUmEn-IC7VVNFL2qjLOPCPXfpOdd439M65DikstsmrAnCLh-WFaoAKQxUNyTQJsCEKH32oKonYQj_nBBi4c0--19ttIgLVbZqmogIeZIAJQSoPKX-JAbR-pEAqTbzmHPO32JFBHeuKKT5l7PapBkG5GmdnRRBtaVYDU1WIA51FHb12sVzBz3aJwHdq-XJWSNc27zDWhBz1U%2C.HQgdl2lwqvx-HIiIKnp0dv-TLHQ%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10545.kAYEHXJrQMvcy5Dr3OrZH7h7US3e7UviGlfOZfdKVUqVZl4BU5gJBKd2474xjcHiR9auLnhDY-gctzssE3IIV5s-3iXJxsdzoTM_MlyQGy9U-6__3-TjWbaYRAmlVE8s_Bc371dWDeBieaDXm0JSu8MrxJA-OhTbAIwpVbzlNEB7IHWbOfP-qSt_cUiyiGhEYeLbhCUKVdl_JjskiRabAg%2C%2C.z3juNm8uFhRRKElGDe4Dfa6vUrM%2C
Request Chain 83
  • https://mc.yandex.com/watch/50376523?wmode=7&page-url=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&page-ref=https%3A%2F%2Fwww.amocasino.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7vbqe2af1cw8x5fzqg6ef7wk4uz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Apl-PL%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A1617301592974%3Ahid%3A196611312%3Az%3A60%3Ai%3A20241106172425%3Aet%3A1730910266%3Ac%3A1%3Arn%3A214382202%3Arqn%3A1%3Au%3A1730910266817486686%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A692%3Ads%3A0%2C0%2C97%2C41%2C101%2C0%2C%2C4%2C0%2C794%2C795%2C0%2C245%3Aco%3A0%3Acpf%3A1%3Ans%3A1730910263394%3Agi%3AR0ExLjEuMTQ3MzMxOTM4OC4xNzMwOTEwMjY0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1730910266%3At%3AEngineering%20works&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3179268)ti(1) HTTP 302
  • https://mc.yandex.com/watch/50376523/1?wmode=7&page-url=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&page-ref=https%3A%2F%2Fwww.amocasino.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7vbqe2af1cw8x5fzqg6ef7wk4uz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Apl-PL%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A1617301592974%3Ahid%3A196611312%3Az%3A60%3Ai%3A20241106172425%3Aet%3A1730910266%3Ac%3A1%3Arn%3A214382202%3Arqn%3A1%3Au%3A1730910266817486686%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A692%3Ads%3A0%2C0%2C97%2C41%2C101%2C0%2C%2C4%2C0%2C794%2C795%2C0%2C245%3Aco%3A0%3Acpf%3A1%3Ans%3A1730910263394%3Agi%3AR0ExLjEuMTQ3MzMxOTM4OC4xNzMwOTEwMjY0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1730910266%3At%3AEngineering%20works&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283179268%29ti%281%29
Request Chain 85
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=e094269b-4810-405c-ab42-45c0025e1fc0&cb=5cb35fd6-8792-4fa7-a316-d87eae03d4ae HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=e094269b-4810-405c-ab42-45c0025e1fc0&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 86
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=e094269b-4810-405c-ab42-45c0025e1fc0&cb=af94b1f5-d929-4cd4-a8c2-806f7bfe2e6e HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=&gdpr=&gdpr_consent=&us_privacy=
Request Chain 87
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=e094269b-4810-405c-ab42-45c0025e1fc0&cb=ffea4d45-6d97-4279-80a1-2b0216f44897 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=&gdpr=&gdpr_consent=&us_privacy=

89 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
0.07891491340181389
plastomanowak.pl/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plastomanowak.pl/0.07891491340181389
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.96.24.253 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver057149.home.pl
Software
IdeaWebServer/6.2.0 /
Resource Hash
6803eddc6e662960cbd5f33accba75ecde8b41b2017f9a478d1122ad236d5449

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 06 Nov 2024 16:24:21 GMT
server
IdeaWebServer/6.2.0
panel.png
plastomanowak.pl/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plastomanowak.pl/panel.png
Requested by
Host: plastomanowak.pl
URL: https://plastomanowak.pl/0.07891491340181389
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.96.24.253 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver057149.home.pl
Software
IdeaWebServer/6.2.0 /
Resource Hash
cec55db9de978f3d5951140558d1b154da6d7d9c41a38944f8b57dcd00c21b03

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://plastomanowak.pl/0.07891491340181389

Response headers

content-length
1650
date
Wed, 06 Nov 2024 16:24:22 GMT
content-type
image/png
last-modified
Mon, 21 Nov 2011 16:41:03 GMT
server
IdeaWebServer/6.2.0
pl.png
plastomanowak.pl/i/ 		406 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plastomanowak.pl/i/pl.png
Requested by
Host: plastomanowak.pl
URL: https://plastomanowak.pl/0.07891491340181389
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.96.24.253 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver057149.home.pl
Software
IdeaWebServer/6.2.0 /
Resource Hash
6f23286e875ba2d576ccc66befac0a86cd7406c22ca90281c535dc318fe77d17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://plastomanowak.pl/0.07891491340181389

Response headers

content-length
406
date
Wed, 06 Nov 2024 16:24:22 GMT
content-type
image/png
last-modified
Mon, 14 Mar 2011 13:04:10 GMT
server
IdeaWebServer/6.2.0
en.png
plastomanowak.pl/i/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plastomanowak.pl/i/en.png
Requested by
Host: plastomanowak.pl
URL: https://plastomanowak.pl/0.07891491340181389
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.96.24.253 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver057149.home.pl
Software
IdeaWebServer/6.2.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://plastomanowak.pl/0.07891491340181389

Response headers

content-length
1620
date
Wed, 06 Nov 2024 16:24:22 GMT
content-type
image/png
last-modified
Mon, 14 Mar 2011 13:04:06 GMT
server
IdeaWebServer/6.2.0
Facebook-icon.png
icons.iconarchive.com/icons/hopstarter/social-networking/256/ 		0
0
Twitter-icon.png
icons.iconarchive.com/icons/hopstarter/social-networking/256/ 		0
0
Google-plus-icon.png
icons.iconarchive.com/icons/designbolts/3d-social/256/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icons.iconarchive.com/icons/designbolts/3d-social/256/Google-plus-icon.png
Requested by
Host: plastomanowak.pl
URL: https://plastomanowak.pl/0.07891491340181389
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://plastomanowak.pl/

Response headers

cf-cache-status
HIT
etag
"63e222f7-169a"
age
6928
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CulJ5Mh0TJsozQHZvQScgzsD0Ut4dwoeQtsi9mgWZcJWjsElHMkcQohqOntk3gwE4%2FkM%2BllV%2FhmNK33XipUNtgN308EcpG9Qyjc1NJ6TmVmAOq9nIPbac1WIEVhFLuUUq7mSkvDn5B4%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=52769&sent=6&recv=12&lost=0&retrans=0&sent_bytes=3937&recv_bytes=2414&delivery_rate=74741&cwnd=253&unsent_bytes=0&cid=76ac95cda9566d13&ts=80&x=0"
date
Wed, 06 Nov 2024 16:24:22 GMT
content-type
image/png
last-modified
Tue, 07 Feb 2023 10:07:51 GMT
vary
Accept-Encoding
cache-control
max-age=5356800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8de66ef4de5a035a-CDG
accept-ranges
bytes
content-length
5786
server
cloudflare
diggit.png
www2.thetasgroup.com/images/products/PME%20Graphics/Users/Suzanne/Favorites/Downloads/somacro/ 		0
0
reddit.png
www2.thetasgroup.com/images/products/PME%20Graphics/Users/Suzanne/Favorites/Downloads/somacro/ 		0
0
linkedin.png
www2.thetasgroup.com/images/products/PME%20Graphics/Users/Suzanne/Favorites/Downloads/somacro/ 		0
0
pinterest.png
www2.thetasgroup.com/images/products/PME%20Graphics/Users/Suzanne/Favorites/Downloads/somacro/ 		0
0
stumbleupon.png
www2.thetasgroup.com/images/products/PME%20Graphics/Users/Suzanne/Favorites/Downloads/somacro/ 		0
0
email.png
www2.thetasgroup.com/images/products/PME%20Graphics/Users/Suzanne/Favorites/Downloads/somacro/ 		0
0
b-czytaj.png
plastomanowak.pl/i/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plastomanowak.pl/i/b-czytaj.png
Requested by
Host: plastomanowak.pl
URL: https://plastomanowak.pl/0.07891491340181389
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.96.24.253 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver057149.home.pl
Software
IdeaWebServer/6.2.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://plastomanowak.pl/0.07891491340181389

Response headers

content-length
4271
date
Wed, 06 Nov 2024 16:24:22 GMT
content-type
image/png
last-modified
Mon, 14 Mar 2011 13:04:03 GMT
server
IdeaWebServer/6.2.0
firma.jpg
plastomanowak.pl/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plastomanowak.pl/firma.jpg
Requested by
Host: plastomanowak.pl
URL: https://plastomanowak.pl/0.07891491340181389
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.96.24.253 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver057149.home.pl
Software
IdeaWebServer/6.2.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://plastomanowak.pl/0.07891491340181389

Response headers

content-length
137132
date
Wed, 06 Nov 2024 16:24:22 GMT
content-type
image/jpeg
last-modified
Mon, 10 Jun 2013 12:52:15 GMT
server
IdeaWebServer/6.2.0
blank.gif
asset.zcache.com/assets/graphics/design/err/
Redirect Chain
  • https://rlv.zcache.fr/etiquette_texte_blanc_noir_de_coutume_de_maths_dalgebre-r14d61f65ebdd40e8828ab7c7478c5ce2_v113i_8byvr_307.jpg
  • https://asset.zcache.com/assets/graphics/design/err/blank.gif
49 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.zcache.com/assets/graphics/design/err/blank.gif
Protocol
H2
Server
151.101.192.241 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://plastomanowak.pl/

Response headers

age
475744
x-content-type-options
nosniff
x-cache
HIT
date
Wed, 06 Nov 2024 16:24:22 GMT
content-type
image/gif
last-modified
Wed, 14 Aug 2019 00:26:42 GMT
x-served-by
cache-fra-eddf8230100-FRA
x-cache-hits
36
x-frame-options
DENY
strict-transport-security
max-age=31557600
cache-control
public,max-age=31536000,immutable
x-timer
S1730910262.473682,VS0,VE0
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
nncoection
close
content-length
49
x-xss-protection
1; mode=block

Redirect headers

strict-transport-security
max-age=31557600
cache-control
private
location
https://asset.zcache.com/assets/graphics/design/err/blank.gif
x-timer
S1730910262.245068,VS0,VE171
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache
MISS, MISS, MISS
content-length
178
x-xss-protection
1; mode=block
date
Wed, 06 Nov 2024 16:24:22 GMT
content-type
text/html; charset=utf-8
x-served-by
cache-sjc1000089-SJC, cache-sjc10056-SJC, cache-fra-eddf8230100-FRA
x-frame-options
SAMEORIGIN
2147006-M.jpg
covers.openlibrary.org/w/id/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covers.openlibrary.org/w/id/2147006-M.jpg
Requested by
Host: plastomanowak.pl
URL: https://plastomanowak.pl/0.07891491340181389
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.241.234.146 , United States, ASN7941 (INTERNET-ARCHIVE, US),
Reverse DNS
ol-covers0.us.archive.org
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://plastomanowak.pl/

Response headers

access-control-max-age
86400
access-control-allow-method
GET, OPTIONS
cache-control
public
etag
"2147006-m"
expires
Fri, 13 Oct 2124 16:24:23 GMT
access-control-allow-origin
*
date
Wed, 06 Nov 2024 16:24:23 GMT
content-type
image/jpeg
last-modified
Fri, 01 Jan 2010 00:00:00 GMT
server
nginx/1.18.0 (Ubuntu)
style.css
plastomanowak.pl/ 		0
0
jquery.fancybox-1.3.4.css
plastomanowak.pl/fancybox/ 		0
0
read.html
books.odintara.com/ 		0
0
b070aa70
www.amocasino.com/refer/
Redirect Chain
  • http://books.odintara.com:1080/read.html?keyword=0.07891491340181389&se=12-27-08-2019-5&ur=1&default_keyword=0.07891491340181389&HTTP_REFERER=http://plastomanowak.pl/0.07891491340181389
  • https://books.odintara.com:1080/read.html?keyword=0.07891491340181389&se=12-27-08-2019-5&ur=1&default_keyword=0.07891491340181389&HTTP_REFERER=http://plastomanowak.pl/0.07891491340181389
  • http://books.odintara.com:1080/read.html?keyword=0.07891491340181389&se=12-27-08-2019-5&ur=1&default_keyword=0.07891491340181389&HTTP_REFERER=http://plastomanowak.pl/0.07891491340181389
  • https://www.amocasino.com/refer/b070aa70
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.amocasino.com/refer/b070aa70
Requested by
Host: plastomanowak.pl
URL: https://plastomanowak.pl/0.07891491340181389
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c61d502dffaecc8587cf931a276c09ee10fd8bcea3b2706e87c9b16bb288111b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
8de66ef7f8c6352e-WAW
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 06 Nov 2024 16:24:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ic8L6b0kLAElj9elpyOAUZnGq0o4ns9k4Z8iRotAYETijajh75oCjJf74e0XUcY9pFAUxH5%2BLPaIIb68e7B%2B9VKzjRbcn6hxYtyFx4gmgpTpFyEo136W9J2AJNf12RV0gpf5Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

Connection
keep-alive
Date
Wed, 06 Nov 2024 16:24:22 GMT
Location
https://www.amocasino.com/refer/b070aa70
Server
nginx
Transfer-Encoding
chunked
favicon.png
www.playamo43.com/resources/images/
Redirect Chain
  • https://playamo43.com/resources/images/favicon.png?1730910263198
  • https://www.playamo43.com/resources/images/favicon.png?1730910263198
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.playamo43.com/resources/images/favicon.png?1730910263198
Requested by
Host: www.amocasino.com
URL: https://www.amocasino.com/refer/b070aa70
Protocol
H2
Server
92.53.189.75 Alpharetta, United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
877a6cce9111c1ea6dd75bd15175798bed64fc6610185989cb009a878374008a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.amocasino.com/

Response headers

cache-control
public, max-age=14400
cf-cache-status
MISS
etag
"6724ef57-ded"
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de66ef9cd5cb614-WAW
expires
Wed, 06 Nov 2024 20:24:23 GMT
accept-ranges
bytes
content-length
3565
date
Wed, 06 Nov 2024 16:24:23 GMT
content-type
image/png
last-modified
Fri, 01 Nov 2024 15:10:15 GMT
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=3600
location
https://www.playamo43.com/resources/images/favicon.png?1730910263198
cf-ray
8de66ef97d02b614-WAW
expires
Wed, 06 Nov 2024 17:24:23 GMT
content-length
167
date
Wed, 06 Nov 2024 16:24:23 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
Primary Request b070aa70
www.playamo43.com/refer/
Redirect Chain
  • https://playamo43.com/refer/b070aa70?__layerref=
  • https://www.playamo43.com/refer/b070aa70?__layerref=
81 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.playamo43.com/refer/b070aa70?__layerref=
Requested by
Host: www.amocasino.com
URL: https://www.amocasino.com/refer/b070aa70
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.53.189.75 Alpharetta, United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f1115f7c039ea15797b51d29a828653df023c6185883a2b49abf4ad9955b14d

Request headers

Referer
https://www.amocasino.com/refer/b070aa70
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8de66efaeb59bf7b-WAW
content-encoding
gzip
content-type
text/html
date
Wed, 06 Nov 2024 16:24:23 GMT
etag
W/"666b10e3-143de"
server
cloudflare

Redirect headers

cache-control
max-age=3600
cf-ray
8de66efaaafcbf7b-WAW
content-length
167
content-type
text/html
date
Wed, 06 Nov 2024 16:24:23 GMT
expires
Wed, 06 Nov 2024 17:24:23 GMT
location
https://www.playamo43.com/refer/b070aa70?__layerref=
server
cloudflare
vary
Accept-Encoding
css2
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&display=swap
Requested by
Host: www.playamo43.com
URL: https://www.playamo43.com/refer/b070aa70?__layerref=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
3edf2fef0f171ba86eaee753895263a6b2e6411f94e137a430255551c430c876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 16:24:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 16:24:24 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 06 Nov 2024 15:44:11 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
gtm.js
www.googletagmanager.com/ 		272 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NDBKPJC
Requested by
Host: www.playamo43.com
URL: https://www.playamo43.com/refer/b070aa70?__layerref=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
86dca70705b5d6101e60ad3d29491a24ad6d5bedac098360038d69f02754cd6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 06 Nov 2024 16:24:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 16:24:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 06 Nov 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
91354
x-xss-protection
0
server
Google Tag Manager
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
117082b60ce49dc625ce4ee3b24a0af5eff5e15dab38c3fa3eec9c19246f1b0b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		43 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a9f2886e93ba0b62f58f90de7ef58bdf9930d0c7a86f5fcdfe90ac41f28d56c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5Xw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
9514372ab8ac313ea8019966fdcfe91b201c3aa69f92de8346ab34af461bbad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.playamo43.com
Referer
https://fonts.googleapis.com/

Response headers

age
2606
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:40:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:40:58 GMT
last-modified
Wed, 18 Oct 2023 17:53:05 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
21140
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/ 		304 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PW8346TCN0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDBKPJC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b878124b5a7c9acc0a482090b9adf375475a765346b5486abf482385509318d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 06 Nov 2024 16:24:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 16:24:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
105395
x-xss-protection
0
server
Google Tag Manager
conversion.js
www.googleadservices.com/pagead/ 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDBKPJC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
af5c27d91a8b814351b6522aa17a23a709545f11cdbc953cb0d452280e5d3b0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

content-encoding
br
etag
13730477501505533595
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 16:24:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 06 Nov 2024 16:24:24 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
20911
x-xss-protection
0
server
cafe
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: plastomanowak.pl
URL: https://plastomanowak.pl/0.07891491340181389
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
55270971fdc4172d5cbba95dadd779074eadb9c50bf16c2b3253ccc6bc8fc363
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-16KKYqFE' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 16:24:24 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-16KKYqFE' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4434, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
v8z0qbMnXKDTYdKA+pKxgNNttAUH+zvXte7jBoiiVpYUT+piYAWWE6se9IlNgxeQqMAHhAR+Y+3wd2PUETMAkw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62086
x-xss-protection
0
origin-agent-cluster
?1
analytics.min.js
cdn.segment.com/analytics.js/v1/ucwzAeMBA3KNf6RK7cWhPUuRkVESWysU/ 		106 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/ucwzAeMBA3KNf6RK7cWhPUuRkVESWysU/analytics.min.js
Requested by
Host: plastomanowak.pl
URL: https://plastomanowak.pl/0.07891491340181389
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e59616d3d5e69bfba586b1482ad43eddf60404f7645041e764f60ba071b1415

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

access-control-max-age
3000
content-encoding
br
x-amz-version-id
MQ9sauOCLBWhsAeu4dt.RWwEh4YDUtdv
etag
W/"1d2c277834e537c9403ca3e6627d8fe7"
age
14
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
nzN1MqxwLX5A4sLkucUnfxkkezm2ktSvCYl5xq7za5q9TaO-oYKmoA==
date
Wed, 06 Nov 2024 16:24:14 GMT
content-type
text/javascript; charset=utf-8
vary
accept-encoding
last-modified
Tue, 05 Nov 2024 18:28:00 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=120
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA6-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
cooladata-latest.min.js
cdn.cooladata.com/tracking/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cooladata.com/tracking/cooladata-latest.min.js
Requested by
Host: plastomanowak.pl
URL: https://plastomanowak.pl/0.07891491340181389
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.64 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95cd3e5597b8644d0284aa92f248141c5d5b3d4f0a1832714ee87df97e585362

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

Content-Encoding
gzip
ETag
"89650b982e86954d0c92046b6731f0ec"
Age
14216
X-Cache
HIT
Date
Wed, 06 Nov 2024 16:24:24 GMT
Last-Modified
Sun, 19 Feb 2023 11:30:28 GMT
X-Served-By
cache-fra-eddf8230061-FRA
X-Cache-Hits
96
Content-Type
application/javascript
x-amz-id-2
nWvQl0pa1yW3OcmdYzHACF0SPHxI6liFVTOnkUeOkWaEeWJfXlf7S0/jmsSsBXCve2OBIFKtEMWb9GJep5rfng==
Vary
Accept-Encoding
Cache-Control
max-age=86400
X-Timer
S1730910264.340576,VS0,VE0
Connection
keep-alive
Via
1.1 varnish
x-amz-request-id
WTGTR2ND9SGKJAT0
Accept-Ranges
bytes
Content-Length
5321
Server
AmazonS3
tag-manager.js
tm.ads.sportradar.com/dist/ 		304 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAAP
Requested by
Host: plastomanowak.pl
URL: https://plastomanowak.pl/0.07891491340181389
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.76.204.35 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-76-204-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
595d29ee87385e73dd279920931ae150ee80675b4525092f0b20253639d7badc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

cache-control
max-age=900, public
content-encoding
gzip
apigw-requestid
A1S47g73joEEMNg=
content-length
32051
date
Wed, 06 Nov 2024 16:24:24 GMT
content-type
application/javascript
content-disposition
inline
vary
Accept-Encoding
gtr.min.js
dsp-media.eskimi.com/assets/js/e/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.3
Requested by
Host: plastomanowak.pl
URL: https://plastomanowak.pl/0.07891491340181389
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
4e687af4507ee911e92498208c154c59437d0ee76ae1c07cfebe4f056415e095
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"66fac420-13b3"
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 23:25:22 GMT
date
Wed, 06 Nov 2024 16:24:24 GMT
last-modified
Mon, 30 Sep 2024 15:30:40 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
10/15/2024 23:25:22
cache-control
public, max-age=31536000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
cdn-requestid
c644fd040701bdedd25a05b3c751f384
cdn-pullzone
692289
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
1080
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
PL
favicon.ico
www.playamo43.com/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.playamo43.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
92.53.189.75 Alpharetta, United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
877a6cce9111c1ea6dd75bd15175798bed64fc6610185989cb009a878374008a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/refer/b070aa70?__layerref=

Response headers

cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6724ef57-ded"
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de66eff79c3bf7b-WAW
expires
Wed, 06 Nov 2024 20:24:24 GMT
date
Wed, 06 Nov 2024 16:24:24 GMT
content-type
image/x-icon
last-modified
Fri, 01 Nov 2024 15:10:15 GMT
vary
Accept-Encoding
server
cloudflare
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-PW8346TCN0&gtm=45je4au0v889780706z877850914za200zb77850914&_p=1730910263625&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=1473319388.1730910264&ul=pl-pl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730910264&sct=1&seg=0&dl=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&dr=https%3A%2F%2Fwww.amocasino.com%2F&dt=Engineering%20works&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=964
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PW8346TCN0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.playamo43.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 16:24:24 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
547 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PW8346TCN0&cid=1473319388.1730910264&gtm=45je4au0v889780706z877850914za200zb77850914&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101878899~101878944~101925629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PW8346TCN0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.playamo43.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 16:24:24 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.pl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.pl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PW8346TCN0&cid=1473319388.1730910264&gtm=45je4au0v889780706z877850914za200zb77850914&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&tag_exp=101823848~101878899~101878944~101925629&z=734635731
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 06 Nov 2024 16:24:24 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-PW8346TCN0&gtm=45je4au0v889780706z877850914za200zb77850914&_p=1730910263625&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=1473319388.1730910264&ul=pl-pl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1730910264&sct=1&seg=0&dl=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&dr=https%3A%2F%2Fwww.amocasino.com%2F&dt=Engineering%20works&en=country-blocked&_et=5&tfd=980
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PW8346TCN0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.playamo43.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 16:24:24 GMT
content-type
text/plain
server
Golfe2
708239896010429
connect.facebook.net/signals/config/ 		70 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/708239896010429?v=2.9.176&r=stable&domain=www.playamo43.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
2cedbeb16dea6cdefccbc5fa4f414adf3dd02c8d8157413439530cd9130f00c3
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-McbPWwUR' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 16:24:24 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-McbPWwUR' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=76, mss=1232, tbw=70833, tp=67, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
AHk9GiBLPPJASdwwIuM61QZrWX8/077pJeXmp4u02UJZ9UlyawHbH7vTFd040jjNT/pV81Iw+rYW7w3utwVuew==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
14940
x-xss-protection
0
origin-agent-cluster
?1
/
www.googleadservices.com/pagead/conversion/941914539/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/941914539/?random=1730910264404&cv=9&fst=1730910264404&num=1&label=NZfjCJuYhngQq_ORwQM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&ref=https%3A%2F%2Fwww.amocasino.com%2F&tiba=Engineering%20works&capi=1&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
d373b55bcb9f16c87adf7214410f7307192323d2316912bfef4e01b6e940a4e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2528
date
Wed, 06 Nov 2024 16:24:24 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
js
track.trackingtraffo.com/pixel/ 		488 B
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.trackingtraffo.com/pixel/js?auth=61xumap&event=visit&uid=undefined&tid={TRANSACTION_ID}&cur={CURRENCY}&amount=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDBKPJC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.214.206.32 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6c519c62d924b9dd479634a9847ce22009b77ae6b762ab272d7c5267d98a14c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Sat, 01 Jan 2000 00:00:00 GMT
Access-Control-Allow-Origin
*
Content-Length
488
Date
Wed, 06 Nov 2024 16:24:24 GMT
Content-Type
text/javascript
Server
nginx/1.18.0 (Ubuntu)
rt
ads.trafficjunky.net/ 		43 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.trafficjunky.net/rt?action=list&type=add&id=notregistered&context=playamo&cookiename=notregistered&age=262800&maxcookiecount=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.254.114.154 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
reflectededge.reflected.net
Software
openresty /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

access-control-max-age
86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET,POST
expires
Sun, 22 Jan 1984 03:00:00 GMT
access-control-allow-origin
*
content-length
43
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
date
Wed, 06 Nov 2024 16:24:24 GMT
content-type
image/gif
server
openresty
access-control-allow-headers
Content-Type
__cool.gif
api.cooladata.com/egw/5/ml8omk6vx7op8wh16kt5leezp6vm32gq/track/ 		0
0
settings
cdn.segment.com/v1/projects/ucwzAeMBA3KNf6RK7cWhPUuRkVESWysU/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/ucwzAeMBA3KNf6RK7cWhPUuRkVESWysU/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ucwzAeMBA3KNf6RK7cWhPUuRkVESWysU/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18fbbc34ad30457bea9e752dd41bbdb455b32814ba1ce94f0fb4ca79be532045

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

access-control-max-age
3000
content-encoding
br
x-amz-version-id
a33DfXz4hE5HePz7gFP1bOmboT.7lMSj
etag
W/"1df2aa6f8de30574bcf8fcd7bd4c6331"
age
686
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
uRwWPfKtpBwwuyPpEQG6OFFI2fqgD0k585kF9CcDi5baiZeYl6X57w==
date
Wed, 06 Nov 2024 16:12:59 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
last-modified
Thu, 25 Jul 2024 18:43:19 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=10800
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA6-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
4565082360183930
connect.facebook.net/signals/config/ 		28 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/4565082360183930?v=2.9.176&r=stable&domain=www.playamo43.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
6475757d52d7535c5b478c4ca6ab1cad13ab0ae14df390d9277b41a49f798905
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-LPOkZa1Z' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 16:24:24 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-LPOkZa1Z' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=90, mss=1232, tbw=86865, tp=83, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
pw/KQ1X/8pLL7gWkvWV53AwN3MV/cGckaKpTew9qvuyBmgP3L8zIYeNIBVEDmzrkzPQQLLec9H1tKdczYwYWgQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
4611
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=708239896010429&ev=Lead&dl=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&rl=https%3A%2F%2Fwww.amocasino.com%2F&if=false&ts=1730910264475&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730910264473.793548009652654484&ler=other&cdl=API_unavailable&it=1730910264400&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
MODERATE; q=0.3, rtt=416, rtx=0, c=12, mss=1317, tbw=3383, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 06 Nov 2024 16:24:25 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=708239896010429&ev=Lead&dl=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&rl=https%3A%2F%2Fwww.amocasino.com%2F&if=false&ts=1730910264475&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730910264473.793548009652654484&ler=other&cdl=API_unavailable&it=1730910264400&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7434202981126452093"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x767d164c760d1a98","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["1489952087763110"]},"debug_reporting":true,"debug_key":"4167571518145011447"}
date
Wed, 06 Nov 2024 16:24:25 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
SOpsuffAg+uS3oSrStGHX0lK5cJPmltkep1CImp4XppTxa4ZJiQ+x09w8El6WFOC3hnJ1NbJvP26BpdYIrL8iQ==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7434202981126452093", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
MODERATE; q=0.3, rtt=187, rtx=0, c=12, mss=1317, tbw=3685, tp=-1, tpl=-1, uplat=172, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=708239896010429&ev=Purchase&dl=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&rl=https%3A%2F%2Fwww.amocasino.com%2F&if=false&ts=1730910264478&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=12318&fbp=fb.1.1730910264473.793548009652654484&ler=other&cdl=API_unavailable&it=1730910264400&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
MODERATE; q=0.3, rtt=683, rtx=0, c=10, mss=1317, tbw=2930, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 06 Nov 2024 16:24:25 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=708239896010429&ev=Purchase&dl=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&rl=https%3A%2F%2Fwww.amocasino.com%2F&if=false&ts=1730910264478&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=12318&fbp=fb.1.1730910264473.793548009652654484&ler=other&cdl=API_unavailable&it=1730910264400&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7434202981875941942"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xfdf4549f5c300052","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["1737425362943643"]},"debug_reporting":true,"debug_key":"1401161566345235253"}
date
Wed, 06 Nov 2024 16:24:25 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
97SMNXt14jjUS6HIlgVcepMwIVWxxT+QgcRKrgkDA3oDuFk3BaLqibIZCIZw77TXqxOlAWEScSyfRJAICM69cg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7434202981875941942", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
MODERATE; q=0.3, rtt=187, rtx=0, c=12, mss=1317, tbw=7582, tp=-1, tpl=-1, uplat=173, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.google.pl/pagead/1p-conversion/941914539/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/941914539/?random=2027010844&cv=9&fst=1730910264404&num=1&label=NZfjCJuYhngQq_ORwQM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C46...
  • https://www.google.com/pagead/1p-conversion/941914539/?random=2027010844&cv=9&fst=1730910264404&num=1&label=NZfjCJuYhngQq_ORwQM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u...
  • https://www.google.pl/pagead/1p-conversion/941914539/?random=2027010844&cv=9&fst=1730910264404&num=1&label=NZfjCJuYhngQq_ORwQM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_...
42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.pl/pagead/1p-conversion/941914539/?random=2027010844&cv=9&fst=1730910264404&num=1&label=NZfjCJuYhngQq_ORwQM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&ref=https%3A%2F%2Fwww.amocasino.com%2F&tiba=Engineering%20works&capi=1&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCKXGsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIj8nMm4_IiQMVwZb9Bx3tOxYqMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3d3dy5wbGF5YW1vNDMuY29tLw&is_vtc=1&cid=CAQSGwCa7L7dDiyYi3le2ez-wVoOICG4dQxlDihjQA&random=4015102584&resp=GooglemKTybQhCsO&ipr=y
Protocol
H2
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 06 Nov 2024 16:24:25 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.pl/pagead/1p-conversion/941914539/?random=2027010844&cv=9&fst=1730910264404&num=1&label=NZfjCJuYhngQq_ORwQM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&ref=https%3A%2F%2Fwww.amocasino.com%2F&tiba=Engineering%20works&capi=1&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCKXGsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIj8nMm4_IiQMVwZb9Bx3tOxYqMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3d3dy5wbGF5YW1vNDMuY29tLw&is_vtc=1&cid=CAQSGwCa7L7dDiyYi3le2ez-wVoOICG4dQxlDihjQA&random=4015102584&resp=GooglemKTybQhCsO&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 06 Nov 2024 16:24:25 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=708239896010429&ev=PageView&dl=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&rl=https%3A%2F%2Fwww.amocasino.com%2F&if=false&ts=1730910264528&sw=1600&sh=1200&v=2.9.176&r=stable&ec=2&o=12318&fbp=fb.1.1730910264473.793548009652654484&ler=other&cdl=API_unavailable&it=1730910264400&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
MODERATE; q=0.3, rtt=416, rtx=0, c=12, mss=1317, tbw=3383, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 06 Nov 2024 16:24:25 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=708239896010429&ev=PageView&dl=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&rl=https%3A%2F%2Fwww.amocasino.com%2F&if=false&ts=1730910264528&sw=1600&sh=1200&v=2.9.176&r=stable&ec=2&o=12318&fbp=fb.1.1730910264473.793548009652654484&ler=other&cdl=API_unavailable&it=1730910264400&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7434202980747918594"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 16:24:25 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
S/ByW+fgy7znb6/ob9yFIL0jIrqJADiCc0dikSPNElr/TCyrMu3zg6ArZdiAIgsfcOZj9QTskiXVrS6/72RpAw==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7434202980747918594", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
MODERATE; q=0.3, rtt=187, rtx=0, c=12, mss=1317, tbw=8709, tp=-1, tpl=-1, uplat=194, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=4565082360183930&ev=PageView&dl=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&rl=https%3A%2F%2Fwww.amocasino.com%2F&if=false&ts=1730910264529&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730910264473.793548009652654484&ler=other&cdl=API_unavailable&it=1730910264400&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
MODERATE; q=0.3, rtt=416, rtx=0, c=12, mss=1317, tbw=3522, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 06 Nov 2024 16:24:25 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=4565082360183930&ev=PageView&dl=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&rl=https%3A%2F%2Fwww.amocasino.com%2F&if=false&ts=1730910264529&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730910264473.793548009652654484&ler=other&cdl=API_unavailable&it=1730910264400&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7434202982474650649"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 16:24:25 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
roRgUmQ+wUG6I0WmSXtwiN1V1DG+LmodWXNPMNT/VNyNa7Ie8USqlnc/kDvWRgJ0qs1avJQSSCUXLo5KPIi6Dg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7434202982474650649", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
MODERATE; q=0.3, rtt=187, rtx=0, c=12, mss=1317, tbw=9676, tp=-1, tpl=-1, uplat=198, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
ajs-destination.bundle.ed53a26b6edc80c65d73.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ucwzAeMBA3KNf6RK7cWhPUuRkVESWysU/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
x-amz-version-id
7HrcoEDii4CJjqNCahwryaG4L.vk9kns
age
4210613
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
y6_4IYteSf0dL26KsPFm2TEo1whASMIn3V-UpSCFT3bzQi023BDZxg==
date
Wed, 18 Sep 2024 22:47:32 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Wed, 18 Sep 2024 22:21:40 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA6-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ucwzAeMBA3KNf6RK7cWhPUuRkVESWysU/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"3867b2388b619ff7fddc29ef359fc9aa"
x-amz-version-id
u16VcQlfwBtHRZyWZ3J5lA.kF3ts0Fc8
age
4374774
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
lYuF-VRS4bVY0YpXAqsR62VuiyDNilwgjrKxBWeRFUdCqxkAS76W-w==
date
Tue, 17 Sep 2024 01:11:31 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 16 Sep 2024 16:03:18 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA6-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
google-analytics.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ucwzAeMBA3KNf6RK7cWhPUuRkVESWysU/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86685e191878d9ecfd30ed1fe63cbb783bf9151607e9996342d64977013e3cff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"6a3ed21f9b6777c0c37e6e248ea22387"
x-amz-version-id
jiinLnhNKtSMsrpHvOzN4SxprXBvOKZw
age
2968350
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
diIdjT2xp0Lb0T7jGXZlHKln8KR7KmHdSXysQU559VxWhdEPX_MfCg==
date
Thu, 03 Oct 2024 07:51:55 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 11:20:16 GMT
cache-control
public,max-age=31536000,immutable
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
4743
x-amz-cf-pop
FRA6-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
hotjar.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/hotjar/1.4.0/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/hotjar/1.4.0/hotjar.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ucwzAeMBA3KNf6RK7cWhPUuRkVESWysU/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f054b3bfb110ccb041427844303cf90a427cbc48359cc21c44670db59c29d18b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"b0cfd2e8e8967ad708b94773be4834a7"
x-amz-version-id
MZ.YSZERq0A220C3fEMPnFPsX5gFCKd9
age
2917195
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
h2kxg9JrYbt2GN8MHENI5BSYlq-YyUPGpkHEtXNyKpiW0yPHeTracA==
date
Thu, 03 Oct 2024 22:04:30 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 11:20:16 GMT
cache-control
public,max-age=31536000,immutable
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
1337
x-amz-cf-pop
FRA6-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
yandex-metrica.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/yandex-metrica/2.1.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/yandex-metrica/2.1.1/yandex-metrica.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ucwzAeMBA3KNf6RK7cWhPUuRkVESWysU/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9640a347fb4833655c4ee5a974d02dfa2561f332fdd8130bfac7183c98b486ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"ee8824f3de8548f954abf5c2111af6cf"
x-amz-version-id
aB8TPq.rC53LEQkoi8_lrnSoZbicYx6L
age
242773
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
JshjYVYx9BbWl1U5U0FhTS54eegQus34urWgHHRnskWLBIQwzfjv3Q==
date
Sun, 03 Nov 2024 20:58:12 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 11:20:17 GMT
cache-control
public,max-age=31536000,immutable
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
1266
x-amz-cf-pop
FRA6-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
p
api.segment.io/v1/ 		21 B
176 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ucwzAeMBA3KNf6RK7cWhPUuRkVESWysU/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.144.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-144-222.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.playamo43.com/

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.playamo43.com
content-length
21
date
Wed, 06 Nov 2024 16:24:25 GMT
content-type
application/json
vary
Origin
commons.a61d7bea37d2de5d4b69.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ucwzAeMBA3KNf6RK7cWhPUuRkVESWysU/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"c467a63b2e7c3a99be423ace649014d8"
x-amz-version-id
JPDEPREw8gYM0wgzX9n.pVdsRblNlmAD
age
978935
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
cuZHK5QjMGZyyJvf_lsapi3xIw_HQUFkRd0CdJ6ofxPTLX-uY2NPtw==
date
Sat, 26 Oct 2024 08:28:50 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 11:20:15 GMT
cache-control
public,max-age=31536000,immutable
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
21911
x-amz-cf-pop
FRA6-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
cssession
dsp-trk.eskimi.com/tracking/ 		2 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dsp-trk.eskimi.com/tracking/cssession?tst&id=22441&url=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&t=1730910264728
Requested by
Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.42.63.49 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

Transfer-Encoding
chunked
Access-Control-Allow-Origin
https://www.playamo43.com
Date
Wed, 06 Nov 2024 16:24:24 GMT
Content-Type
text/plain; charset=UTF-8
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
gtr
dsp-ap.eskimi.com/v2/ 		116 B
1010 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dsp-ap.eskimi.com/v2/gtr?id=22441&url=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&t=1730910264728
Requested by
Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.42.63.48 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
d4af01b0fa40565b15d2674b101aa23e22d861e578592d32432ff6c2a5b9738e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.playamo43.com
Date
Wed, 06 Nov 2024 16:24:24 GMT
Content-Type
application/json
Server
nginx
hotjar-1184496.js
static.hotjar.com/c/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1184496.js?sv=6
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/hotjar/1.4.0/hotjar.dynamic.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-51.fra56.r.cloudfront.net
Software
/
Resource Hash
2ccf5569542288230f7618e3f5a5ceb68435ff42a4d65e3bf564284f4e39ad5e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

content-encoding
br
etag
W/5def0b4b28f53daaf6debd26d407ef29
age
51
x-content-type-options
nosniff
x-cache-hit
1
x-cache
Hit from cloudfront
x-amz-cf-id
kQYYMlt87j2irG8rwtiE_MYcKUdzuZKi8sbW8YaGk831LHHym4RbWQ==
date
Wed, 06 Nov 2024 16:24:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P2
watch.js
mc.yandex.ru/metrika/ 		152 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548daca63b0812df9494af000ccf7d4eec2728ef65cd94ae6a1aec0e89ef860a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
etag
"6726238c-d779"
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Wed, 06 Nov 2024 17:24:25 GMT
access-control-allow-origin
*
content-length
55161
date
Wed, 06 Nov 2024 16:24:25 GMT
content-type
application/javascript
last-modified
Sat, 02 Nov 2024 13:05:16 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

content-encoding
gzip
age
3256
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 17:30:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:30:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
pixel
track.trackingtraffo.com/ 		0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.trackingtraffo.com/pixel?auth=61xumap&event=visit&uid=undefined&tid=%7BTRANSACTION_ID%7D&cur=%7BCURRENCY%7D&amount=0&site=www.playamo43.com&ln=pl-PL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.214.206.32 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Sat, 01 Jan 2000 00:00:00 GMT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Wed, 06 Nov 2024 16:24:24 GMT
Server
nginx/1.18.0 (Ubuntu)
p.js
my.rtmark.net/ 		697 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/p.js?f=sync&lr=1&partner=ce36175893678b8024ba53c2d1b21f2f6f4e6b42fcfdc7c2979973bfbb32f257
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDBKPJC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2867553d0e10415db453b2dc50a456db78b8dbebc8e69f42c3796ca818191ca9
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

access-control-expose-headers
Authorization
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rRPldnUtnJORwMCD3hf8zvtDrHOvpKC4VaXqwAcJA2RgSrOTyar0mG9ikKoXy60GcX1%2BsZtFCGSC2qNj9mi%2FH8G33B0Sau9f0Z3cv8vr04Iro5ov4UC7lV0Av%2FgP%2Fs46"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25796&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4142&recv_bytes=4427&delivery_rate=561&cwnd=12000&unsent_bytes=0&cid=30507ce97a38df5d&ts=137&x=1", cfHdrFlush;dur=0
date
Wed, 06 Nov 2024 16:24:25 GMT
content-type
text/javascript
last-modified
Wed, 06 Nov 2024 16:24:25 GMT
vary
Accept-Encoding
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
cache-control
max-age=14400
timing-allow-origin
*, *
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8de66f07fc03c063-WAW
access-control-allow-origin
*
server
cloudflare
tag.php
s.magsrv.com/ 		0
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.magsrv.com/tag.php?goal=98c7b9240c1c8a0b8791a104d8620cbf&stackUid=20241106162424219193
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.248 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ds03.evo.0x3e.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

Transfer-Encoding
chunked
X-Robots-Tag
noindex, follow
Content-Encoding
gzip
Date
Wed, 06 Nov 2024 16:24:25 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx
Connection
keep-alive
tag.php
s.opoxv.com/ 		0
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.opoxv.com/tag.php?goal=98c7b9240c1c8a0b8791a104d8620cbf&stackUid=20241106162424219301
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

Transfer-Encoding
chunked
X-Robots-Tag
noindex, follow
Content-Encoding
gzip
Date
Wed, 06 Nov 2024 16:24:25 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx
Connection
keep-alive
tag.php
s.pemsrv.com/ 		0
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pemsrv.com/tag.php?goal=98c7b9240c1c8a0b8791a104d8620cbf&stackUid=20241106162424219181
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

Transfer-Encoding
chunked
X-Robots-Tag
noindex, follow
Content-Encoding
gzip
Date
Wed, 06 Nov 2024 16:24:25 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx
Connection
keep-alive
tag.php
syndication.realsrv.com/ 		0
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.realsrv.com/tag.php?goal=98c7b9240c1c8a0b8791a104d8620cbf&stackUid=20241106162424219740
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

Transfer-Encoding
chunked
X-Robots-Tag
noindex, follow
Content-Encoding
gzip
Date
Wed, 06 Nov 2024 16:24:25 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx
Connection
keep-alive
tracker.js
tracker.ads.sportradar.com/dist/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.ads.sportradar.com/dist/tracker.js
Requested by
Host: tm.ads.sportradar.com
URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAAP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.76.204.35 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-76-204-35.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=900, public
content-encoding
gzip
etag
"235331a0761142ae4fd345cdf7c7f9ed"
accept-ranges
bytes
content-length
6405
x-amz-cf-id
fjGwoYCp_be8kKWaOdiGCLL9-r3EEF_H4Mtz0K81DhxGe6eFGXPUUw==
date
Wed, 06 Nov 2024 16:24:25 GMT
content-type
application/javascript
last-modified
Tue, 12 Sep 2023 08:33:19 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P6
x-amz-server-side-encryption
AES256
pixel
a.sportradarserving.com/ul_cb/
Redirect Chain
  • https://a.sportradarserving.com/pixel?type=js&aid=1076&id=1393
  • https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1076&id=1393
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1076&id=1393
Protocol
H2
Server
35.214.174.141 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
141.174.214.35.bc.googleusercontent.com
Software
/
Resource Hash
ddc0743ada0bc891e2ea02ca4442cb5bb5f3ff5e481bcefc8df3afebcc81cb50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1527
date
Wed, 06 Nov 2024 16:24:26 GMT
content-type
text/javascript; charset=UTF-8

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1076&id=1393
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 16:24:26 GMT
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10545.ZyjrkXicWMf6SYV9323oexnCZxA45lXbJXhFGMU_0W22aF0eZkQ7Z-bc_JRQnKyM.8-DBB_YV3B9BYfKnJjV9vjY0vY0%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10545.7Dpv6r1Epeug183yHuUDXHsx7WwElXk8JUmEn-IC7VVNFL2qjLOPCPXfpOdd439M65DikstsmrAnCLh-WFaoAKQxUNyTQJsCEKH32oKonYQj_nBBi4c0--19ttIgLVbZqmogIeZIAJ...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10545.kAYEHXJrQMvcy5Dr3OrZH7h7US3e7UviGlfOZfdKVUqVZl4BU5gJBKd2474xjcHiR9auLnhDY-gctzssE3IIV5s-3iXJxsdzoTM_MlyQGy9U-...
43 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10545.kAYEHXJrQMvcy5Dr3OrZH7h7US3e7UviGlfOZfdKVUqVZl4BU5gJBKd2474xjcHiR9auLnhDY-gctzssE3IIV5s-3iXJxsdzoTM_MlyQGy9U-6__3-TjWbaYRAmlVE8s_Bc371dWDeBieaDXm0JSu8MrxJA-OhTbAIwpVbzlNEB7IHWbOfP-qSt_cUiyiGhEYeLbhCUKVdl_JjskiRabAg%2C%2C.z3juNm8uFhRRKElGDe4Dfa6vUrM%2C
Protocol
H2
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
date
Wed, 06 Nov 2024 16:24:26 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10545.kAYEHXJrQMvcy5Dr3OrZH7h7US3e7UviGlfOZfdKVUqVZl4BU5gJBKd2474xjcHiR9auLnhDY-gctzssE3IIV5s-3iXJxsdzoTM_MlyQGy9U-6__3-TjWbaYRAmlVE8s_Bc371dWDeBieaDXm0JSu8MrxJA-OhTbAIwpVbzlNEB7IHWbOfP-qSt_cUiyiGhEYeLbhCUKVdl_JjskiRabAg%2C%2C.z3juNm8uFhRRKElGDe4Dfa6vUrM%2C
x-xss-protection
1; mode=block
date
Wed, 06 Nov 2024 16:24:26 GMT
advert.gif
mc.yandex.com/metrika/ 		43 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
etag
"6726238c-2b"
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Wed, 06 Nov 2024 17:24:25 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Wed, 06 Nov 2024 16:24:25 GMT
content-type
image/gif
last-modified
Sat, 02 Nov 2024 13:05:16 GMT
collect
www.google-analytics.com/j/ 		3 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=175492366&t=pageview&_s=1&dl=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&dr=https%3A%2F%2Fwww.amocasino.com%2F&dp=%2Frefer%2Fb070aa70&ul=pl-pl&de=UTF-8&dt=Engineering%20works&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACgCIAB~&jid=358373899&gjid=392968464&cid=1473319388.1730910264&tid=UA-135654019-1&_gid=318174833.1730910266&_r=1&_slc=1&z=1804908808
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.playamo43.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 16:24:25 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.playamo43.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
542418b2-ca13-4fc8-9753-38ece633fd15
tsyndicate.com/api/v1/retargeting/set/ 		43 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsyndicate.com/api/v1/retargeting/set/542418b2-ca13-4fc8-9753-38ece633fd15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.69.137.49 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.137.69.159.clients.your-server.de
Software
nginx /
Resource Hash
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

x-robots-tag
none, noindex, nofollow
cache-control
no-cache, no-store, no-transform, must-revalidate, no-transform
pragma
no-cache
x-api-version
1
report-to
{ "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
expires
0
content-length
43
date
Wed, 06 Nov 2024 16:24:26 GMT
content-type
image/gif
vary
*
server
nginx
unip
trc.taboola.com/1460267/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/1460267/log/3/unip?item-url=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&ref=https%3A%2F%2Fwww.amocasino.com%2F&en=playamo_notreg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Wed, 06 Nov 2024 16:24:26 GMT
content-type
image/gif
x-served-by
cache-fra-eddf8230127-FRA
x-cache-hits
0
cache-control
no-cache
x-fastly-to-nlb-rtt
55426
pragma
no-cache
x-timer
S1730910266.413903,VS0,VE57
x-vcl-time-ms
57
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-service-version
v1
server
nginx
metrika_match.html
mc.yandex.com/metrika/ Frame 24B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.playamo43.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1446
content-type
text/html
date
Wed, 06 Nov 2024 16:24:26 GMT
etag
"6726238c-5a6"
expires
Wed, 06 Nov 2024 17:24:26 GMT
last-modified
Sat, 02 Nov 2024 13:05:16 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
sp-3.8.0.js
tracker.ads.sportradar.com/dist// 		73 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.ads.sportradar.com/dist//sp-3.8.0.js
Requested by
Host: tracker.ads.sportradar.com
URL: https://tracker.ads.sportradar.com/dist/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.76.204.35 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-76-204-35.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=900, public
content-encoding
gzip
etag
"143272dddc33395008a84a86ac9c2e96"
accept-ranges
bytes
content-length
24162
x-amz-cf-id
Bmz6h_YsdSqSMXtRKEgtCqYLRYzp3qauZN6lj98MUUFrVoO_p9FVRA==
date
Wed, 06 Nov 2024 16:24:26 GMT
content-type
application/javascript
last-modified
Tue, 12 Sep 2023 08:33:18 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P6
x-amz-server-side-encryption
AES256
modules.6f60e575cf8ad7cb10f7.js
script.hotjar.com/ 		222 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.6f60e575cf8ad7cb10f7.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1184496.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-19.fra56.r.cloudfront.net
Software
/
Resource Hash
f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

x-robots-tag
none
content-encoding
br
etag
"56b1b49a4bdc4c874445907df778d045"
age
180268
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
OLXg65Euqmk3c7Ngsn6SyKBUpIiJckQ0pSR9LYWertFCokBhvFvtig==
date
Mon, 04 Nov 2024 14:19:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 Nov 2024 14:19:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56128
x-amz-cf-pop
FRA56-C2
1
mc.yandex.com/watch/50376523/
Redirect Chain
  • https://mc.yandex.com/watch/50376523?wmode=7&page-url=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&page-ref=https%3A%2F%2Fwww.amocasino.com%2F&charset=utf-8&uah=chm%0A%3F0&bro...
  • https://mc.yandex.com/watch/50376523/1?wmode=7&page-url=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&page-ref=https%3A%2F%2Fwww.amocasino.com%2F&charset=utf-8&uah=chm%0A%3F0&b...
615 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/50376523/1?wmode=7&page-url=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&page-ref=https%3A%2F%2Fwww.amocasino.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7vbqe2af1cw8x5fzqg6ef7wk4uz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Apl-PL%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A1617301592974%3Ahid%3A196611312%3Az%3A60%3Ai%3A20241106172425%3Aet%3A1730910266%3Ac%3A1%3Arn%3A214382202%3Arqn%3A1%3Au%3A1730910266817486686%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A692%3Ads%3A0%2C0%2C97%2C41%2C101%2C0%2C%2C4%2C0%2C794%2C795%2C0%2C245%3Aco%3A0%3Acpf%3A1%3Ans%3A1730910263394%3Agi%3AR0ExLjEuMTQ3MzMxOTM4OC4xNzMwOTEwMjY0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1730910266%3At%3AEngineering%20works&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283179268%29ti%281%29
Protocol
H2
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
6839c097c348f645e09d64f831bddef6e46d23a2560f473505af8180332c64bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Wed, 06-Nov-2024 16:24:26 GMT
access-control-allow-origin
https://www.playamo43.com
content-length
615
x-xss-protection
1; mode=block
date
Wed, 06 Nov 2024 16:24:26 GMT
content-type
application/json; charset=utf-8
last-modified
Wed, 06-Nov-2024 16:24:26 GMT

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/50376523/1?wmode=7&page-url=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D&page-ref=https%3A%2F%2Fwww.amocasino.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7vbqe2af1cw8x5fzqg6ef7wk4uz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Apl-PL%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A1617301592974%3Ahid%3A196611312%3Az%3A60%3Ai%3A20241106172425%3Aet%3A1730910266%3Ac%3A1%3Arn%3A214382202%3Arqn%3A1%3Au%3A1730910266817486686%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A692%3Ads%3A0%2C0%2C97%2C41%2C101%2C0%2C%2C4%2C0%2C794%2C795%2C0%2C245%3Aco%3A0%3Acpf%3A1%3Ans%3A1730910263394%3Agi%3AR0ExLjEuMTQ3MzMxOTM4OC4xNzMwOTEwMjY0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1730910266%3At%3AEngineering%20works&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283179268%29ti%281%29
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 06-Nov-2024 16:24:26 GMT
access-control-allow-origin
https://www.playamo43.com
date
Wed, 06 Nov 2024 16:24:26 GMT
x-xss-protection
1; mode=block
last-modified
Wed, 06-Nov-2024 16:24:26 GMT
img.gif
my.rtmark.net/ 		43 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=sync&partner=ce36175893678b8024ba53c2d1b21f2f6f4e6b42fcfdc7c2979973bfbb32f257&ttl=&rurl=https%3A%2F%2Fwww.playamo43.com%2Frefer%2Fb070aa70%3F__layerref%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=98wV0S6DiuFqr3hbPJEdTaXoNEtDrxNl9rWfKoxqBBmG6EnoOgS7hQ3gt%2BPcc%2B0zw15j1ZbKPNKTpOCTaqhVfUdEiAeN5e53JtqtqGXtfM1nWuKu7avmzd%2BHXBqZ%2BH%2By"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25567&sent=14&recv=12&lost=0&retrans=0&sent_bytes=5432&recv_bytes=4918&delivery_rate=52798&cwnd=12000&unsent_bytes=0&cid=30507ce97a38df5d&ts=792&x=1", cfHdrFlush;dur=0
date
Wed, 06 Nov 2024 16:24:26 GMT
content-type
image/gif
vary
Accept-Encoding
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8de66f0bea3cc063-WAW
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
server
cloudflare
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=e094269b-4810-405c-ab42-45c0025e1fc0&cb=5cb35fd6-8792-4fa7-a316-d87eae03d4ae
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=e094269b-4810-405c-ab42-45c0025e1fc0&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=e094269b-4810-405c-ab42-45c0025e1fc0&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Protocol
H2
Server
18.184.206.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-206-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=e094269b-4810-405c-ab42-45c0025e1fc0&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 16:24:26 GMT
/
onetag-sys.com/match/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=e094269b-4810-405c-ab42-45c0025e1fc0&cb=af94b1f5-d929-4cd4-a8c2-806f7bfe2e6e
  • https://onetag-sys.com/match/?int_id=30&uid=&gdpr=&gdpr_consent=&us_privacy=
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=&gdpr=&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//onetag-sys.com/match/?int_id=30&uid=&gdpr=&gdpr_consent=&us_privacy=
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 16:24:26 GMT
/
onetag-sys.com/match/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=e094269b-4810-405c-ab42-45c0025e1fc0&cb=ffea4d45-6d97-4279-80a1-2b0216f44897
  • https://onetag-sys.com/match/?int_id=30&uid=&gdpr=&gdpr_consent=&us_privacy=
0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=&gdpr=&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//onetag-sys.com/match/?int_id=30&uid=&gdpr=&gdpr_consent=&us_privacy=
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 16:24:26 GMT
syncd
x.bidswitch.net/ 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/syncd?dsp_id=409&user_id=e094269b-4810-405c-ab42-45c0025e1fc0&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Wed, 06 Nov 2024 16:24:26 GMT
content-type
image/gif
1184496
vc.hotjar.io/sessions/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/1184496?s=0.25&r=0.18955009035702508
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.6f60e575cf8ad7cb10f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-15.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.playamo43.com/

Response headers

via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
access-control-allow-origin
*
cache-control
no-store
x-cache
Miss from cloudfront
x-amz-cf-id
oXswkTYFr7q-ZE7eppVa0-8NhzVsIRiNQxoIEhMWh_icZ1logSWDNQ==
date
Wed, 06 Nov 2024 16:24:26 GMT
x-amz-cf-pop
FRA56-P5

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
icons.iconarchive.com
URL
https://icons.iconarchive.com/icons/hopstarter/social-networking/256/Facebook-icon.png
Domain
icons.iconarchive.com
URL
https://icons.iconarchive.com/icons/hopstarter/social-networking/256/Twitter-icon.png
Domain
www2.thetasgroup.com
URL
https://www2.thetasgroup.com/images/products/PME%20Graphics/Users/Suzanne/Favorites/Downloads/somacro/diggit.png
Domain
www2.thetasgroup.com
URL
https://www2.thetasgroup.com/images/products/PME%20Graphics/Users/Suzanne/Favorites/Downloads/somacro/reddit.png
Domain
www2.thetasgroup.com
URL
https://www2.thetasgroup.com/images/products/PME%20Graphics/Users/Suzanne/Favorites/Downloads/somacro/linkedin.png
Domain
www2.thetasgroup.com
URL
https://www2.thetasgroup.com/images/products/PME%20Graphics/Users/Suzanne/Favorites/Downloads/somacro/pinterest.png
Domain
www2.thetasgroup.com
URL
https://www2.thetasgroup.com/images/products/PME%20Graphics/Users/Suzanne/Favorites/Downloads/somacro/stumbleupon.png
Domain
www2.thetasgroup.com
URL
https://www2.thetasgroup.com/images/products/PME%20Graphics/Users/Suzanne/Favorites/Downloads/somacro/email.png
Domain
plastomanowak.pl
URL
http://plastomanowak.pl/style.css
Domain
plastomanowak.pl
URL
http://plastomanowak.pl/fancybox/jquery.fancybox-1.3.4.css
Domain
books.odintara.com
URL
http://books.odintara.com:1080/read.html?keyword=0.07891491340181389&se=12-27-08-2019-5&ur=1&default_keyword=0.07891491340181389&HTTP_REFERER=http://plastomanowak.pl/0.07891491340181389
Domain
api.cooladata.com
URL
https://api.cooladata.com/egw/5/ml8omk6vx7op8wh16kt5leezp6vm32gq/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTMwLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInJlZmVycmluZ191cmwiOiAiaHR0cHM6Ly93d3cuYW1vY2FzaW5vLmNvbS8iLCJyZWZlcnJpbmdfZG9tYWluIjogInd3dy5hbW9jYXNpbm8uY29tIiwicGFnZV90aXRsZSI6ICJFbmdpbmVlcmluZyB3b3JrcyIsInBhZ2VfdXJsIjogImh0dHBzOi8vd3d3LnBsYXlhbW80My5jb20vcmVmZXIvYjA3MGFhNzA/X19sYXllcnJlZj0iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjEuMjIiLCJldmVudF9uYW1lIjogInBhZ2VfbG9hZCIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNzMwOTEwMjY0NDE1IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMSwidXNlcl9pZCI6ICIxOTMwMjRhOWM1ZDljZC0wY2U4ZjhhNGQwYTI4NC0xNzQ2MmM2ZS0xZDRjMDAtMTkzMDI0YTljNWU4NzQifQpdfQ==

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| fbq function| _fbq object| analytics object| cooladata object| srtmCommands object| x object| y function| esk function| ___esk function| onYouTubeIframeAPIReady object| gaGlobal function| GooglemKTybQhCsO number| google_conversion_snippets number| google_conversion_first_time object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| hotjarDeps function| hotjarLoader object| yandex-metricaDeps function| yandex-metricaLoader object| google-analyticsDeps function| google-analyticsLoader function| _b64dec object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate function| hotjarIntegration object| _hjSelf function| hj object| _hjSettings function| yandex-metricaIntegration function| google-analyticsIntegration string| GoogleAnalyticsObject function| ga object| _srt_namespace function| _srt_argus function| _ads_popstate_listener object| _ads object| Ya object| yaCounter50376523 object| gaplugins object| gaData object| GlobalSnowplowNamespace function| snowplowApi object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled

51 Cookies

Domain/Path Name / Value
.books.odintara.com/ Name: nxshe
Value: vogsADQAAgACADaYK2f__zaYK2dAAAEAAAA2mCtnMTAAAgAQADaYK2f__zaYK2cA
www.amocasino.com/ Name: successful_redirect
Value: aHR0cHM6Ly9wbGF5YW1vNDMuY29t
.playamo43.com/ Name: _ga_PW8346TCN0
Value: GS1.1.1730910264.1.0.1730910264.60.0.0
.playamo43.com/ Name: cd_user_id
Value: 193024a9c5d9cd-0ce8f8a4d0a284-17462c6e-1d4c00-193024a9c5e874
.playamo43.com/ Name: _fbp
Value: fb.1.1730910264473.793548009652654484
.playamo43.com/ Name: ajs_anonymous_id
Value: e4d08969-1ba6-4f98-87e9-a4a027de7ed0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.eskimi.com/ Name: __eConsent
Value: 1
.eskimi.com/ Name: __eDId
Value: 0f469cba-1f32-4f9f-aab0-68eba60aeabf
.eskimi.com/ Name: __eP
Value: 1
.yandex.ru/ Name: yashr
Value: 951176581730910265
.playamo43.com/ Name: _ym_uid
Value: 1730910266817486686
.playamo43.com/ Name: _ym_d
Value: 1730910266
.playamo43.com/ Name: _ga
Value: GA1.2.1473319388.1730910264
.playamo43.com/ Name: _gid
Value: GA1.2.318174833.1730910266
.playamo43.com/ Name: _gat
Value: 1
.magsrv.com/ Name: goals
Value: a%3A1%3A%7Bi%3A82445%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222024-11-06%22%3B%7D%7D
.opoxv.com/ Name: goals
Value: a%3A1%3A%7Bi%3A82445%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222024-11-06%22%3B%7D%7D
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 802451497fake
.pemsrv.com/ Name: goals
Value: a%3A1%3A%7Bi%3A82445%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222024-11-06%22%3B%7D%7D
.realsrv.com/ Name: goals
Value: a%3A1%3A%7Bi%3A82445%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222024-11-06%22%3B%7D%7D
.playamo43.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 907168882fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
tsyndicate.com/ Name: ts_rt_542418b2-ca13-4fc8-9753-38ece633fd15
Value: AAMC
.playamo43.com/ Name: _sp_srt_ses.b0c9
Value: *
.playamo43.com/ Name: _sp_srt_id.b0c9
Value: bfa4935a-266f-43ad-aa88-8cec1db4458d.1730910266.1.1730910266..d6075b11-7689-4269-b14b-c19ea254911c....0
.yandex.ru/ Name: yandexuid
Value: 2647152601730910265
.yandex.ru/ Name: yuidss
Value: 2647152601730910265
.yandex.ru/ Name: i
Value: FdLtUX8mLMJVcF358zC22GV8elAeinD9sO4ZspopXX4nFhAE7r8hC9JAL0lMH8HaqMTlYtM7lJiJsyPXw1cGuemoJ+k=
.yandex.ru/ Name: yp
Value: 1730996666.yu.1324100881730910265
.yandex.ru/ Name: ymex
Value: 1733502266.oyu.1324100881730910265
.sportradarserving.com/ Name: zuuid
Value: e094269b-4810-405c-ab42-45c0025e1fc0
.sportradarserving.com/ Name: c
Value: 1730910266
.sportradarserving.com/ Name: zuuid_lu
Value: 1730910266
mc.yandex.com/ Name: yabs-sid
Value: 225085851730910266
.yandex.com/ Name: yuidss
Value: 2647152601730910265
.yandex.com/ Name: ymex
Value: 1762446266.yrts.1730910266
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1730910266
.sportradarserving.com/ Name: bss
Value: !bidswitch=500167466
.sportradarserving.com/ Name: cm2
Value: !bidswitch=500239466
.yandex.com/ Name: i
Value: ATfxDVVmsNbec7P0SwprDPfwlqNrcR0obYWiDAgOeKOd2xnbctWvg+C1+AR0B2pBZWq7r/P1nK6dXQGgw7A612ZvCiA=
.yandex.com/ Name: yandexuid
Value: 5242211111730910266
.yandex.com/ Name: yashr
Value: 8418978111730910266
.yandex.com/ Name: bh
Value: KgI/MGC6sK65Bg==
.playamo43.com/ Name: _hjSessionUser_1184496
Value: eyJpZCI6IjA5MjJjZjNjLWY3NmYtNTFmOC05YWNmLTFiNWQ5YmNlN2QwZCIsImNyZWF0ZWQiOjE3MzA5MTAyNjYzMjUsImV4aXN0aW5nIjpmYWxzZX0=
.playamo43.com/ Name: _hjSession_1184496
Value: eyJpZCI6IjM0NzRiMzNkLTdkNjEtNGY0NC1hNzJiLWY1YTU4NDIzMTUwZSIsImMiOjE3MzA5MTAyNjYzMjcsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.playamo43.com/ Name: _ym_visorc
Value: w
my.rtmark.net/ Name: ID
Value: 08810c39687644cff0f265ec867a160e

17 Console Messages

Source Level URL
Text
security warning URL: https://plastomanowak.pl/0.07891491340181389
Message:
Mixed Content: The page at 'https://plastomanowak.pl/0.07891491340181389' was loaded over HTTPS, but requested an insecure element 'http://plastomanowak.pl/panel.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://plastomanowak.pl/0.07891491340181389
Message:
Mixed Content: The page at 'https://plastomanowak.pl/0.07891491340181389' was loaded over HTTPS, but requested an insecure element 'http://plastomanowak.pl/i/pl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://plastomanowak.pl/0.07891491340181389
Message:
Mixed Content: The page at 'https://plastomanowak.pl/0.07891491340181389' was loaded over HTTPS, but requested an insecure element 'http://plastomanowak.pl/i/en.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://plastomanowak.pl/0.07891491340181389
Message:
Mixed Content: The page at 'https://plastomanowak.pl/0.07891491340181389' was loaded over HTTPS, but requested an insecure element 'http://icons.iconarchive.com/icons/hopstarter/social-networking/256/Facebook-icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://plastomanowak.pl/0.07891491340181389
Message:
Mixed Content: The page at 'https://plastomanowak.pl/0.07891491340181389' was loaded over HTTPS, but requested an insecure element 'http://icons.iconarchive.com/icons/hopstarter/social-networking/256/Twitter-icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://plastomanowak.pl/0.07891491340181389
Message:
Mixed Content: The page at 'https://plastomanowak.pl/0.07891491340181389' was loaded over HTTPS, but requested an insecure element 'http://icons.iconarchive.com/icons/designbolts/3d-social/256/Google-plus-icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://plastomanowak.pl/0.07891491340181389
Message:
Mixed Content: The page at 'https://plastomanowak.pl/0.07891491340181389' was loaded over HTTPS, but requested an insecure element 'http://www2.thetasgroup.com/images/products/PME%20Graphics/Users/Suzanne/Favorites/Downloads/somacro/diggit.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://plastomanowak.pl/0.07891491340181389
Message:
Mixed Content: The page at 'https://plastomanowak.pl/0.07891491340181389' was loaded over HTTPS, but requested an insecure element 'http://www2.thetasgroup.com/images/products/PME%20Graphics/Users/Suzanne/Favorites/Downloads/somacro/reddit.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://plastomanowak.pl/0.07891491340181389
Message:
Mixed Content: The page at 'https://plastomanowak.pl/0.07891491340181389' was loaded over HTTPS, but requested an insecure element 'http://www2.thetasgroup.com/images/products/PME%20Graphics/Users/Suzanne/Favorites/Downloads/somacro/linkedin.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://plastomanowak.pl/0.07891491340181389
Message:
Mixed Content: The page at 'https://plastomanowak.pl/0.07891491340181389' was loaded over HTTPS, but requested an insecure element 'http://www2.thetasgroup.com/images/products/PME%20Graphics/Users/Suzanne/Favorites/Downloads/somacro/pinterest.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://plastomanowak.pl/0.07891491340181389
Message:
Mixed Content: The page at 'https://plastomanowak.pl/0.07891491340181389' was loaded over HTTPS, but requested an insecure element 'http://www2.thetasgroup.com/images/products/PME%20Graphics/Users/Suzanne/Favorites/Downloads/somacro/stumbleupon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://plastomanowak.pl/0.07891491340181389
Message:
Mixed Content: The page at 'https://plastomanowak.pl/0.07891491340181389' was loaded over HTTPS, but requested an insecure element 'http://www2.thetasgroup.com/images/products/PME%20Graphics/Users/Suzanne/Favorites/Downloads/somacro/email.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://plastomanowak.pl/0.07891491340181389
Message:
Mixed Content: The page at 'https://plastomanowak.pl/0.07891491340181389' was loaded over HTTPS, but requested an insecure element 'http://plastomanowak.pl/i/b-czytaj.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://plastomanowak.pl/0.07891491340181389
Message:
Mixed Content: The page at 'https://plastomanowak.pl/0.07891491340181389' was loaded over HTTPS, but requested an insecure element 'http://plastomanowak.pl/firma.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://plastomanowak.pl/0.07891491340181389(Line 10)
Message:
Mixed Content: The page at 'https://plastomanowak.pl/0.07891491340181389' was loaded over HTTPS, but requested an insecure stylesheet 'http://plastomanowak.pl/style.css'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://plastomanowak.pl/0.07891491340181389(Line 11)
Message:
Mixed Content: The page at 'https://plastomanowak.pl/0.07891491340181389' was loaded over HTTPS, but requested an insecure stylesheet 'http://plastomanowak.pl/fancybox/jquery.fancybox-1.3.4.css'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://www.playamo43.com/refer/b070aa70?__layerref=
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
ads.trafficjunky.net
api.cooladata.com
api.segment.io
asset.zcache.com
books.odintara.com
cdn.cooladata.com
cdn.segment.com
connect.facebook.net
covers.openlibrary.org
dsp-ap.eskimi.com
dsp-media.eskimi.com
dsp-trk.eskimi.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
icons.iconarchive.com
match.sharethrough.com
mc.yandex.com
mc.yandex.ru
my.rtmark.net
onetag-sys.com
plastomanowak.pl
playamo43.com
region1.analytics.google.com
rlv.zcache.fr
s.magsrv.com
s.opoxv.com
s.pemsrv.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
syndication.realsrv.com
tm.ads.sportradar.com
track.trackingtraffo.com
tracker.ads.sportradar.com
trc.taboola.com
tsyndicate.com
vc.hotjar.io
www.amocasino.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.pl
www.googleadservices.com
www.googletagmanager.com
www.playamo43.com
www2.thetasgroup.com
x.bidswitch.net
api.cooladata.com
books.odintara.com
icons.iconarchive.com
plastomanowak.pl
www2.thetasgroup.com
104.21.235.214
13.32.27.19
142.250.181.226
142.250.185.130
142.250.185.168
142.250.185.68
142.250.185.99
142.250.186.74
142.250.186.99
151.101.129.44
151.101.192.241
151.101.64.64
157.240.253.1
157.240.253.35
159.69.137.49
169.150.247.37
172.64.154.31
18.184.206.66
18.66.102.51
18.66.112.15
188.114.96.3
188.42.63.48
188.42.63.49
207.241.234.146
216.239.32.36
216.58.206.46
23.76.204.35
35.163.144.222
35.214.136.108
35.214.174.141
51.75.86.98
66.254.114.154
74.125.206.154
77.88.21.119
79.96.24.253
88.214.206.32
91.188.56.54
92.53.189.75
95.211.229.246
95.211.229.248
99.86.8.175
063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb
117082b60ce49dc625ce4ee3b24a0af5eff5e15dab38c3fa3eec9c19246f1b0b
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
18fbbc34ad30457bea9e752dd41bbdb455b32814ba1ce94f0fb4ca79be532045
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd
2867553d0e10415db453b2dc50a456db78b8dbebc8e69f42c3796ca818191ca9
2ccf5569542288230f7618e3f5a5ceb68435ff42a4d65e3bf564284f4e39ad5e
2cedbeb16dea6cdefccbc5fa4f414adf3dd02c8d8157413439530cd9130f00c3
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
3e59616d3d5e69bfba586b1482ad43eddf60404f7645041e764f60ba071b1415
3edf2fef0f171ba86eaee753895263a6b2e6411f94e137a430255551c430c876
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e687af4507ee911e92498208c154c59437d0ee76ae1c07cfebe4f056415e095
548daca63b0812df9494af000ccf7d4eec2728ef65cd94ae6a1aec0e89ef860a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55270971fdc4172d5cbba95dadd779074eadb9c50bf16c2b3253ccc6bc8fc363
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
595d29ee87385e73dd279920931ae150ee80675b4525092f0b20253639d7badc
6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87
6475757d52d7535c5b478c4ca6ab1cad13ab0ae14df390d9277b41a49f798905
6803eddc6e662960cbd5f33accba75ecde8b41b2017f9a478d1122ad236d5449
6839c097c348f645e09d64f831bddef6e46d23a2560f473505af8180332c64bc
6c519c62d924b9dd479634a9847ce22009b77ae6b762ab272d7c5267d98a14c6
6f23286e875ba2d576ccc66befac0a86cd7406c22ca90281c535dc318fe77d17
86685e191878d9ecfd30ed1fe63cbb783bf9151607e9996342d64977013e3cff
86dca70705b5d6101e60ad3d29491a24ad6d5bedac098360038d69f02754cd6e
877a6cce9111c1ea6dd75bd15175798bed64fc6610185989cb009a878374008a
8f1115f7c039ea15797b51d29a828653df023c6185883a2b49abf4ad9955b14d
9514372ab8ac313ea8019966fdcfe91b201c3aa69f92de8346ab34af461bbad2
95cd3e5597b8644d0284aa92f248141c5d5b3d4f0a1832714ee87df97e585362
9640a347fb4833655c4ee5a974d02dfa2561f332fdd8130bfac7183c98b486ee
9a9f2886e93ba0b62f58f90de7ef58bdf9930d0c7a86f5fcdfe90ac41f28d56c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
af5c27d91a8b814351b6522aa17a23a709545f11cdbc953cb0d452280e5d3b0d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b878124b5a7c9acc0a482090b9adf375475a765346b5486abf482385509318d7
c61d502dffaecc8587cf931a276c09ee10fd8bcea3b2706e87c9b16bb288111b
cec55db9de978f3d5951140558d1b154da6d7d9c41a38944f8b57dcd00c21b03
d373b55bcb9f16c87adf7214410f7307192323d2316912bfef4e01b6e940a4e6
d4af01b0fa40565b15d2674b101aa23e22d861e578592d32432ff6c2a5b9738e
ddc0743ada0bc891e2ea02ca4442cb5bb5f3ff5e481bcefc8df3afebcc81cb50
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f054b3bfb110ccb041427844303cf90a427cbc48359cc21c44670db59c29d18b
f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7