web5223.cweb03.gamingweb.de Open in urlscan Pro
45.81.232.16 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://um.lk/HelpINGDesk
Effective URL:
https://web5223.cweb03.gamingweb.de/html/
Submission: On March 18 via manual (March 18th 2020, 11:42:27 pm UTC) from NL

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 28 HTTP transactions. The main IP is 45.81.232.16, located in Germany and belongs to DE-FIRSTCOLO www.first-colo.net, DE. The main domain is web5223.cweb03.gamingweb.de.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 18th 2020. Valid for: 3 months.

This is the only time web5223.cweb03.gamingweb.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	2606:4700:303... 2606:4700:3036::6818:73f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1 2	45.81.232.16 45.81.232.16	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
28	12

11 2606:4700:3036::6818:73f9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

um.lk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.81.232.16 (Germany) 1 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

web5223.cweb03.gamingweb.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	um.lk 1 redirects um.lk	259 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	134 KB
3	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	102 B
2	gamingweb.de 1 redirects web5223.cweb03.gamingweb.de	829 B
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	72 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	gstatic.com fonts.gstatic.com	13 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
28	11

	Domain	Requested by
11	um.lk	1 redirects um.lk
4	pagead2.googlesyndication.com	um.lk pagead2.googlesyndication.com
2	web5223.cweb03.gamingweb.de	1 redirects um.lk
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	um.lk
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	fonts.gstatic.com	um.lk
1	ajax.googleapis.com	um.lk
1	www.googletagmanager.com	um.lk
1	fonts.googleapis.com	um.lk
28	14

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-06-24` - `2020-06-23`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
web5223.cweb03.gamingweb.de Let's Encrypt Authority X3	`2020-03-18` - `2020-06-16`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://web5223.cweb03.gamingweb.de/html/
Frame ID: DEC98BE95E88B3556281E6AC53154A61
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200316/r20190131/zrt_lookup.html
Frame ID: 84816DD8C2E67F5A12DF877491C487EE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8007658192093770&output=html&adk=1812271804&adf=3025194257&lmt=1584574930&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fum.lk%2FHelpINGDesk&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1584574930861&bpp=11&bdt=554&fdt=52&idt=53&shv=r20200316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3449541409963&frm=20&pv=2&ga_vid=1606909039.1584574931&ga_sid=1584574931&ga_hid=922626852&ga_fc=0&iag=0&icsg=35471&dssz=11&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=202551078275874&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=66
Frame ID: D3E9F5FBD1411ACFF0637E046832DC22
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 7233DF07DFD2309A60053BEB6697ACDD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://um.lk/HelpINGDesk HTTP 307
https://um.lk/HelpINGDesk Page URL
http://web5223.cweb03.gamingweb.de/html/ HTTP 301
https://web5223.cweb03.gamingweb.de/html/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

28
Requests

100 %
HTTPS

92 %
IPv6

11
Domains

14
Subdomains

12
IPs

3
Countries

553 kB
Transfer

1404 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://um.lk/HelpINGDesk HTTP 307
https://um.lk/HelpINGDesk Page URL
http://web5223.cweb03.gamingweb.de/html/ HTTP 301
https://web5223.cweb03.gamingweb.de/html/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://um.lk/HelpINGDesk HTTP 307
https://um.lk/HelpINGDesk

Request Chain 20

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=922626852&t=pageview&_s=1&dl=https%3A%2F%2Fum.lk%2FHelpINGDesk&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1984684139&gjid=371281069&cid=1606909039.1584574931&tid=UA-73553327-24&_gid=2067285139.1584574931&_r=1&gtm=2ou3b2&z=1244422193 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73553327-24&cid=1606909039.1584574931&jid=1984684139&_gid=2067285139.1584574931&gjid=371281069&_v=j81&z=1244422193

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

HelpINGDesk Show response
um.lk/
Redirect Chain

http://um.lk/HelpINGDesk
https://um.lk/HelpINGDesk

4 KB
1 KB

241ms
219ms

Document
text/html

2606:4700:3036::6818:73f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://um.lk/HelpINGDesk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6818:73f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f11498ca9dc009af5fbf001deb23d1228ff1590b6c2a43a28ce4f0e18bec32d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: um.lk
:scheme: https
:path: /HelpINGDesk
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d29c1140531e81e1a1d5e82300130467b1584574929
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 18 Mar 2020 23:42:10 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=2592000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5762cefffaec0eb3-FRA
content-encoding: br

Redirect headers

Date: Wed, 18 Mar 2020 23:42:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d29c1140531e81e1a1d5e82300130467b1584574929; expires=Fri, 17-Apr-20 23:42:09 GMT; path=/; domain=.um.lk; HttpOnly; SameSite=Lax
Location: https://um.lk/HelpINGDesk
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 5762ceff387fd6e9-FRA

GET
H2 200 css
fonts.googleapis.com/ 2 KB
605 B 23ms
21ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu

Requested by

Host: um.lk
URL: https://um.lk/HelpINGDesk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2807609cb9b031488dcbec6321c8d6ea0ce4da1d197dd0b90089c1c114de7b86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://um.lk/HelpINGDesk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 18 Mar 2020 23:42:10 GMT
server: ESF
date: Wed, 18 Mar 2020 23:42:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 18 Mar 2020 23:42:10 GMT

GET
H2 200 bootstrap.min.css
um.lk/assets/plugins/bootstrap/css/ 118 KB
18 KB 311ms
310ms Stylesheet
text/css 2606:4700:3036::6818:73f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://um.lk/assets/plugins/bootstrap/css/bootstrap.min.css

Requested by

Host: um.lk
URL: https://um.lk/HelpINGDesk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6818:73f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://um.lk/HelpINGDesk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 18 Mar 2020 23:42:10 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Feb 2020 15:52:39 GMT
server: cloudflare
etag: W/"1d5dd05754ee4f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=2592000
cf-ray: 5762cf027fb20eb3-FRA

GET
H2 200 font-awesome.min.css
um.lk/assets/plugins/font-awesome/css/ 30 KB
7 KB 512ms
511ms Stylesheet
text/css 2606:4700:3036::6818:73f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://um.lk/assets/plugins/font-awesome/css/font-awesome.min.css

Requested by

Host: um.lk
URL: https://um.lk/HelpINGDesk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6818:73f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://um.lk/HelpINGDesk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 18 Mar 2020 23:42:10 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Feb 2020 15:54:27 GMT
server: cloudflare
etag: W/"1d5dd05b5aec298"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=2592000
cf-ray: 5762cf027fb30eb3-FRA

GET
H2 200 space.min.css
um.lk/assets/css/ 57 KB
11 KB 304ms
303ms Stylesheet
text/css 2606:4700:3036::6818:73f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://um.lk/assets/css/space.min.css

Requested by

Host: um.lk
URL: https://um.lk/HelpINGDesk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6818:73f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

762a2b4947a1d78a7e1587db563a31eca673594cbb606cb2e1a4a7f3d0537051

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://um.lk/HelpINGDesk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 18 Mar 2020 23:42:10 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Feb 2020 15:48:19 GMT
server: cloudflare
etag: W/"1d5dd04da56872f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=2592000
cf-ray: 5762cf027fb50eb3-FRA

GET
H2 200 animate.css
um.lk/assets/css/ 76 KB
5 KB 275ms
274ms Stylesheet
text/css 2606:4700:3036::6818:73f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://um.lk/assets/css/animate.css

Requested by

Host: um.lk
URL: https://um.lk/HelpINGDesk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6818:73f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6bd510fcb0a3e7e274824c8272223a2d9d664ce6634559f18200f9fc0bb4371

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://um.lk/HelpINGDesk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 18 Mar 2020 23:42:10 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Feb 2020 15:48:16 GMT
server: cloudflare
etag: W/"1d5dd04d88d8fbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=2592000
cf-ray: 5762cf027fb60eb3-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-73553327-24

Requested by

Host: um.lk
URL: https://um.lk/HelpINGDesk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

edb8d41a0007b1ad9384509fd2c9bb8208f0fb88575f591a9a18e49ebdea11f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://um.lk/HelpINGDesk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 23:42:10 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28655
x-xss-protection: 0
last-modified: Wed, 18 Mar 2020 23:24:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Mar 2020 23:42:10 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
39 KB 43ms
28ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: um.lk
URL: https://um.lk/HelpINGDesk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eb1b403e1d642ccc9dda714e9f820bd7d35b358ec9165912ea9b845e4cef9b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://um.lk/HelpINGDesk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 23:42:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 38947
x-xss-protection: 0
server: cafe
etag: 11571430207902647081
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 18 Mar 2020 23:42:10 GMT

GET
H2 200 no-records-found.jpg
um.lk/assets/images/ 24 KB
24 KB 250ms
250ms Image
image/jpeg 2606:4700:3036::6818:73f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.lk/assets/images/no-records-found.jpg

Requested by

Host: um.lk
URL: https://um.lk/HelpINGDesk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6818:73f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1a385dca1eb9a03a221805291827937b023f9e37f5340857d8155599a953624

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://um.lk/HelpINGDesk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 23:42:10 GMT
cf-cache-status: MISS
last-modified: Thu, 06 Feb 2020 15:48:28 GMT
server: cloudflare
etag: "1d5dd04dfb3f1ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=2592000
accept-ranges: bytes
cf-ray: 5762cf040b7a0eb3-FRA
content-length: 24492

GET
H2 200 loading.gif
um.lk/assets/images/ 88 KB
88 KB 278ms
278ms Image
image/gif 2606:4700:3036::6818:73f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.lk/assets/images/loading.gif

Requested by

Host: um.lk
URL: https://um.lk/HelpINGDesk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6818:73f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c324fa2149b58d8fb0a8f20267e9b2f8abd442dc377a963cd2d295037a427eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://um.lk/HelpINGDesk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 23:42:10 GMT
cf-cache-status: MISS
last-modified: Thu, 06 Feb 2020 15:48:25 GMT
server: cloudflare
etag: "1d5dd04dde88af0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=2592000
accept-ranges: bytes
cf-ray: 5762cf041b950eb3-FRA
content-length: 90224

GET
H2 200 angular.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.7.4/ 288 KB
72 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.7.4/angular.min.js

Requested by

Host: um.lk
URL: https://um.lk/HelpINGDesk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f581b61f25ee3f4c4789253b4315cc40a633f22bba65e0e9ad059e73b070fd12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://um.lk/HelpINGDesk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 10 Mar 2020 23:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 690491
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 73208
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Mar 2021 23:53:59 GMT

GET
H2 200 jquery-3.1.0.min.js Show response
um.lk/assets/plugins/jquery/ 84 KB
29 KB 207ms
207ms Script
application/javascript 2606:4700:3036::6818:73f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://um.lk/assets/plugins/jquery/jquery-3.1.0.min.js

Requested by

Host: um.lk
URL: https://um.lk/HelpINGDesk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6818:73f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://um.lk/HelpINGDesk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 23:42:10 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 06 Feb 2020 15:51:43 GMT
server: cloudflare
etag: W/"1d5dd0553ef00cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=2592000
cf-ray: 5762cf02c8740eb3-FRA

GET
H2 200 redirect-main.js Show response
um.lk/assets/js/ 412 B
349 B 191ms
190ms Script
application/javascript 2606:4700:3036::6818:73f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://um.lk/assets/js/redirect-main.js?vs=3

Requested by

Host: um.lk
URL: https://um.lk/HelpINGDesk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6818:73f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20b142522bac4411a2e695009d02e7875de0a24343ebbb2843118811dedea2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://um.lk/HelpINGDesk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 23:42:10 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Feb 2020 15:48:52 GMT
server: cloudflare
etag: W/"1d5dd04ee01cb9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=2592000
cf-ray: 5762cf02d8be0eb3-FRA

GET
H2 200 4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v14/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v14/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2

Requested by

Host: um.lk
URL: https://um.lk/HelpINGDesk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Ubuntu
Origin: https://um.lk
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Mar 2020 07:32:03 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:17:45 GMT
server: sffe
age: 1095007
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13720
x-xss-protection: 0
expires: Sat, 06 Mar 2021 07:32:03 GMT

GET
H2 200 fontawesome-webfont.woff2
um.lk/assets/plugins/font-awesome/fonts/ 75 KB
76 KB 243ms
242ms Font
font/woff2 2606:4700:3036::6818:73f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://um.lk/assets/plugins/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: um.lk
URL: https://um.lk/HelpINGDesk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6818:73f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://um.lk/assets/plugins/font-awesome/css/font-awesome.min.css
Origin: https://um.lk
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Mar 2020 23:42:11 GMT
cf-cache-status: MISS
last-modified: Thu, 06 Feb 2020 15:54:57 GMT
server: cloudflare
etag: "1d5dd05c79173e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=2592000
accept-ranges: bytes
cf-ray: 5762cf05df3c0eb3-FRA
content-length: 77160

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=um.lk

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://um.lk/HelpINGDesk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 23:42:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=um.lk

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://um.lk/HelpINGDesk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 23:42:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/ 224 KB
84 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a369e130c680ce4782af107acfcac873193d111897fb92351f12453ea11a19e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://um.lk/HelpINGDesk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 23:42:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 85397
x-xss-protection: 0
server: cafe
etag: 2345445785748755544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Mar 2020 23:42:10 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200316/r20190131/ Frame 8481 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200316/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://um.lk/HelpINGDesk
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://um.lk/HelpINGDesk

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 17 Mar 2020 01:35:31 GMT
expires: Tue, 31 Mar 2020 01:35:31 GMT
content-type: text/html; charset=UTF-8
etag: 17714563530871986051
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4497
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 165999
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-73553327-24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://um.lk/HelpINGDesk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 4118
date: Wed, 18 Mar 2020 22:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Thu, 19 Mar 2020 00:33:32 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=922626852&t=pageview&_s=1&dl=https%3A%2F%2Fum.lk%2FHelpINGDesk&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=19...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73553327-24&cid=1606909039.1584574931&jid=1984684139&_gid=2067285139.1584574931&gjid=371281069&_v=j81&z=1244422193

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73553327-24&cid=1606909039.1584574931&jid=1984684139&_gid=2067285139.1584574931&gjid=371281069&_v=j81&z=1244422193

Requested by

Host: um.lk
URL: https://um.lk/HelpINGDesk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://um.lk/HelpINGDesk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Wed, 18 Mar 2020 23:42:10 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Mar 2020 23:42:10 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73553327-24&cid=1606909039.1584574931&jid=1984684139&_gid=2067285139.1584574931&gjid=371281069&_v=j81&z=1244422193
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 420
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame D3E9 0
0 23ms
22ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8007658192093770&output=html&adk=1812271804&adf=3025194257&lmt=1584574930&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fum.lk%2FHelpINGDesk&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1584574930861&bpp=11&bdt=554&fdt=52&idt=53&shv=r20200316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3449541409963&frm=20&pv=2&ga_vid=1606909039.1584574931&ga_sid=1584574931&ga_hid=922626852&ga_fc=0&iag=0&icsg=35471&dssz=11&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=202551078275874&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=66

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8007658192093770&output=html&adk=1812271804&adf=3025194257&lmt=1584574930&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fum.lk%2FHelpINGDesk&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1584574930861&bpp=11&bdt=554&fdt=52&idt=53&shv=r20200316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3449541409963&frm=20&pv=2&ga_vid=1606909039.1584574931&ga_sid=1584574931&ga_hid=922626852&ga_fc=0&iag=0&icsg=35471&dssz=11&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=202551078275874&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=66
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://um.lk/HelpINGDesk
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://um.lk/HelpINGDesk

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 18 Mar 2020 23:42:10 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 18-Mar-2020 23:57:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

909009056877bdbc198a45c7adec7d4b0615aa97d0a4d61ac493472dd0b4a97f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://um.lk/HelpINGDesk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 23:42:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1584217929168357"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27546
x-xss-protection: 0
expires: Wed, 18 Mar 2020 23:42:10 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 29ms
17ms XHR
application/json 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200316&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7025902c93b01909a75383dfae4565805ece9d95a1dc44a8153d8cef99f6b707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://um.lk/HelpINGDesk
Origin: https://um.lk
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Mar 2020 23:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5185
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 52ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://um.lk/HelpINGDesk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 23:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Wed, 18 Mar 2020 23:42:11 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 7233 0
0 16ms
16ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://um.lk/HelpINGDesk
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://um.lk/HelpINGDesk

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Wed, 18 Mar 2020 22:57:57 GMT
expires: Thu, 18 Mar 2021 22:57:57 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2654
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
123 B 14ms
14ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200316&jk=202551078275874&bg=!CQqlChJY58ULHpc8dWICAAAAMVIAAAAKmQFROX39IWPQIsKxDgu8QmMhvybz4vua2kK7FLmmdEYXCi1rDKGZZbRnttVemTDdJ-7h8j3U6g3YfU9_yheyqNjW-cuw0TLGao2YLTcLP_wncmfogTaj1hFk1dfhq5cBxKpY6_xi-y3hDl-tjkc286knZP_7ZSF08hjfoHVWvjjjnj1Ofp6OB28r1h0CsAWPh7nSdL5_pevgDJFlVHrXzb_SBCmxPok1zeVv98-st44AQyEAXy4pRTS7wRO6cFLt4Tv1XZohcXItJwdqO2sqI2dzWAyXdKYhvZ4iMVAyDZ87SW4nlr6M9aCdIgevMO537FpwCLJ0EsYgO5U7qBqD_HUNdKvyspK2FFQ4a1R12A9Oy5Dnw9-8VBqDUAMH4jjUn7jLKaQBay7926swC_d5WpXsHyMK9wrB1yjkKc031oGVZBRYfd_OG-LErmpspN8zbAsNZQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://um.lk/HelpINGDesk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 18 Mar 2020 23:42:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

502

Primary Request / Show response
web5223.cweb03.gamingweb.de/html/
Redirect Chain

http://web5223.cweb03.gamingweb.de/html/
https://web5223.cweb03.gamingweb.de/html/

552 B
620 B

76ms
24ms

Document
text/html

45.81.232.16
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://web5223.cweb03.gamingweb.de/html/
Requested by: Host: um.lk
URL: https://um.lk/assets/js/redirect-main.js?vs=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.81.232.16 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 5fd55da8747d933410bb637571802aca2eedf3314039722e2b9d6f37afdad97e

Request headers

:method: GET
:authority: web5223.cweb03.gamingweb.de
:scheme: https
:path: /html/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://um.lk/HelpINGDesk

Response headers

status: 502
server: nginx
date: Wed, 18 Mar 2020 23:42:16 GMT
content-type: text/html
content-length: 552

Redirect headers

Server: nginx
Date: Wed, 18 Mar 2020 23:42:16 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://web5223.cweb03.gamingweb.de/html/

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
stats.g.doubleclick.net
tpc.googlesyndication.com
um.lk
web5223.cweb03.gamingweb.de
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
2606:4700:3036::6818:73f9
2a00:1450:4001:814::200e
2a00:1450:4001:815::2003
2a00:1450:4001:815::200a
2a00:1450:4001:817::2008
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::200a
2a00:1450:4001:81b::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81d::2002
2a00:1450:400c:c0c::9d
45.81.232.16
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0f11498ca9dc009af5fbf001deb23d1228ff1590b6c2a43a28ce4f0e18bec32d
20b142522bac4411a2e695009d02e7875de0a24343ebbb2843118811dedea2ea
2807609cb9b031488dcbec6321c8d6ea0ce4da1d197dd0b90089c1c114de7b86
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
5eb1b403e1d642ccc9dda714e9f820bd7d35b358ec9165912ea9b845e4cef9b2
5fd55da8747d933410bb637571802aca2eedf3314039722e2b9d6f37afdad97e
7025902c93b01909a75383dfae4565805ece9d95a1dc44a8153d8cef99f6b707
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
762a2b4947a1d78a7e1587db563a31eca673594cbb606cb2e1a4a7f3d0537051
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
909009056877bdbc198a45c7adec7d4b0615aa97d0a4d61ac493472dd0b4a97f
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
a1a385dca1eb9a03a221805291827937b023f9e37f5340857d8155599a953624
a369e130c680ce4782af107acfcac873193d111897fb92351f12453ea11a19e8
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a6bd510fcb0a3e7e274824c8272223a2d9d664ce6634559f18200f9fc0bb4371
c324fa2149b58d8fb0a8f20267e9b2f8abd442dc377a963cd2d295037a427eef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
edb8d41a0007b1ad9384509fd2c9bb8208f0fb88575f591a9a18e49ebdea11f1
f581b61f25ee3f4c4789253b4315cc40a633f22bba65e0e9ad059e73b070fd12
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

web5223.cweb03.gamingweb.de Open in urlscan Pro 45.81.232.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

92 %IPv6

11 Domains

14 Subdomains

12 IPs

3 Countries

553 kBTransfer

1404 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

web5223.cweb03.gamingweb.de Open in urlscan Pro
45.81.232.16 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

92 %
IPv6

11
Domains

14
Subdomains

12
IPs

3
Countries

553 kB
Transfer

1404 kB
Size

0
Cookies

28 HTTP transactions
0 data transactions