Submitted URL: http://creators.lootlabs.gg/
Effective URL: https://creators.lootlabs.gg/
Submission: On November 19 via api from US — Scanned from DE

Summary

This website contacted 50 IPs in 9 countries across 47 domains to perform 116 HTTP transactions. The main IP is 18.66.147.109, located in United States and belongs to AMAZON-02, US. The main domain is creators.lootlabs.gg.
TLS certificate: Issued by Amazon RSA 2048 M01 on April 23rd 2023. Valid for: a year.
This is the only time creators.lootlabs.gg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.66.147.18 16509 (AMAZON-02)
23 18.66.147.109 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 52.222.232.63 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
8 2a00:1450:400... 15169 (GOOGLE)
12 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
4 6 2a02:2638:3::c 44788 (ASN-CRITE...)
2 54.69.173.230 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 178.250.1.9 44788 (ASN-CRITE...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
2 2 142.250.186.98 15169 (GOOGLE)
1 18.158.157.189 16509 (AMAZON-02)
2 3 185.89.211.12 29990 (ASN-APPNEX)
1 95.101.148.20 16625 (AKAMAI-AS)
1 69.173.144.138 26667 (RUBICONPR...)
1 185.86.138.151 201081 (SMARTADSE...)
1 141.226.228.48 200478 (TABOOLA-AS)
1 23.32.185.35 16625 (AKAMAI-AS)
1 76.223.111.18 16509 (AMAZON-02)
2 3.71.149.231 16509 (AMAZON-02)
1 37.157.6.254 198622 (ADFORM)
1 34.255.45.246 16509 (AMAZON-02)
1 2 104.18.36.155 13335 (CLOUDFLAR...)
1 2 54.220.63.108 16509 (AMAZON-02)
1 141.95.98.64 16276 (OVH)
1 54.154.185.105 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 18.184.49.101 16509 (AMAZON-02)
1 35.167.190.90 16509 (AMAZON-02)
1 64.202.112.223 22075 (AS-OUTBRAIN)
1 185.64.191.210 62713 (AS-PUBMATIC)
1 52.30.9.87 16509 (AMAZON-02)
1 3.125.27.82 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 23.32.185.192 16625 (AKAMAI-AS)
1 52.215.18.230 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 54.228.208.22 16509 (AMAZON-02)
1 3.16.224.188 16509 (AMAZON-02)
116 50
Apex Domain
Subdomains
Transfer
24 lootlabs.gg
creators.lootlabs.gg
1 MB
12 crisp.chat
client.crisp.chat — Cisco Umbrella Rank: 18414
166 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
673 KB
9 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
sslwidget.criteo.com — Cisco Umbrella Rank: 2332
dis.criteo.com — Cisco Umbrella Rank: 597
13 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 3040
38 KB
6 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
2 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 6862
733 B
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
2 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
33 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
1 KB
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1699
1 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
141 B
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 4607
forms.hscollectedforms.net — Cisco Umbrella Rank: 4689
26 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
169 KB
2 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2386
2 KB
2 ad-maven.com
be.api.ad-maven.com
1021 B
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 2536
269 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 758
340 B
1 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4294
1016 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2884
39 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4925
235 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3030
400 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
36 B
1 revcontent.com
trends.revcontent.com — Cisco Umbrella Rank: 2528
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 843
226 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 807
145 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1122
424 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1284
886 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 10529
275 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 781
200 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 440
921 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
386 B
1 adform.net
cm.adform.net — Cisco Umbrella Rank: 1267
164 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
141 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2580
165 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1630
100 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
163 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
239 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 691
787 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
147 B
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2150
21 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2155
20 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
82 KB
1 cloudfront.net
d2gt9oovykfp1z.cloudfront.net
2 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
15 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1002
12 KB
116 47
Domain Requested by
24 creators.lootlabs.gg 1 redirects creators.lootlabs.gg
12 client.crisp.chat creators.lootlabs.gg
client.crisp.chat
6 www.gstatic.com www.google.com
www.gstatic.com
6 www.google.com creators.lootlabs.gg
www.gstatic.com
5 gum.criteo.com 4 redirects static.criteo.net
4 www.google.de creators.lootlabs.gg
4 stats.g.doubleclick.net creators.lootlabs.gg
www.googletagmanager.com
4 www.google-analytics.com creators.lootlabs.gg
4 fonts.gstatic.com fonts.googleapis.com
www.google.com
3 ib.adnxs.com 2 redirects
3 fonts.googleapis.com creators.lootlabs.gg
2 dpm.demdex.net 1 redirects
2 r.casalemedia.com 1 redirects
2 ups.analytics.yahoo.com
2 dis.criteo.com
2 cm.g.doubleclick.net 2 redirects
2 region1.analytics.google.com www.googletagmanager.com
2 www.googletagmanager.com www.google-analytics.com
2 js.hs-scripts.com creators.lootlabs.gg
2 be.api.ad-maven.com creators.lootlabs.gg
1 s.thebrighttag.com
1 beacon.krxd.net
1 forms.hsforms.com
1 sync-criteo.ads.yieldmo.com
1 ad.yieldlab.net
1 criteo-partners.tremorhub.com
1 match.sharethrough.com
1 trends.revcontent.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 jadserve.postrelease.com
1 exchange.mediavine.com
1 matching.ivitrack.com
1 ad.360yield.com
1 id5-sync.com
1 visitor.omnitagjs.com
1 cm.adform.net
1 eb2.3lift.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 pixel.rubiconproject.com
1 contextual.media.net
1 x.bidswitch.net
1 forms.hscollectedforms.net creators.lootlabs.gg
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 sslwidget.criteo.com static.criteo.net
1 mug.criteo.com creators.lootlabs.gg
1 code.jquery.com creators.lootlabs.gg
1 d2gt9oovykfp1z.cloudfront.net creators.lootlabs.gg
1 static.criteo.net creators.lootlabs.gg
1 use.fontawesome.com creators.lootlabs.gg
116 54

This site contains links to these domains. Also see Links.

Domain
lootlabs.gg
Subject Issuer Validity Valid
*.lootlabs.gg
Amazon RSA 2048 M01
2023-04-23 -
2024-05-21
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3
2023-10-12 -
2024-10-10
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-09 -
2024-01-06
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
crisp.chat
Cloudflare Inc ECC CA-3
2023-05-07 -
2024-05-06
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2023-12-23
3 months crt.sh
ad-maven.com
Amazon RSA 2048 M01
2023-03-20 -
2024-04-17
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-03 -
2024-05-02
a year crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.google.de
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
teads.tv
R3
2023-11-03 -
2024-02-01
3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-03 -
2024-01-24
6 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-25 -
2024-06-18
a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2023-06-23 -
2024-07-22
a year crt.sh
*.id5-sync.com
R3
2023-11-01 -
2024-01-30
3 months crt.sh
*.360yield.com
Amazon RSA 2048 M01
2023-05-29 -
2024-06-26
a year crt.sh
itm.ivitrack.com
R3
2023-10-15 -
2024-01-13
3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02
2023-06-06 -
2024-07-04
a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02
2023-08-30 -
2024-09-28
a year crt.sh
*.outbrain.com
Thawte RSA CA 2018
2022-11-06 -
2023-11-28
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2023-04-20 -
2024-05-20
a year crt.sh
revcontent.com
Amazon RSA 2048 M02
2023-05-18 -
2024-06-16
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01
2023-06-14 -
2024-07-12
a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01
2023-02-22 -
2024-03-23
a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1
2023-09-17 -
2024-09-17
a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01
2023-04-04 -
2024-05-02
a year crt.sh
*.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh

This page contains 5 frames:

Primary Page: https://creators.lootlabs.gg/
Frame ID: 7141978E0ED8CBCDDA25FA3616137977
Requests: 77 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=creators.lootlabs.gg&origin=onetag
Frame ID: 5A294DA28051F050CC9B1A1A976F340F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfGzJMlAAAAAIVkD-Xh8p7pkWJb3jIGKs80YPXx&co=aHR0cHM6Ly9jcmVhdG9ycy5sb290bGFicy5nZzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=4fp439dx76mq
Frame ID: 726839C45BF71DC68145CD11B46FD138
Requests: 8 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-odAuR4gLZs8dDKMFVtszAsZl7fIF0_ZLEWLipg&google_gid=CAESEJtPJWgRDCSk_ejdKeJSKtY&google_cver=1&google_ula=913071,0
Frame ID: 3B2B8CA3755B1CB435C45E71E2E9E80C
Requests: 30 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfGzJMlAAAAAIVkD-Xh8p7pkWJb3jIGKs80YPXx
Frame ID: 96EFAAACF40B4D38ADFE0DE749CB8C02
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Creator Panel - LootLabs

Page URL History Show full URLs

  1. http://creators.lootlabs.gg/ HTTP 301
    https://creators.lootlabs.gg/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • (?:<link[^>]* href=[^>]+glyphicons(?:\.min)?\.css|<img[^>]* src=[^>]+glyphicons)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • <link[^>]+?href="[^"]+sweet-alert(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

116
Requests

94 %
HTTPS

37 %
IPv6

47
Domains

54
Subdomains

50
IPs

9
Countries

2810 kB
Transfer

8417 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://creators.lootlabs.gg/ HTTP 301
    https://creators.lootlabs.gg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://gum.criteo.com/sid/json?origin=onetag&domain=lootlabs.gg&sn=ChromeSyncframe&so=0&topUrl=creators.lootlabs.gg&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=S6pZNnxGb0d0Z1NCTjlGd2k1T0hnTjlQNk5mSUlsdjJ3N1krTDZZdnRYU09QWXJpZmlwSEd2b0k0ZElMK3p6VkpXV1g1anNFUmhnRWNXaWR0QTdxeFZoOGZNaVRPYzg2bjlqeGRrY0xKbDB2d1dNWWNrY1lNQjhwd3hHSVUvOU5wYWdQeDZEazdXN3BlcEdSekhVN1N1bVZDemxIakdnR3BHbE9Ha05BWHpnNDcyMkhRTThCMlNXS0ovUEZpZEJGNnFVbHNiZy9lQ1hPdk9oZ0F5ZEZjclFEdTRhNmUwVlhMbGs3L3lCSTRWa0VuaVJmWUsvN1M3NEhJcDJQYUJ0V1FZbFYwRzZEbzExQWFPYzAyWUNqU0FleEg1QnpNWWR1RFpWREFpMFczdDZ0Z2I1TT18&cppv=2
Request Chain 75
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-odAuR4gLZs8dDKMFVtszAsZl7fIF0_ZLEWLipg&google_cm&google_hm=ay1vZEF1UjRnTFpzOGRES01GVnRzekFzWmw3ZklGMF9aTEVXTGlwZw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-odAuR4gLZs8dDKMFVtszAsZl7fIF0_ZLEWLipg&google_cm=&google_hm=ay1vZEF1UjRnTFpzOGRES01GVnRzekFzWmw3ZklGMF9aTEVXTGlwZw&google_tc= HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-odAuR4gLZs8dDKMFVtszAsZl7fIF0_ZLEWLipg&google_gid=CAESEJtPJWgRDCSk_ejdKeJSKtY&google_cver=1&google_ula=913071,0
Request Chain 77
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6268217184290594639
Request Chain 87
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-7Rq1-ogLZs8dDKMFVtszAsZl7fJyZc-gJKpzNQ HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-7Rq1-ogLZs8dDKMFVtszAsZl7fJyZc-gJKpzNQ&C=1
Request Chain 88
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=tWL0Fa3yrVRzEc11s2HUyYZhPYOnyRmr HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=tWL0Fa3yrVRzEc11s2HUyYZhPYOnyRmr
Request Chain 105
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=hT43ykfFhpvE_9-imgmH3bWvNEhEPpyi
Request Chain 110
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ubMrx8E7dg1Qm28MMemaBPF0OYc5v8ql

116 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
creators.lootlabs.gg/
Redirect Chain
  • http://creators.lootlabs.gg/
  • https://creators.lootlabs.gg/
10 KB
4 KB
Document
General
Full URL
https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85235e3cae8470d094404440aa4c4082fcfee76115c29ebfa94e83af782d2ba8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
7369
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 19 Nov 2023 07:46:48 GMT
ETag
W/"599091d7ab63e4620ec1a60f2581b361"
Last-Modified
Mon, 13 Nov 2023 14:56:55 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
WzAs4BQDY6FfxP1SLHllf3ifdKQ9PKv2Kxt5VaWUfRNIairgtdg37Q==
X-Amz-Cf-Pop
FRA60-P4
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Sun, 19 Nov 2023 09:49:36 GMT
Location
https://creators.lootlabs.gg/
Server
CloudFront
Via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
nw3CF2D7Fq9LVBQEMVAllCCgoX8t0QZ-0bYYw_DceaP9Ri3yOlJxgQ==
X-Amz-Cf-Pop
FRA60-P4
X-Cache
Redirect from cloudfront
bootstrap.min.css
creators.lootlabs.gg/assets/theme/css/
109 KB
16 KB
Stylesheet
General
Full URL
https://creators.lootlabs.gg/assets/theme/css/bootstrap.min.css
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89d46006f74f70b766a9a5ecc12b810189e9a9c5ce33aab1b46802ac5d81260d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 11:22:05 GMT
Content-Encoding
br
Via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
80852
x-amz-server-side-encryption
AES256
ETag
W/"3ecf0ed274bf26507f735e8289d0526a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
Q0OZ8LDg-vDTLewBCw9i_QX8lI99SYhBNsgS7tZH9hyNxsZlnLB3Xw==
bootstrap-extend.min.css
creators.lootlabs.gg/assets/theme/css/
134 KB
18 KB
Stylesheet
General
Full URL
https://creators.lootlabs.gg/assets/theme/css/bootstrap-extend.min.css
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cdd3a6462e64e825d27b185ac1914b20037a47a6012c8cb95d948e9379bce52c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 11:22:05 GMT
Content-Encoding
br
Via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
80852
ETag
W/"c227c4c82d24c7314cdb601cf2f88a45"
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
VoMnv-xryEQGKJMfix4BWHmUn72yF9ACScDC7hBmytRi2WEIARi3OQ==
site.css
creators.lootlabs.gg/assets/theme/css/
240 KB
26 KB
Stylesheet
General
Full URL
https://creators.lootlabs.gg/assets/theme/css/site.css
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
578439ab0a88e3f91ffa81126d2cb78108147de54d6127c388ff392c644052c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 13:42:26 GMT
Content-Encoding
br
Via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
72431
x-amz-server-side-encryption
AES256
ETag
W/"77451e53116ba553162e6f42ccf7e027"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
sQpPnzBRZN2AYYETvW5oo_TpX9syjWml2Wh_VTVY1M6ri-nYj5JiHA==
asScrollable.css
creators.lootlabs.gg/assets/theme/vendor/asscrollable/
4 KB
1 KB
Stylesheet
General
Full URL
https://creators.lootlabs.gg/assets/theme/vendor/asscrollable/asScrollable.css
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28584fd4a945f8ed756ff4d2fb0374ba76c81c4fd44e495889c035c94e8fbe63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 11:22:05 GMT
Content-Encoding
br
Via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:43 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
80852
x-amz-server-side-encryption
AES256
ETag
W/"95d795e3fd4e23d3b08aab38f4377097"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
1bjsD2HhgA612CXiTcQTy7BXTz8SjsknHFHsGtu6vXnhhqXAAy9GrQ==
slidePanel.css
creators.lootlabs.gg/assets/theme/vendor/slidepanel/
3 KB
1 KB
Stylesheet
General
Full URL
https://creators.lootlabs.gg/assets/theme/vendor/slidepanel/slidePanel.css
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60d4533714169cb40970d4048332e31ab5eeddbd7604be8ebb8bbe196010a5b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 13:42:26 GMT
Content-Encoding
br
Via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:55 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
72431
x-amz-server-side-encryption
AES256
ETag
W/"00ab15b0f22f166b4a2637056124c51e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
nnwkPQSvqt9cDeBXB5OokYZQiXgFYJanCA64GDrXp1nYna9k3ej6wQ==
flag-icon.css
creators.lootlabs.gg/assets/theme/vendor/flag-icon-css/
14 KB
1 KB
Stylesheet
General
Full URL
https://creators.lootlabs.gg/assets/theme/vendor/flag-icon-css/flag-icon.css
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e0994beeb497a8a92b6503bd1d91ea360ffe182a62eb3bdaf3173bbb67cea74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 11:22:05 GMT
Content-Encoding
br
Via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:45 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
80852
ETag
W/"3c74b141ae654de656a2d57309bc577a"
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
JohK9_p1rCRNoJfhF_heltunfBbQXY0-vDX5JDIAZiTemykMq24VBQ==
select2.min.css
creators.lootlabs.gg/assets/theme/vendor/select2/
17 KB
3 KB
Stylesheet
General
Full URL
https://creators.lootlabs.gg/assets/theme/vendor/select2/select2.min.css
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
62b9271409c0d41d8f7b2dd63a9da631ce8c3991b48a403bfca0a2739ac91f39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 11:22:05 GMT
Content-Encoding
br
Via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:55 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
80852
ETag
W/"b041055036ab29843f46f379508e493d"
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
PSuVm7o_RmbGvakU8w9J3Ecg_-ge6Hf1Wh4xL5Z0B2_jSpSBOL0OZQ==
sweet-alert.css
creators.lootlabs.gg/assets/theme/vendor/bootstrap-sweetalert/
17 KB
2 KB
Stylesheet
General
Full URL
https://creators.lootlabs.gg/assets/theme/vendor/bootstrap-sweetalert/sweet-alert.css
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
282f5ce62a678c018c3320502416d91575b7726166837e24fb589aab83a8e334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 11:22:05 GMT
Content-Encoding
br
Via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:43 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
80852
x-amz-server-side-encryption
AES256
ETag
W/"1471d36ed4a6e5de09d4ffc00f60558b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
4muMev-AB49APnmG5a25b8KeVq3Xud1l6xMTlyyyUkU_gpJ9jy1Qmg==
whiteLion.css
creators.lootlabs.gg/assets/theme/skins/
148 KB
16 KB
Stylesheet
General
Full URL
https://creators.lootlabs.gg/assets/theme/skins/whiteLion.css
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
007fda57748b058880e383752f5cd6af6791d40f4951cc563aa1a1f19f5e3fd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 00:09:24 GMT
Content-Encoding
br
Via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:42 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
34813
x-amz-server-side-encryption
AES256
ETag
W/"b94f228ca9415dae1c5922b7612814e9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
ykR5-NBM0-wkEqLBwQOw4xrvlKxN0pPbXJZUVeV22JukgvCeltKPzg==
material-design.min.css
creators.lootlabs.gg/assets/theme/fonts/material-design/
61 KB
8 KB
Stylesheet
General
Full URL
https://creators.lootlabs.gg/assets/theme/fonts/material-design/material-design.min.css
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
542732601b309a829a663c01096595bee3bf1b7d44f134ec45925b6d29c14083

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 00:09:24 GMT
Content-Encoding
br
Via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:40 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
34813
x-amz-server-side-encryption
AES256
ETag
W/"7b16d5e540f20c0b22f6c457cba50082"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
vdQF53N8iMBaYi8FRZU7lbv-W3ufMw6VYLArUZ4ae8qC6b3dnonkcQ==
font-awesome.min.css
creators.lootlabs.gg/assets/theme/fonts/font-awesome/
25 KB
6 KB
Stylesheet
General
Full URL
https://creators.lootlabs.gg/assets/theme/fonts/font-awesome/font-awesome.min.css
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a52d698b3edb98a5df4c0cd3f37b75bdafb310322e4556f14b247e8666d75ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 11:22:05 GMT
Content-Encoding
br
Via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:40 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
80852
ETag
W/"6ca97be9183c5422a01e9284d840c2fe"
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
6ejo28hwvyCffRJcvBy-Ly-pHkpyDCph91snKowfadh9MxrI6Qld6w==
glyphicons.min.css
creators.lootlabs.gg/assets/theme/fonts/glyphicons/
12 KB
3 KB
Stylesheet
General
Full URL
https://creators.lootlabs.gg/assets/theme/fonts/glyphicons/glyphicons.min.css
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13c7beaa34f624819ea7e97be454a74617adb38acdd52399a25c52e46153bc7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 09:49:37 GMT
Content-Encoding
br
Via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:40 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
ETag
W/"1f77b728fa91daad1c7f57999a221b83"
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Miss from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
HT2woFbJSAmuel7JskXdk00KYCgZ7JQF8PMAsmJZX7IER-AtKDlTBA==
web-icons.min.css
creators.lootlabs.gg/assets/theme/fonts/web-icons/
7 KB
2 KB
Stylesheet
General
Full URL
https://creators.lootlabs.gg/assets/theme/fonts/web-icons/web-icons.min.css
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1dfe6918463916a51ebb562ca5327c17bc146f8167d5908fbc6e09d55ae9cfff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 00:09:24 GMT
Content-Encoding
br
Via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:41 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
34813
x-amz-server-side-encryption
AES256
ETag
W/"5a298b498c8b65b32c246db7d71ccba0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
nHOrKwTz7VzHjd7Vrmz29wPKyecFUHHxNuAK4ABK6Wv-fE6m057CsQ==
brand-icons.min.css
creators.lootlabs.gg/assets/theme/fonts/brand-icons/
3 KB
1 KB
Stylesheet
General
Full URL
https://creators.lootlabs.gg/assets/theme/fonts/brand-icons/brand-icons.min.css
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08f706840241c29b3b42d1cf66ffc5afcf96f5afd72c5f73e646e611a4038ec8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 00:09:24 GMT
Content-Encoding
br
Via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:39 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
34813
x-amz-server-side-encryption
AES256
ETag
W/"8ab28f189541d8e6fd58cf5173b7f71b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
FwylucgeUYKwDvsM6K1Z4mgStxU9GLFaAbjy_v3Cuv4rUeRsG8R33A==
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,300italic
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7cc35691d6c9adfc6ebe4244248da21e323500a89cce81a2b24d3c80b4d8c5a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 19 Nov 2023 09:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 19 Nov 2023 09:19:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Nov 2023 09:49:36 GMT
css
fonts.googleapis.com/
12 KB
841 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900,900i
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d13da0c5fda08dd7703f9cfff5441ec5abc2d834fa0d026e90985744b713903
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 19 Nov 2023 09:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 19 Nov 2023 09:49:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Nov 2023 09:49:36 GMT
css2
fonts.googleapis.com/
119 KB
31 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Comfortaa:wght@300&family=Noto+Sans+JP&family=Poppins:ital,wght@0,700;1,300&display=swap
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8cf205ff7bc4a6cc2c432a01382fe44ecb9676fab7ab569b95b914e0fbe0a6aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 19 Nov 2023 09:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 19 Nov 2023 09:49:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Nov 2023 09:49:36 GMT
all.css
use.fontawesome.com/releases/v5.8.2/css/
54 KB
12 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.8.2/css/all.css
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f

Request headers

Referer
https://creators.lootlabs.gg/
Origin
https://creators.lootlabs.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
97418
etag
W/"77cbad34e5ce95e70847b074e05faeab"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVzCtgqXlpfeE1u%2Bx%2Fwx5AN47tMB3pDkToDfHp6%2But8mnHXZNG%2B75hNWIO9Eis3waBrNWGmBIVwaC1ClBFcdK3ocJ4Qr5eq9qtyOAbofk43xsCNi%2BKuSDiiUGnCu7nfabYpYN%2FlnlpEO1ZEJiZsydkq4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
82878b4c9d55bb85-FRA
alt-svc
h3=":443"; ma=86400
modernizr.js
creators.lootlabs.gg/assets/theme/vendor/modernizr/
29 KB
8 KB
Script
General
Full URL
https://creators.lootlabs.gg/assets/theme/vendor/modernizr/modernizr.js
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
118bc89d45113fced7ccd227a1c2daa6e9d52dd7fa5e7d4f4f5c6b38cea75b53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 21:05:58 GMT
Content-Encoding
gzip
Via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:53 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
45819
x-amz-server-side-encryption
AES256
ETag
W/"f09d1a34796649e9af3da089e1fba61c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
G-GWNc54fZhWxz0__stMMzxde398AqsQn6MVoMuxzwX2sMCGeFz6uQ==
breakpoints.js
creators.lootlabs.gg/assets/theme/vendor/breakpoints/
12 KB
3 KB
Script
General
Full URL
https://creators.lootlabs.gg/assets/theme/vendor/breakpoints/breakpoints.js
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0526b733feef29f9706677021d31d690ecf56d680c788e061167848b828583c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 09:19:30 GMT
Content-Encoding
br
Via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:44 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
1807
ETag
W/"3fe3848f781400eaa85e8b6bc4a855ac"
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
LVLlFW-6KYJAYq5S7u5JZEtynX3ik1dFpHZr2Xq950INW0bqMmOThg==
ld.js
static.criteo.net/js/ld/
46 KB
15 KB
Script
General
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 10 Oct 2023 15:11:46 GMT
server
nginx
etag
W/"652569b2-b614"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Nov 2023 09:49:36 GMT
LootLogoY.png
creators.lootlabs.gg/assets/images/
9 KB
10 KB
Image
General
Full URL
https://creators.lootlabs.gg/assets/images/LootLogoY.png
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c370dcf8cb26cc55fa6a0e35e19e00ee6d6c9aa771623ea5ba90e2e26b27b3a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 00:09:25 GMT
Via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:33 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
34812
x-amz-server-side-encryption
AES256
ETag
"69ce5c4958616be962be70e59e6aebd8"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9376
X-Amz-Cf-Id
KbKtxghL42T8Pg-hRUh0pUegLKo-nYpirBc1AlsJ6cQMiMsgB4CUlA==
banner-VPN-renderer.js
d2gt9oovykfp1z.cloudfront.net/banner-vpn-renderer/v1.0.1.0/
2 KB
2 KB
Script
General
Full URL
https://d2gt9oovykfp1z.cloudfront.net/banner-vpn-renderer/v1.0.1.0/banner-VPN-renderer.js
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-63.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ad72f2407d00b5151977b3f9a35931fecd2b4de5edd348ef059272b31da88d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 08:58:17 GMT
Via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
Last-Modified
Tue, 25 Dec 2018 14:18:56 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P4
Age
3080
ETag
"3379aa7df362d6491161a73a7023cf02"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1743
X-Amz-Cf-Id
itmqhBxEk3N9P3KjFvNXVm2QYmTBRZXi0xnqWx2z3F6GDMRlicpzDg==
jquery-latest.js
code.jquery.com/
276 KB
82 KB
Script
General
Full URL
https://code.jquery.com/jquery-latest.js
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:36 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5585167
x-cache
HIT, HIT
content-length
83875
x-served-by
cache-lga21958-LGA, cache-fra-eddf8230128-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1700387376.141825,VS0,VE0
etag
W/"28feccc0-4508e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
773, 700202
vendor.bundle.js
creators.lootlabs.gg/
2 MB
570 KB
Script
General
Full URL
https://creators.lootlabs.gg/vendor.bundle.js?bb4f9bd503d61c06ad72
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da775ed87057e384a6ef0ab9d4f6c105f6918df01aa68e20cc12bb6ce747eca7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 16:13:14 GMT
Content-Encoding
gzip
Via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:55 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
63383
x-amz-server-side-encryption
AES256
ETag
W/"df18f0bad9a69a33988c20feb054762d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
QpjmM4_ujLubLLiJOGBKjYITXKk-NBUNut6NFbdJRUr_XpZtU_cgTg==
app.bundle.js
creators.lootlabs.gg/
2 MB
663 KB
Script
General
Full URL
https://creators.lootlabs.gg/app.bundle.js?bb4f9bd503d61c06ad72
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cad8a327abb5826a314b380c44840bb2f5e98b438cad4b0bef58ddc07e5da718

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 16:13:14 GMT
Content-Encoding
gzip
Via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
63383
x-amz-server-side-encryption
AES256
ETag
W/"8dad5e07cee8e1bd6a414228259b698d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
Q6kMfgwSsj1rw-bOp0aEHwZlltATx_Y2BxWtLq_IzXsS3mLiM3eaEg==
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,300italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://creators.lootlabs.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 15:22:55 GMT
x-content-type-options
nosniff
age
152801
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 15:22:55 GMT
l.js
client.crisp.chat/
8 KB
3 KB
Script
General
Full URL
https://client.crisp.chat/l.js
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46dee4984383cc7d7f612fc11864ded49cb50d7ce96ae6f7b847b0c12d32b122
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
60152
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 24 Aug 2023 11:12:52 GMT
server
cloudflare
etag
W/"64e73b34-2023"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
82878b4fb9e2bbe9-FRA
access-control-allow-headers
Content-Type, Origin
expires
Mon, 20 Nov 2023 09:49:36 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 19 Nov 2023 09:19:54 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1782
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 19 Nov 2023 11:19:54 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc2e4c954effbff72ea4f594f25ea3b304146d99b9ac85b2870480ec6462d283

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
syncframe
gum.criteo.com/ Frame 5A29
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=creators.lootlabs.gg&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://creators.lootlabs.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 19 Nov 2023 09:49:36 GMT
server
Kestrel
server-processing-duration-in-ticks
290480
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
production_consts
be.api.ad-maven.com/api/
156 B
649 B
XHR
General
Full URL
https://be.api.ad-maven.com/api/production_consts?id=SELF_SERVICE_KILL_SWITCH
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/vendor.bundle.js?bb4f9bd503d61c06ad72
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.173.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-173-230.us-west-2.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
137a571be29a0d559a56cd7e222f80a2de66df9af172db480d304d359c29af40

Request headers

Accept
application/json, text/plain, */*
Referer
https://creators.lootlabs.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Nov 2023 09:49:38 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Etag
W/"5de4a36f6660c46906fe0608c056950fc7c127fd"
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, no-cache, private
Connection
keep-alive
Access-Control-Allow-Headers
x-requested-with
Content-Length
148
Expires
Sun, 19 Nov 2023 09:49:37 GMT
lootlabs_users
be.api.ad-maven.com/api/
65 B
372 B
XHR
General
Full URL
https://be.api.ad-maven.com/api/lootlabs_users?publisher_id=undefined
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/vendor.bundle.js?bb4f9bd503d61c06ad72
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.173.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-173-230.us-west-2.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
4f1518271629e38cd5273ea53ffe52343ba1fb8bdb8acc57a095f7926a1e477b

Request headers

Accept
application/json, text/plain, */*
Referer
https://creators.lootlabs.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 09:49:37 GMT
Server
nginx/1.21.4
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
x-requested-with
Content-Length
65
5152848.js
js.hs-scripts.com/
1 KB
1 KB
Script
General
Full URL
https://js.hs-scripts.com/5152848.js?_=1700387376589
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/app.bundle.js?bb4f9bd503d61c06ad72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43de7d0213c1255f6353f598db49c142ae72e6ebbbb8449438ff4b138b814240
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
7e7cbcc3-5d46-490d-994c-e1dab1d4357a
x-envoy-upstream-service-time
4
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
7e7cbcc3-5d46-490d-994c-e1dab1d4357a
last-modified
Sun, 19 Nov 2023 09:49:36 GMT
server
cloudflare
x-trace
2BADE9219793D3635E65545AFC8262B8461CC4C398000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://creators.lootlabs.gg
x-evy-trace-virtual-host
all
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-66c9b4c4f4-jv5jc
cf-ray
82878b5158f59006-FRA
expires
Sun, 19 Nov 2023 09:50:36 GMT
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=vcRecaptchaApiLoaded&render=explicit
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/vendor.bundle.js?bb4f9bd503d61c06ad72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8992663dbb9e3e3e935b0f649208a4765c8d028efddb4f46bda8fbb3ceb4afc0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2023 09:49:36 GMT
5152848.js
js.hs-scripts.com/
1 KB
786 B
Script
General
Full URL
https://js.hs-scripts.com/5152848.js?_=1700387376590
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/app.bundle.js?bb4f9bd503d61c06ad72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43de7d0213c1255f6353f598db49c142ae72e6ebbbb8449438ff4b138b814240
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
83986841-01d0-4a58-92a7-c19f56495205
x-envoy-upstream-service-time
3
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
83986841-01d0-4a58-92a7-c19f56495205
last-modified
Sun, 19 Nov 2023 09:49:37 GMT
server
cloudflare
x-trace
2BD96CDF3927FFB464EE039007C96AA99CC66223ED000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://creators.lootlabs.gg
x-evy-trace-virtual-host
all
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-66c9b4c4f4-4xxld
cf-ray
82878b5158f79006-FRA
expires
Sun, 19 Nov 2023 09:50:37 GMT
owl.png
creators.lootlabs.gg/assets/images/
129 KB
129 KB
Image
General
Full URL
https://creators.lootlabs.gg/assets/images/owl.png
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b112359ae53880ba9fcf535341bfb2c7b58c8ce827e6e130b683ce8d390be938

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 11:22:06 GMT
Via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
80851
ETag
"af9a7032041843a0d07872ffd2ce344b"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
131779
X-Amz-Cf-Id
Oybtq6JG2xbxlsNYYeAire4sUFuTiOzQYMQyo_otnsXMKGLi1GFiUQ==
LootLogo.png
creators.lootlabs.gg/assets/images/
9 KB
9 KB
Image
General
Full URL
https://creators.lootlabs.gg/assets/images/LootLogo.png
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eefcdcfb8f47434ee099ac414a07fbe080ac68036d97b704b4a4b7f779e1d03b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 11:22:06 GMT
Via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:33 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
80851
ETag
"50e68e7263fa5c9e64ceeb4f51a5d291"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8947
X-Amz-Cf-Id
yEuGvZAJIt-EE-tksR9F8Kt5dJNNyu2iL_d5mCM23q353E6y4fk24Q==
LootLogoW.svg
creators.lootlabs.gg/assets/images/
11 KB
5 KB
Image
General
Full URL
https://creators.lootlabs.gg/assets/images/LootLogoW.svg
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18322923c549654480d64419d42f29239d9e6248ea4d29bc3590f655f0116b4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 11:22:06 GMT
Content-Encoding
br
Via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
Last-Modified
Mon, 13 Nov 2023 14:56:33 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Age
80851
ETag
W/"63dc81b77dcc557ae2e5ecd8753c34d8"
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
txI4nbtZe2wD5pbk_g4QOOGFq74JBIZ1EJt5MEgnYeqEASuWxmal0g==
1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4TbMDrMfIA.woff2
fonts.gstatic.com/s/comfortaa/v45/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4TbMDrMfIA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Comfortaa:wght@300&family=Noto+Sans+JP&family=Poppins:ital,wght@0,700;1,300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
926aa0e47ef4e61ff82fd610113ff104a753ba490e3be94f0f83fafeb4fe770f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://creators.lootlabs.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 05:57:51 GMT
x-content-type-options
nosniff
age
100305
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13280
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:50:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 05:57:51 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,300italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://creators.lootlabs.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 08:19:37 GMT
x-content-type-options
nosniff
age
91799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 08:19:37 GMT
client.js
client.crisp.chat/static/javascripts/
409 KB
102 KB
Script
General
Full URL
https://client.crisp.chat/static/javascripts/client.js?2a31867
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cd61bd91993d28eaef0d5f4848883c5f7fefb374a9ad426ab1a8217197520a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
60152
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 24 Aug 2023 11:12:52 GMT
server
cloudflare
etag
W/"64e73b34-6650b"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
82878b517b7fbbe9-FRA
access-control-allow-headers
Content-Type, Origin
expires
Wed, 16 Nov 2033 09:49:36 GMT
client_default.css
client.crisp.chat/static/stylesheets/
355 KB
48 KB
Stylesheet
General
Full URL
https://client.crisp.chat/static/stylesheets/client_default.css?2a31867
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2d3558739feb95efa4e0bc726230b4191d376d3cd50f7ce4f85b99aef98cb45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
60152
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 17 Nov 2023 17:06:04 GMT
server
cloudflare
etag
W/"65579d7c-58c0e"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
82878b517b7ebbe9-FRA
access-control-allow-headers
Content-Type, Origin
expires
Wed, 16 Nov 2033 09:49:36 GMT
collect
www.google-analytics.com/j/
16 B
164 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=357754495&t=pageview&_s=1&dl=https%3A%2F%2Fcreators.lootlabs.gg%2F&ul=en-us&de=UTF-8&dt=Creator%20Panel%20-%20LootLabs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=1393233806&gjid=1053868017&cid=623674462.1700387377&tid=UA-74844350-3&_gid=266434180.1700387377&_r=1&_slc=1&z=374439379
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/vendor.bundle.js?bb4f9bd503d61c06ad72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aaab9ae13e6da96c598b46f28f6cf5ae4beb59a5990355848ceba011bacf74a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://creators.lootlabs.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://creators.lootlabs.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
16 B
82 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=357754495&t=pageview&_s=1&dl=https%3A%2F%2Fcreators.lootlabs.gg%2F&ul=en-us&de=UTF-8&dt=Creator%20Panel%20-%20LootLabs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=1492013369&gjid=1572897303&cid=623674462.1700387377&tid=UA-74844350-4&_gid=266434180.1700387377&_r=1&_slc=1&z=1702621016
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/vendor.bundle.js?bb4f9bd503d61c06ad72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a0dea2f8d7512c340efcec39af8937ebd7793153849b671c77443faf904d5347
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://creators.lootlabs.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://creators.lootlabs.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
194 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=357754495&t=pageview&_s=2&dl=https%3A%2F%2Fcreators.lootlabs.gg%2F&dp=%2Flogin%3Freturn_url%3Dhttps%25253A%25252F%25252Fcreators.lootlabs.gg%25252F%252523%25252F&ul=en-us&de=UTF-8&dt=login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACACI~&jid=&gjid=&cid=623674462.1700387377&tid=UA-74844350-3&_gid=266434180.1700387377&cd1=1.54.0&z=554278907
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 08:57:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3104
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 5A29
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=lootlabs.gg&sn=ChromeSyncframe&so=0&topUrl=creators.lootlabs.gg&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=S6pZNnxGb0d0Z1NCTjlGd2k1T0hnTjlQNk5mSUlsdjJ3N1krTDZZdnRYU09QWXJpZmlwSEd2b0k0ZElMK3p6VkpXV1g1anNFUmhnRWNXaWR0QTdxeFZoOGZNaVRPYzg2bjlqeGRrY0xKbDB2d1dNWWNrY1lNQjhwd3hHSV...
441 B
670 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=S6pZNnxGb0d0Z1NCTjlGd2k1T0hnTjlQNk5mSUlsdjJ3N1krTDZZdnRYU09QWXJpZmlwSEd2b0k0ZElMK3p6VkpXV1g1anNFUmhnRWNXaWR0QTdxeFZoOGZNaVRPYzg2bjlqeGRrY0xKbDB2d1dNWWNrY1lNQjhwd3hHSVUvOU5wYWdQeDZEazdXN3BlcEdSekhVN1N1bVZDemxIakdnR3BHbE9Ha05BWHpnNDcyMkhRTThCMlNXS0ovUEZpZEJGNnFVbHNiZy9lQ1hPdk9oZ0F5ZEZjclFEdTRhNmUwVlhMbGs3L3lCSTRWa0VuaVJmWUsvN1M3NEhJcDJQYUJ0V1FZbFYwRzZEbzExQWFPYzAyWUNqU0FleEg1QnpNWWR1RFpWREFpMFczdDZ0Z2I1TT18&cppv=2
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
139fdcdf284498eb999fc3e4488eeba97186c4797724d4d14d99bc62c416820d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:36 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1142311
expires
0

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:35 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=S6pZNnxGb0d0Z1NCTjlGd2k1T0hnTjlQNk5mSUlsdjJ3N1krTDZZdnRYU09QWXJpZmlwSEd2b0k0ZElMK3p6VkpXV1g1anNFUmhnRWNXaWR0QTdxeFZoOGZNaVRPYzg2bjlqeGRrY0xKbDB2d1dNWWNrY1lNQjhwd3hHSVUvOU5wYWdQeDZEazdXN3BlcEdSekhVN1N1bVZDemxIakdnR3BHbE9Ha05BWHpnNDcyMkhRTThCMlNXS0ovUEZpZEJGNnFVbHNiZy9lQ1hPdk9oZ0F5ZEZjclFEdTRhNmUwVlhMbGs3L3lCSTRWa0VuaVJmWUsvN1M3NEhJcDJQYUJ0V1FZbFYwRzZEbzExQWFPYzAyWUNqU0FleEg1QnpNWWR1RFpWREFpMFczdDZ0Z2I1TT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
253472
content-length
0
expires
0
collect
stats.g.doubleclick.net/j/
4 B
353 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-74844350-3&cid=623674462.1700387377&jid=1393233806&gjid=1053868017&_gid=266434180.1700387377&_u=IEDAAEAAAAAAACAAI~&z=1253180494
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/vendor.bundle.js?bb4f9bd503d61c06ad72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://creators.lootlabs.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 19 Nov 2023 09:49:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://creators.lootlabs.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
251 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-70P722PS4Z&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
16e038e0b6fe4e4f618ba97ed55ff912d907b6568ff6f9810baca80e7de3853f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86351
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 19 Nov 2023 09:49:36 GMT
collect
stats.g.doubleclick.net/j/
4 B
71 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-74844350-4&cid=623674462.1700387377&jid=1492013369&gjid=1572897303&_gid=266434180.1700387377&_u=IEDAAEABAAAAACAAI~&z=502719793
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/vendor.bundle.js?bb4f9bd503d61c06ad72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://creators.lootlabs.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 19 Nov 2023 09:49:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://creators.lootlabs.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
254 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FQJ0FXNSNP&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3d576a97d380283d5e193b36ff548ad20bdd2dbd9c83665a982ad8439d3d3534
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86167
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 19 Nov 2023 09:49:36 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/
468 KB
188 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vcRecaptchaApiLoaded&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://creators.lootlabs.gg/
Origin
https://creators.lootlabs.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 00:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192016
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Nov 2024 00:15:07 GMT
event
sslwidget.criteo.com/
10 KB
5 KB
Script
General
Full URL
https://sslwidget.criteo.com/event?a=63108&v=5.20.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3D%255B1%252C2%252C3%252C4%252C5%252C6%255D&p3=e%3Ddis&adce=1&bundle=TICrMl9MRCUyRlFkcUxBaEdwV2JyOXElMkZVdW1uSEdqJTJGQWkzeVFJc3pBMkhXaVNhZTA1c3MlMkZudkVJMTNIY0RpV2Q0THd0bG96JTJCQ1ZyWmZDMzR0MG5JMnhmWEo3UkxUMHhvWTFPSzI0V2IxZWJUYTl4dE1aJTJGUDIwWHowdjBNWFVBUlZzMGlGcUhWMTZWYUtyNnVnTHBDNHdaaXpGZ0ElM0QlM0Q&tld=lootlabs.gg&fu=https%253A%252F%252Fcreators.lootlabs.gg%252F%2523%252Flogin%253Freturn_url%253Dhttps%2525253A%2525252F%2525252Fcreators.lootlabs.gg%2525252F%25252523%2525252F&ceid=4cd4fc3f-f625-49c1-9db0-fb76c6b71400&dtycbr=14066
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1e89885e6873847dee612794d5dde7a8a5f1250b69e98787cdfb97bcade4a965
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
9656710
timing-allow-origin
*
expires
0
/
client.crisp.chat/settings/website/5ef1246f-adac-4404-a545-4de54eed0cc9/prelude/
212 B
544 B
Script
General
Full URL
https://client.crisp.chat/settings/website/5ef1246f-adac-4404-a545-4de54eed0cc9/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2023-10-19-10-49
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?2a31867
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c77efe55b9f02375ae47088271516ef481b5d30adb2a29cd866a2b734b4e5b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 19 Nov 2023 09:49:37 GMT
server
cloudflare
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
82878b522eac9250-FRA
access-control-allow-headers
Content-Type, Origin
expires
Sun, 19 Nov 2023 13:49:37 GMT
banner.js
js.hs-banner.com/v2/5152848/
65 KB
20 KB
Script
General
Full URL
https://js.hs-banner.com/v2/5152848/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5152848.js?_=1700387376589
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6643b81fca2b37bc8da686914f7975a4dacbfbeebed8853dd71f56ff6960b21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:37 GMT
x-amz-version-id
FGYp78FJSpb.A2P_B2eoudW5gnbjD1tK
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
8VEG2E4C098HVDCK
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
53a88c3a-f46a-427e-907a-569ad59d2311
x-envoy-upstream-service-time
38
x-amz-id-2
Mm+WhrMXBkeqe+2b+oUTwYpXMmRf7EeAgH/YbcislkqV7GQ7gjsVpIwM5gAdFixEtnl35UWWUSE=
x-evy-trace-listener
listener_https
x-request-id
53a88c3a-f46a-427e-907a-569ad59d2311
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 18 Oct 2023 16:27:52 GMT
server
cloudflare
etag
W/"c144acf9625aa5c3f134cd545b0e470d"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://panel.ad-maven.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-576b4d6667-pljn2
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
82878b524a6d9b63-FRA
expires
Sun, 19 Nov 2023 09:54:37 GMT
5152848.js
js.hs-analytics.net/analytics/1700387100000/
66 KB
21 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1700387100000/5152848.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5152848.js?_=1700387376589
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdc753a33edfcd01e7c1926190bc63f091cb2ca41469e59a40c7fcb2f7b297d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:37 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
DVMR1NNJT0J6CT4T
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
170e899d-7d35-4515-85c1-39ecce96661d
x-envoy-upstream-service-time
17
x-amz-id-2
1LfYiAj1UQH1IdYJd9IY0qoZYUyFa+eAw9lggxuqy9tx3W9irCOirvm9vavvuCiQLiZEBvn9h7E=
x-evy-trace-listener
listener_https
x-request-id
170e899d-7d35-4515-85c1-39ecce96661d
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 15 Nov 2023 17:20:44 GMT
server
cloudflare
etag
W/"908003187d31bbd775bde3de9d1c7d2d"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6849bc8697-28qjm
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
82878b5248bf65bd-FRA
expires
Sun, 19 Nov 2023 09:54:37 GMT
collectedforms.js
js.hscollectedforms.net/
69 KB
25 KB
Script
General
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5152848.js?_=1700387376589
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:5a9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
200cef31a4664eb38f1293062efc3d5acf8e769cc27242418b198a0aa4b20492
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://creators.lootlabs.gg/
Origin
https://creators.lootlabs.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:37 GMT
x-amz-version-id
XYPPFvciWFKtpS2hNgrEqmNT6fxOdL.H
via
1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
41dcbbb2-830c-42f9-ad6e-d1ceafaf0a77
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.433/bundles/project.js&cfRay=82878b525da990e2-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
2
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
41dcbbb2-830c-42f9-ad6e-d1ceafaf0a77
last-modified
Mon, 23 Oct 2023 13:11:34 UTC
server
cloudflare
etag
W/"7864f8fd485be672e98358eb894b6fd7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7b7f9459cc-gklfn
cf-ray
82878b525da990e2-FRA
x-amz-cf-id
M-9-f2eJ9Xr2FWg1pCbyNSL25fEN1h2bbwhfMwAXa6ZRaXDSOQ4P5g==
x-hs-target-asset
collected-forms-embed-js/static-1.433/bundles/project.js
ga-audiences
www.google.com/ads/
42 B
108 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-74844350-3&cid=623674462.1700387377&jid=1393233806&_u=IEDAAEAAAAAAACAAI~&z=250843637
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
108 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-74844350-3&cid=623674462.1700387377&jid=1393233806&_u=IEDAAEAAAAAAACAAI~&z=250843637
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
297 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-74844350-4&cid=623674462.1700387377&jid=1492013369&_u=IEDAAEABAAAAACAAI~&z=1790355540
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
409 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-74844350-4&cid=623674462.1700387377&jid=1492013369&_u=IEDAAEABAAAAACAAI~&z=1790355540
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 7268
60 KB
35 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfGzJMlAAAAAIVkD-Xh8p7pkWJb3jIGKs80YPXx&co=aHR0cHM6Ly9jcmVhdG9ycy5sb290bGFicy5nZzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=4fp439dx76mq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
43b29db6ffc241baf887233dd1e6b32a165e419166568cb7dc09e0c07c2e50b3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TliHSTto0u4jGvStw3YQNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://creators.lootlabs.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-TliHSTto0u4jGvStw3YQNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 19 Nov 2023 09:49:37 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
region1.analytics.google.com/g/
0
258 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-FQJ0FXNSNP&gtm=45je3b81v9135259906&_p=1700387376958&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=623674462.1700387377&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fcreators.lootlabs.gg%2F&dt=Creator%20Panel%20-%20LootLabs&sid=1700387377&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1143
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FQJ0FXNSNP&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://creators.lootlabs.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
57 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FQJ0FXNSNP&cid=623674462.1700387377&gtm=45je3b81v9135259906&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FQJ0FXNSNP&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://creators.lootlabs.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
55 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-70P722PS4Z&gtm=45je3b81v9134542138&_p=1700387376958&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=623674462.1700387377&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fcreators.lootlabs.gg%2F&dt=Creator%20Panel%20-%20LootLabs&sid=1700387377&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1154
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-70P722PS4Z&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://creators.lootlabs.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
46 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-70P722PS4Z&cid=623674462.1700387377&gtm=45je3b81v9134542138&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-70P722PS4Z&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://creators.lootlabs.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
108 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FQJ0FXNSNP&cid=623674462.1700387377&gtm=45je3b81v9135259906&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=900502159
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
108 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-70P722PS4Z&cid=623674462.1700387377&gtm=45je3b81v9134542138&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=1520437023
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 7268
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfGzJMlAAAAAIVkD-Xh8p7pkWJb3jIGKs80YPXx&co=aHR0cHM6Ly9jcmVhdG9ycy5sb290bGFicy5nZzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=4fp439dx76mq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Nov 2024 02:29:46 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 7268
468 KB
188 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfGzJMlAAAAAIVkD-Xh8p7pkWJb3jIGKs80YPXx&co=aHR0cHM6Ly9jcmVhdG9ycy5sb290bGFicy5nZzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=4fp439dx76mq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 00:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192016
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Nov 2024 00:15:07 GMT
json
forms.hscollectedforms.net/collected-forms/v1/config/
115 B
437 B
XHR
General
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=5152848&utk=
Requested by
Host: creators.lootlabs.gg
URL: https://creators.lootlabs.gg/vendor.bundle.js?bb4f9bd503d61c06ad72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:5a9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdeba78b46d9016d1fd81131b936dd4357dbf777502117067e948f73e85b2405
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://creators.lootlabs.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
4ffb3382-45b0-4d4a-b210-02a49b9069fa
x-envoy-upstream-service-time
12
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
4ffb3382-45b0-4d4a-b210-02a49b9069fa
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://creators.lootlabs.gg
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7b7f9459cc-xpl98
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
82878b536e4690e2-FRA
truncated
/ Frame 7268
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7268
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7268
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 17:51:47 GMT
x-content-type-options
nosniff
age
57470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 25 Nov 2023 17:51:47 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7268
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfGzJMlAAAAAIVkD-Xh8p7pkWJb3jIGKs80YPXx&co=aHR0cHM6Ly9jcmVhdG9ycy5sb290bGFicy5nZzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=4fp439dx76mq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:26:56 GMT
x-content-type-options
nosniff
age
210161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 23:26:56 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 3B2B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-odAuR4gLZs8dDKMFVtszAsZl7fIF0_ZLEWLipg&google_cm&google_hm=ay1vZEF1UjRnTFpzOGRES01GVnRzekFzWmw3ZklGMF9aT...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-odAuR4gLZs8dDKMFVtszAsZl7fIF0_ZLEWLipg&google_cm=&google_hm=ay1vZEF1UjRnTFpzOGRES01GVnRzekFzWmw3ZklGMF9...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-odAuR4gLZs8dDKMFVtszAsZl7fIF0_ZLEWLipg&google_gid=CAESEJtPJWgRDCSk_ejdKeJSKtY&google_cver=1&google_ula=913071,0
43 B
369 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-odAuR4gLZs8dDKMFVtszAsZl7fIF0_ZLEWLipg&google_gid=CAESEJtPJWgRDCSk_ejdKeJSKtY&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
651562
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-odAuR4gLZs8dDKMFVtszAsZl7fIF0_ZLEWLipg&google_gid=CAESEJtPJWgRDCSk_ejdKeJSKtY&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 3B2B
43 B
147 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-5TZ9XYgLZs8dDKMFVtszAsZl7fKbTBt-zYwhtg&expires=30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.157.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-157-189.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 3B2B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6268217184290594639
43 B
370 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6268217184290594639
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3685757
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
an-x-request-uuid
46989317-4a41-4494-ae79-9a17631eb245
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6268217184290594639
x-proxy-origin
138.199.38.132; 138.199.38.132; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 3B2B
53 B
787 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-je2EYYgLZs8dDKMFVtszAsZl7fLp21cl8G--3Q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 19 Nov 2023 09:49:37 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sun, 19 Nov 2023 09:49:37 GMT
tap.php
pixel.rubiconproject.com/ Frame 3B2B
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-ygTp1ogLZs8dDKMFVtszAsZl7fKIs_VcAJ9wsg&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
ef823186f233724f4775c0c4b9549d14
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame 3B2B
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-oRqq6YgLZs8dDKMFVtszAsZl7fIU_vOSBPqI7w
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:36 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 3B2B
0
100 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-QoOWCYgLZs8dDKMFVtszAsZl7fLCHVGVH1h7gA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:37 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
11983
um
criteo-sync.teads.tv/ Frame 3B2B
23 B
165 B
Image
General
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-VwlZJogLZs8dDKMFVtszAsZl7fI5_ttl4d1AEQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Sun, 19 Nov 2023 09:49:37 GMT
pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 3B2B
37 B
141 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-gKcTi4gLZs8dDKMFVtszAsZl7fIxkHd9IZdQnA&dongle=013b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 3B2B
0
126 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-MY8PEYgLZs8dDKMFVtszAsZl7fKS6rVIbcBFVw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame 3B2B
43 B
164 B
Image
General
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-e-iVWYgLZs8dDKMFVtszAsZl7fKHZ7zwoMCKog
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:37 GMT
last-modified
Fri, 18 Nov 2022 14:39:11 GMT
server
nginx
accept-ranges
bytes
etag
"6377990f-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 3B2B
49 B
386 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-E9ezYogLZs8dDKMFVtszAsZl7fI56EkyiMkcNQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.45.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-45-246.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 3B2B
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-7Rq1-ogLZs8dDKMFVtszAsZl7fJyZc-gJKpzNQ
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-7Rq1-ogLZs8dDKMFVtszAsZl7fJyZc-gJKpzNQ&C=1
43 B
322 B
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-7Rq1-ogLZs8dDKMFVtszAsZl7fJyZc-gJKpzNQ&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7gY5eplkzrVUTlbRBtp4uS9iGwDjcdy9vR6%2FDDMJopDoAopmOqYsCY0TMxqqYyjwZxyWejvQNAh6BAhjeeCyIe71d82icmb6mmDotFzMOQHlWZ6M%2FibgehQioEOhvmNEBYy"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82878b54bf873a7c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1%2FMbQov2wr9krVrxE59iZCE6LceAe56zJOTT%2FBhBEdBMfnjUDhw60F04BLfnwd3tLVjLxh7gn2sE8OhS%2FX5P1sxMyGHiAC9iwm%2BtBCM57Na8JV%2FWXaX1fM8TXe8lE9aY21j"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=20&external_user_id=k-7Rq1-ogLZs8dDKMFVtszAsZl7fJyZc-gJKpzNQ&C=1
cache-control
no-cache
cf-ray
82878b548f683a7c-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
demconf.jpg
dpm.demdex.net/ Frame 3B2B
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=tWL0Fa3yrVRzEc11s2HUyYZhPYOnyRmr
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=tWL0Fa3yrVRzEc11s2HUyYZhPYOnyRmr
42 B
718 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=tWL0Fa3yrVRzEc11s2HUyYZhPYOnyRmr
Protocol
H2
Server
54.220.63.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-63-108.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-02acf5946.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
eEtFRIXLSIg=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v054-0de8db4a5.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
Hf8/ibMYS8Y=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=tWL0Fa3yrVRzEc11s2HUyYZhPYOnyRmr
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame 3B2B
43 B
921 B
Image
General
Full URL
https://id5-sync.com/s/966/9.gif?puid=k--KGVEIgLZs8dDKMFVtszAsZl7fI5X6A6pvFAog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sun, 19 Nov 2023 09:49:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame 3B2B
43 B
200 B
Image
General
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-koScL4gLZs8dDKMFVtszAsZl7fLmhdL8kCXLxA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.154.185.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-185-105.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 19 Nov 2023 09:49:37 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 3B2B
42 B
275 B
Image
General
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-HZWejIgLZs8dDKMFVtszAsZl7fK_jCB-nJ7iYw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:37 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 3B2B
0
886 B
Image
General
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Rk-67IgLZs8dDKMFVtszAsZl7fIoK_DPXC6bJg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.49.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-49-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:37 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
1017
jadserve.postrelease.com/suid/ Frame 3B2B
43 B
424 B
Image
General
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-mV4JA4gLZs8dDKMFVtszAsZl7fKgH9zMzIzmhQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.190.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-190-90.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 3B2B
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-R0ObOIgLZs8dDKMFVtszAsZl7fLvRQhLNShZTQ&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 09:49:37 GMT
Cache-Control
no-cache
X-TraceId
6a449dd843473cf617501a86381d9fa6
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3B2B
0
226 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-yJEsE4gLZs8dDKMFVtszAsZl7fJpeC2aqlw-VQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 19 Nov 2023 09:49:37 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel_sync
trends.revcontent.com/cm/ Frame 3B2B
0
0
Image
General
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-SQN8yYgLZs8dDKMFVtszAsZl7fInHIjHvsD7mQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.30.9.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-9-87.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

v1
match.sharethrough.com/sync/ Frame 3B2B
0
36 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1wAB3YgLZs8dDKMFVtszAsZl7fKtqbEE-gYtyA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.27.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-27-82.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:37 GMT
sync
criteo-partners.tremorhub.com/ Frame 3B2B
43 B
400 B
Image
General
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-bvzejogLZs8dDKMFVtszAsZl7fJzpyKMXg9kOA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:d5ff:1540:2e33:3aaf Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sun, 19 Nov 2023 09:49:37 GMT
server
nginx
content-type
image/gif
m
ad.yieldlab.net/ Frame 3B2B
0
235 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-p8jKXIgLZs8dDKMFVtszAsZl7fKONI3Z_fB7mA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-192.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Nov 2023 09:49:37 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Sat, 18 Nov 2023 09:49:37 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 3B2B
0
39 B
Image
General
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-5NsFAIgLZs8dDKMFVtszAsZl7fIMMU4cuu5Ssg&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.18.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-18-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:37 GMT
content-length
0
counters.gif
forms.hsforms.com/embed/v3/
35 B
1016 B
Image
General
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eff9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 09:49:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
042938d8-9b78-447c-acd5-04f9548dbc0a
x-envoy-upstream-service-time
2
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
042938d8-9b78-447c-acd5-04f9548dbc0a
Server
cloudflare
X-Trace
2B0DBAC4484A256DF97FF38B362E6354B02C060F32000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-56dcc87b5c-r9zl2
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
82878b556b969010-FRA
webworker.js
www.google.com/recaptcha/api2/ Frame 7268
102 B
135 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfGzJMlAAAAAIVkD-Xh8p7pkWJb3jIGKs80YPXx&co=aHR0cHM6Ly9jcmVhdG9ycy5sb290bGFicy5nZzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=4fp439dx76mq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2023 09:49:37 GMT
sync
ups.analytics.yahoo.com/ups/58301/ Frame 3B2B
0
15 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-MY8PEYgLZs8dDKMFVtszAsZl7fKS6rVIbcBFVw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
ib.adnxs.com/ Frame 3B2B
43 B
858 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-CwG-JogLZs8dDKMFVtszAsZl7fLiXPKYfMQBFQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
an-x-request-uuid
0fa1e321-57c5-475f-a779-c3edc80e5aa4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.132; 138.199.38.132; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 3B2B
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=hT43ykfFhpvE_9-imgmH3bWvNEhEPpyi
0
340 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=hT43ykfFhpvE_9-imgmH3bWvNEhEPpyi
Protocol
H2
Server
54.228.208.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-208-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by
beacon-n022-dub-prod.krxd.net
date
Sun, 19 Nov 2023 09:49:37 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1700387377
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=hT43ykfFhpvE_9-imgmH3bWvNEhEPpyi
date
Sun, 19 Nov 2023 09:49:37 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
6205134
content-length
0
bframe
www.google.com/recaptcha/api2/ Frame 96EF
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfGzJMlAAAAAIVkD-Xh8p7pkWJb3jIGKs80YPXx
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e73ffa77e29b3e149d64edadbe8b193b8c13624f0a45a5d820032c4e1be2dad1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IjBbgNIk6lu1HoNE_yCbkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://creators.lootlabs.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-IjBbgNIk6lu1HoNE_yCbkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 19 Nov 2023 09:49:37 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 96EF
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfGzJMlAAAAAIVkD-Xh8p7pkWJb3jIGKs80YPXx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 02:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Nov 2024 02:29:46 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 96EF
468 KB
188 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfGzJMlAAAAAIVkD-Xh8p7pkWJb3jIGKs80YPXx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 00:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192016
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Nov 2024 00:15:07 GMT
/
client.crisp.chat/settings/website/5ef1246f-adac-4404-a545-4de54eed0cc9/
1 KB
1008 B
Script
General
Full URL
https://client.crisp.chat/settings/website/5ef1246f-adac-4404-a545-4de54eed0cc9/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1684749270131
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?2a31867
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90fa8822814cc5750cfe04064849b293ff6a06c00b406274e64510f1bc230e88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 19 Nov 2023 00:09:25 GMT
server
cloudflare
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
82878b55c9199250-FRA
access-control-allow-headers
Content-Type, Origin
expires
Sun, 19 Nov 2023 13:49:37 GMT
cs
s.thebrighttag.com/ Frame 3B2B
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ubMrx8E7dg1Qm28MMemaBPF0OYc5v8ql
35 B
269 B
Image
General
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ubMrx8E7dg1Qm28MMemaBPF0OYc5v8ql
Protocol
H2
Server
3.16.224.188 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-224-188.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 09:49:37 GMT
x-bt-requestid
f3ed6bd0-86c0-11ee-bca8-0000ac1701a3
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ubMrx8E7dg1Qm28MMemaBPF0OYc5v8ql
date
Sun, 19 Nov 2023 09:49:36 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
883162
content-length
0
en.js
client.crisp.chat/static/javascripts/locales/
7 KB
3 KB
Script
General
Full URL
https://client.crisp.chat/static/javascripts/locales/en.js?2a31867
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?2a31867
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a6e02869074d7293cdda287bc924a3516fc34b36c471ea804a59d914c83aaab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
60141
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 08 Aug 2023 12:01:16 GMT
server
cloudflare
etag
W/"64d22e8c-1c36"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
82878b5699b09250-FRA
access-control-allow-headers
Content-Type, Origin
expires
Wed, 16 Nov 2033 09:49:37 GMT
/
client.crisp.chat/settings/website/5ef1246f-adac-4404-a545-4de54eed0cc9/prelude/
212 B
508 B
Script
General
Full URL
https://client.crisp.chat/settings/website/5ef1246f-adac-4404-a545-4de54eed0cc9/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2023-10-19-10-49
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?2a31867
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c77efe55b9f02375ae47088271516ef481b5d30adb2a29cd866a2b734b4e5b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 19 Nov 2023 09:49:37 GMT
server
cloudflare
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
82878b577a269250-FRA
access-control-allow-headers
Content-Type, Origin
expires
Sun, 19 Nov 2023 13:49:37 GMT
/
client.crisp.chat/settings/website/5ef1246f-adac-4404-a545-4de54eed0cc9/
1 KB
1008 B
Script
General
Full URL
https://client.crisp.chat/settings/website/5ef1246f-adac-4404-a545-4de54eed0cc9/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1684749270131
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?2a31867
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90fa8822814cc5750cfe04064849b293ff6a06c00b406274e64510f1bc230e88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 19 Nov 2023 09:49:37 GMT
server
cloudflare
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
82878b5a1ba69250-FRA
access-control-allow-headers
Content-Type, Origin
expires
Sun, 19 Nov 2023 13:49:38 GMT
en.js
client.crisp.chat/static/javascripts/locales/
7 KB
3 KB
Script
General
Full URL
https://client.crisp.chat/static/javascripts/locales/en.js?2a31867
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?2a31867
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a6e02869074d7293cdda287bc924a3516fc34b36c471ea804a59d914c83aaab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
60142
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 08 Aug 2023 12:01:16 GMT
server
cloudflare
etag
W/"64d22e8c-1c36"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
82878b5a2bb09250-FRA
access-control-allow-headers
Content-Type, Origin
expires
Wed, 16 Nov 2033 09:49:38 GMT
truncated
/
881 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
client.crisp.chat/settings/website/5ef1246f-adac-4404-a545-4de54eed0cc9/prelude/
212 B
510 B
Script
General
Full URL
https://client.crisp.chat/settings/website/5ef1246f-adac-4404-a545-4de54eed0cc9/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2023-10-19-10-49
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?2a31867
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c77efe55b9f02375ae47088271516ef481b5d30adb2a29cd866a2b734b4e5b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 19 Nov 2023 09:49:37 GMT
server
cloudflare
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
82878b5c8d1e9250-FRA
access-control-allow-headers
Content-Type, Origin
expires
Sun, 19 Nov 2023 13:49:38 GMT
/
client.crisp.chat/settings/website/5ef1246f-adac-4404-a545-4de54eed0cc9/
1 KB
1008 B
Script
General
Full URL
https://client.crisp.chat/settings/website/5ef1246f-adac-4404-a545-4de54eed0cc9/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1684749270131
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?2a31867
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90fa8822814cc5750cfe04064849b293ff6a06c00b406274e64510f1bc230e88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 19 Nov 2023 09:49:37 GMT
server
cloudflare
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
82878b5dde259250-FRA
access-control-allow-headers
Content-Type, Origin
expires
Sun, 19 Nov 2023 13:49:38 GMT
en.js
client.crisp.chat/static/javascripts/locales/
7 KB
3 KB
Script
General
Full URL
https://client.crisp.chat/static/javascripts/locales/en.js?2a31867
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?2a31867
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a6e02869074d7293cdda287bc924a3516fc34b36c471ea804a59d914c83aaab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://creators.lootlabs.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:49:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
60142
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 08 Aug 2023 12:01:16 GMT
server
cloudflare
etag
W/"64d22e8c-1c36"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
82878b5dfe3c9250-FRA
access-control-allow-headers
Content-Type, Origin
expires
Wed, 16 Nov 2033 09:49:38 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture object| html5 object| Modernizr function| yepnope function| Breakpoints object| $crisp string| CRISP_WEBSITE_ID object| d object| s string| deviceType object| criteo_q string| GoogleAnalyticsObject function| ga object| _0x1cce function| getHostName function| getDomain object| title object| currentBrand object| icon object| brand function| renderBannerVPN function| $ function| jQuery function| webpackJsonp object| jQuery11130670560213636632 object| angular function| _ object| FileAPI object| ZC object| zingchart function| requestAnimFrame function| cancelAnimFrame function| clearAnimFrame object| Rx object| vcRecaptchaApiLoadedCallback function| vcRecaptchaApiLoaded object| Site boolean| $__CRISP_INCLUDED object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| $__CRISP_INSTANCE object| _hsp object| recaptcha object| closure_lm_163588 object| google_tag_manager boolean| _hspb_loaded boolean| _hspb_ran object| __hsCollectedFormsDebug object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hstc_ran string| __hsUserToken

30 Cookies

Domain/Path Name / Value
.criteo.com/ Name: uid
Value: 16fc7ca3-0f37-4dc0-8680-a10fb742c284
.lootlabs.gg/ Name: _ga
Value: GA1.2.623674462.1700387377
.lootlabs.gg/ Name: _gid
Value: GA1.2.266434180.1700387377
.lootlabs.gg/ Name: _gat
Value: 1
.lootlabs.gg/ Name: _gat_combined
Value: 1
.lootlabs.gg/ Name: cto_bundle
Value: TICrMl9MRCUyRlFkcUxBaEdwV2JyOXElMkZVdW1uSEdqJTJGQWkzeVFJc3pBMkhXaVNhZTA1c3MlMkZudkVJMTNIY0RpV2Q0THd0bG96JTJCQ1ZyWmZDMzR0MG5JMnhmWEo3UkxUMHhvWTFPSzI0V2IxZWJUYTl4dE1aJTJGUDIwWHowdjBNWFVBUlZzMGlGcUhWMTZWYUtyNnVnTHBDNHdaaXpGZ0ElM0QlM0Q
.lootlabs.gg/ Name: _ga_FQJ0FXNSNP
Value: GS1.2.1700387377.1.0.1700387377.60.0.0
.lootlabs.gg/ Name: _ga_70P722PS4Z
Value: GS1.2.1700387377.1.1.1700387377.60.0.0
.adnxs.com/ Name: uuid2
Value: 6268217184290594639
.doubleclick.net/ Name: IDE
Value: AHWqTUn6OFSLBYjrFTbslMlOAl8itNfwPLVgLInjVjrSWqYwjHrt9F0Ji9yyz3W3VYA
.casalemedia.com/ Name: CMID
Value: ZVnaMf87y3MqXzvxfIUGSQAA
.casalemedia.com/ Name: CMPS
Value: 5243
.casalemedia.com/ Name: CMPRO
Value: 5243
.media.net/ Name: visitor-id
Value: 3433889770733219000V10
.media.net/ Name: data-c-ts
Value: 1700387377
.media.net/ Name: data-c
Value: k-je2EYYgLZs8dDKMFVtszAsZl7fLp21cl8G--3Q~~3
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2In9eS[%6!]tbPl@/D!9hy6]/Cwi4ll2Qc8Q`bjkLW?Vl]j%^Yv#VT6'Hx5guT>pchS@w5uk^z>lnAPpL!8a*bpRz*qF1`*bdgd+tZi[
.demdex.net/ Name: demdex
Value: 43603920074859671012678489006119304763
.dpm.demdex.net/ Name: dpm
Value: 43603920074859671012678489006119304763
.omnitagjs.com/ Name: ayl_visitor
Value: 4aca74686ed6553bea98639561c70b9d
.krxd.net/ Name: _kuid_
Value: P7MqFbCb
.tremorhub.com/ Name: tvid
Value: 216ab1dbc2014133ba34566d695fd393
.tremorhub.com/ Name: tv_UICR
Value: k-bvzejogLZs8dDKMFVtszAsZl7fJzpyKMXg9kOA
.postrelease.com/ Name: opt_out
Value: 1
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22f3cc0120-86c0-11ee-bbff-5d8b0c6527bb%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22f3cc0120-86c0-11ee-bbff-5d8b0c6527bb%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%22f3cc0120-86c0-11ee-bbff-5d8b0c6527bb%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22f3cc0120-86c0-11ee-bbff-5d8b0c6527bb%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-Rk-67IgLZs8dDKMFVtszAsZl7fIoK_DPXC6bJg%22%2C%22version%22%3A%22criteo%22%7D
.lootlabs.gg/ Name: crisp-client%2Fsession%2F5ef1246f-adac-4404-a545-4de54eed0cc9
Value: session_d8e4cf8b-15ea-4e04-833d-ab42b521ec01

1 Console Messages

Source Level URL
Text
network error URL: https://be.api.ad-maven.com/api/lootlabs_users?publisher_id=undefined
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.yieldlab.net
be.api.ad-maven.com
beacon.krxd.net
client.crisp.chat
cm.adform.net
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
creators.lootlabs.gg
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d2gt9oovykfp1z.cloudfront.net
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hsforms.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.thebrighttag.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
trends.revcontent.com
ups.analytics.yahoo.com
use.fontawesome.com
visitor.omnitagjs.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
104.18.36.155
141.226.228.48
141.95.98.64
142.250.186.98
178.250.1.9
18.158.157.189
18.184.49.101
18.66.147.109
18.66.147.18
185.64.191.210
185.86.138.151
185.89.211.12
2001:4860:4802:32::36
23.32.185.192
23.32.185.35
2600:1f18:612b:4232:d5ff:1540:2e33:3aaf
2606:4700:4400::6812:22e5
2606:4700::6810:4fba
2606:4700::6810:bd59
2606:4700::6811:5a9a
2606:4700::6811:eff9
2606:4700::6812:1c5b
2606:4700:e2::ac40:8c0d
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::2008
2a00:1450:4001:827::200a
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9b
2a02:2638:3::3
2a02:2638:3::c
2a04:4e42:600::649
3.125.27.82
3.16.224.188
3.71.149.231
34.117.157.22
34.255.45.246
35.167.190.90
37.157.6.254
52.215.18.230
52.222.232.63
52.30.9.87
54.154.185.105
54.220.63.108
54.228.208.22
54.69.173.230
64.202.112.223
69.173.144.138
76.223.111.18
95.101.148.20
007fda57748b058880e383752f5cd6af6791d40f4951cc563aa1a1f19f5e3fd8
0526b733feef29f9706677021d31d690ecf56d680c788e061167848b828583c7
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08f706840241c29b3b42d1cf66ffc5afcf96f5afd72c5f73e646e611a4038ec8
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
118bc89d45113fced7ccd227a1c2daa6e9d52dd7fa5e7d4f4f5c6b38cea75b53
137a571be29a0d559a56cd7e222f80a2de66df9af172db480d304d359c29af40
139fdcdf284498eb999fc3e4488eeba97186c4797724d4d14d99bc62c416820d
13c7beaa34f624819ea7e97be454a74617adb38acdd52399a25c52e46153bc7f
16e038e0b6fe4e4f618ba97ed55ff912d907b6568ff6f9810baca80e7de3853f
18322923c549654480d64419d42f29239d9e6248ea4d29bc3590f655f0116b4c
1a52d698b3edb98a5df4c0cd3f37b75bdafb310322e4556f14b247e8666d75ab
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1dfe6918463916a51ebb562ca5327c17bc146f8167d5908fbc6e09d55ae9cfff
1e89885e6873847dee612794d5dde7a8a5f1250b69e98787cdfb97bcade4a965
200cef31a4664eb38f1293062efc3d5acf8e769cc27242418b198a0aa4b20492
282f5ce62a678c018c3320502416d91575b7726166837e24fb589aab83a8e334
28584fd4a945f8ed756ff4d2fb0374ba76c81c4fd44e495889c035c94e8fbe63
2d13da0c5fda08dd7703f9cfff5441ec5abc2d834fa0d026e90985744b713903
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3ad72f2407d00b5151977b3f9a35931fecd2b4de5edd348ef059272b31da88d7
3d576a97d380283d5e193b36ff548ad20bdd2dbd9c83665a982ad8439d3d3534
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43b29db6ffc241baf887233dd1e6b32a165e419166568cb7dc09e0c07c2e50b3
43de7d0213c1255f6353f598db49c142ae72e6ebbbb8449438ff4b138b814240
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
46dee4984383cc7d7f612fc11864ded49cb50d7ce96ae6f7b847b0c12d32b122
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f1518271629e38cd5273ea53ffe52343ba1fb8bdb8acc57a095f7926a1e477b
542732601b309a829a663c01096595bee3bf1b7d44f134ec45925b6d29c14083
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
578439ab0a88e3f91ffa81126d2cb78108147de54d6127c388ff392c644052c1
60d4533714169cb40970d4048332e31ab5eeddbd7604be8ebb8bbe196010a5b0
62b9271409c0d41d8f7b2dd63a9da631ce8c3991b48a403bfca0a2739ac91f39
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7cc35691d6c9adfc6ebe4244248da21e323500a89cce81a2b24d3c80b4d8c5a3
7cd61bd91993d28eaef0d5f4848883c5f7fefb374a9ad426ab1a8217197520a2
7e0994beeb497a8a92b6503bd1d91ea360ffe182a62eb3bdaf3173bbb67cea74
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85235e3cae8470d094404440aa4c4082fcfee76115c29ebfa94e83af782d2ba8
8992663dbb9e3e3e935b0f649208a4765c8d028efddb4f46bda8fbb3ceb4afc0
89d46006f74f70b766a9a5ecc12b810189e9a9c5ce33aab1b46802ac5d81260d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a6e02869074d7293cdda287bc924a3516fc34b36c471ea804a59d914c83aaab
8c77efe55b9f02375ae47088271516ef481b5d30adb2a29cd866a2b734b4e5b0
8cf205ff7bc4a6cc2c432a01382fe44ecb9676fab7ab569b95b914e0fbe0a6aa
8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266
90fa8822814cc5750cfe04064849b293ff6a06c00b406274e64510f1bc230e88
926aa0e47ef4e61ff82fd610113ff104a753ba490e3be94f0f83fafeb4fe770f
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0dea2f8d7512c340efcec39af8937ebd7793153849b671c77443faf904d5347
a6643b81fca2b37bc8da686914f7975a4dacbfbeebed8853dd71f56ff6960b21
aaab9ae13e6da96c598b46f28f6cf5ae4beb59a5990355848ceba011bacf74a2
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b112359ae53880ba9fcf535341bfb2c7b58c8ce827e6e130b683ce8d390be938
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d3558739feb95efa4e0bc726230b4191d376d3cd50f7ce4f85b99aef98cb45
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c370dcf8cb26cc55fa6a0e35e19e00ee6d6c9aa771623ea5ba90e2e26b27b3a0
cad8a327abb5826a314b380c44840bb2f5e98b438cad4b0bef58ddc07e5da718
cdc753a33edfcd01e7c1926190bc63f091cb2ca41469e59a40c7fcb2f7b297d9
cdd3a6462e64e825d27b185ac1914b20037a47a6012c8cb95d948e9379bce52c
cdeba78b46d9016d1fd81131b936dd4357dbf777502117067e948f73e85b2405
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
da775ed87057e384a6ef0ab9d4f6c105f6918df01aa68e20cc12bb6ce747eca7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73ffa77e29b3e149d64edadbe8b193b8c13624f0a45a5d820032c4e1be2dad1
eefcdcfb8f47434ee099ac414a07fbe080ac68036d97b704b4a4b7f779e1d03b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fc2e4c954effbff72ea4f594f25ea3b304146d99b9ac85b2870480ec6462d283