sergequek.com Open in urlscan Pro
192.185.79.238 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://sergequek.com/amex-koks/
Submission: On January 05 via manual (January 5th 2022, 5:33:17 am UTC) from US — Scanned from DE

Summary HTTP 28 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 14 domains to perform 28 HTTP transactions. The main IP is 192.185.79.238, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is sergequek.com.

This is the only time sergequek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	192.185.79.238 192.185.79.238	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 9	23.45.236.85 23.45.236.85	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:26f0:6c0... 2a02:26f0:6c00:28a::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
6 6	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6b:... 2a02:26f0:6b::5f64:615a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1 3	52.16.52.14 52.16.52.14	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
1	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
28	14

3 192.185.79.238 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: ns117.websitewelcome.com

sergequek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.45.236.85 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-236-85.deploy.static.akamaitechnologies.com

www.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:28a::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.244.119 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.230 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6b::5f64:615a (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.16.52.14 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-52-14.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

omns.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

omn.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	americanexpress.com 1 redirects www.americanexpress.com omns.americanexpress.com omn.americanexpress.com	91 KB
8	doubleclick.net 8 redirects cm.g.doubleclick.net ad.doubleclick.net	2 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
3	demdex.net 1 redirects dpm.demdex.net	5 KB
3	google.com 2 redirects adservice.google.com	897 B
3	sergequek.com sergequek.com	9 KB
2	facebook.com www.facebook.com	386 B
2	facebook.net connect.facebook.net	114 KB
2	google.de adservice.google.de	844 B
2	sojern.com 2 redirects pixel.sojern.com	1001 B
2	adobedtm.com assets.adobedtm.com	76 KB
1	licdn.com snap.licdn.com	2 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
1	yahoo.com sp.analytics.yahoo.com	713 B
28	14

	Domain	Requested by
9	www.americanexpress.com	1 redirects sergequek.com
6	ad.doubleclick.net	6 redirects
3	dpm.demdex.net	1 redirects sergequek.com www.americanexpress.com
3	adservice.google.com	2 redirects sergequek.com
3	sergequek.com	sergequek.com
2	www.facebook.com	sergequek.com
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	sergequek.com connect.facebook.net
2	adservice.google.de	sergequek.com
2	cm.g.doubleclick.net	2 redirects
2	pixel.sojern.com	2 redirects
2	assets.adobedtm.com	sergequek.com www.americanexpress.com
1	omn.americanexpress.com	sergequek.com
1	omns.americanexpress.com	www.americanexpress.com
1	px4.ads.linkedin.com	sergequek.com
1	www.linkedin.com	1 redirects
1	snap.licdn.com	sergequek.com
1	www.googletagmanager.com	sergequek.com
1	sp.analytics.yahoo.com	sergequek.com
28	19

This site contains links to these domains. Also see Links.

Domain
www.americanexpress.com
global.americanexpress.com
insurance.americanexpress.com.sg
catalogue.membershiprewards.com.sg
www209.americanexpress.com

Subject Issuer	Validity	Valid
www.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2021-10-08` - `2022-11-08`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-01-12`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
omns.americanexpress.com DigiCert SHA2 Secure Server CA	`2020-02-06` - `2022-02-10`	2 years	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://sergequek.com/amex-koks/
Frame ID: 6272FF3F5032C1E2998B828C85D09C28
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

American Express Singapore | KOKS Booking

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

28
Requests

64 %
HTTPS

44 %
IPv6

14
Domains

19
Subdomains

14
IPs

5
Countries

331 kB
Transfer

1107 kB
Size

21
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.americanexpress.com/sg/?inav=NavLogo

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/dashboard?inav=sg_menu_myacct_acctsum
Title: My Account

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/sg/content/all-cards/?inav=sg_menu_cards_pc_view
Title: Cards

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/sg/travel/travelers-cheques/index.html?inav=sg_menu_travel_cheque
Title: Travel

Search URL Search Domain Scan URL

URL: https://insurance.americanexpress.com.sg/?inav=sg_menu_insurance_all_view
Title: Insurance

Search URL Search Domain Scan URL

URL: https://catalogue.membershiprewards.com.sg/index.mtw?inav=sg_menu_rewards_mr_home
Title: Rewards

Search URL Search Domain Scan URL

URL: https://www209.americanexpress.com/merchant/dashboard/en_SG/home?inav=sg_menu_business_merch_home
Title: Business

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/sg/content/need-help/contact-us.html?inav=sg_utility_help
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/login/en-SG?inav=sg_utility_login
Title: Login

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.americanexpress.com/adobedtm-global/ HTTP 301
https://assets.adobedtm.com/98caf8fccc463fd7e47088b35e73b27720bb5cc1/satelliteLib-bea3c9697c6240996731438f72200c4b82ae0d40.js

Request Chain 10

https://pixel.sojern.com/pixel/img/82510?p_v=1&f_v=v3_image&vid=tou&vf1=[vf1]&vn1=[vn1]&pn=[platcharge] HTTP 307
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=mY00xVJAZoOiXUxWKLVWww&google_nid=sojern__adx_open_bidder_seat&sjrn_id=QSgcMqnVMg_vUI13WCQ0oC5N_nFQiZdHOb4OjEFJid1ldYs0K0k9AyziK7-j8FcQ&sjrn_r=aHR0cHM6Ly9hZC5kb3VibGVjbGljay5uZXQvZGRtL2FjdGl2aXR5L3NyYz01MDU5OTY3O3R5cGU9c2FsZXM7Y2F0PWFnd3h4M2ttO3F0eT0xO2Nvc3Q9MDt1MT07dTE0PSU1QnBsYXRjaGFyZ2UlNUQ7dTE1PSU1QnZmMSU1RDt1MTc9JTVCdm4xJTVEO2RjX2xhdD07ZGNfcmRpZD07dGFnX2Zvcl9jaGlsZF9kaXJlY3RlZF90cmVhdG1lbnQ9O29yZD1bT3JkZXJJRF0&sjrn_ula=499563065 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=mY00xVJAZoOiXUxWKLVWww&google_nid=sojern__adx_open_bidder_seat&sjrn_id=QSgcMqnVMg_vUI13WCQ0oC5N_nFQiZdHOb4OjEFJid1ldYs0K0k9AyziK7-j8FcQ&sjrn_r=aHR0cHM6Ly9hZC5kb3VibGVjbGljay5uZXQvZGRtL2FjdGl2aXR5L3NyYz01MDU5OTY3O3R5cGU9c2FsZXM7Y2F0PWFnd3h4M2ttO3F0eT0xO2Nvc3Q9MDt1MT07dTE0PSU1QnBsYXRjaGFyZ2UlNUQ7dTE1PSU1QnZmMSU1RDt1MTc9JTVCdm4xJTVEO2RjX2xhdD07ZGNfcmRpZD07dGFnX2Zvcl9jaGlsZF9kaXJlY3RlZF90cmVhdG1lbnQ9O29yZD1bT3JkZXJJRF0&sjrn_ula=499563065&google_tc= HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=QSgcMqnVMg_vUI13WCQ0oC5N_nFQiZdHOb4OjEFJid1ldYs0K0k9AyziK7-j8FcQ&sjrn_r=aHR0cHM6Ly9hZC5kb3VibGVjbGljay5uZXQvZGRtL2FjdGl2aXR5L3NyYz01MDU5OTY3O3R5cGU9c2FsZXM7Y2F0PWFnd3h4M2ttO3F0eT0xO2Nvc3Q9MDt1MT07dTE0PSU1QnBsYXRjaGFyZ2UlNUQ7dTE1PSU1QnZmMSU1RDt1MTc9JTVCdm4xJTVEO2RjX2xhdD07ZGNfcmRpZD07dGFnX2Zvcl9jaGlsZF9kaXJlY3RlZF90cmVhdG1lbnQ9O29yZD1bT3JkZXJJRF0&sjrn_ula=499563065&google_gid=CAESENbTjJGrz-MWjouhBFzT6jk&google_cver=1 HTTP 307
https://ad.doubleclick.net/ddm/activity/src=5059967;type=sales;cat=agwxx3km;qty=1;cost=0;u1=;u14=%5Bplatcharge%5D;u15=%5Bvf1%5D;u17=%5Bvn1%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[OrderID] HTTP 302
https://ad.doubleclick.net/ddm/activity/src=5059967;dc_pre=CN7p-7fxmfUCFVfQGAodNHIEBg;type=sales;cat=agwxx3km;qty=1;cost=0;u1=;u14=%5Bplatcharge%5D;u15=%5Bvf1%5D;u17=%5Bvn1%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[OrderID] HTTP 302
https://adservice.google.com/ddm/fls/z/src=5059967;dc_pre=CN7p-7fxmfUCFVfQGAodNHIEBg;type=sales;cat=agwxx3km;qty=1;cost=0;u1=;u14=%5Bplatcharge%5D;u15=%5Bvf1%5D;u17=%5Bvn1%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[OrderID]

Request Chain 14

https://ad.doubleclick.net/ddm/activity/src=3777021;type=eapps202;cat=platc0;u1=[PCN%20Number];u2=[Product%20ID];u3=[Instant%20Decision];ord=5378840964871.119 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=3777021;dc_pre=CMGG8rfxmfUCFQdDGAodkOAGqw;type=eapps202;cat=platc0;u1=[PCN%20Number];u2=[Product%20ID];u3=[Instant%20Decision];ord=5378840964871.119 HTTP 302
https://adservice.google.com/ddm/fls/p/src=3777021;dc_pre=CMGG8rfxmfUCFQdDGAodkOAGqw;type=eapps202;cat=platc0;u1=[PCN%20Number];u2=[Product%20ID];u3=[Instant%20Decision];ord=5378840964871.119;~oref=http://sergequek.com/ HTTP 302
https://adservice.google.de/ddm/fls/p/src=3777021;dc_pre=CMGG8rfxmfUCFQdDGAodkOAGqw;type=eapps202;cat=platc0;u1=[PCN%20Number];u2=[Product%20ID];u3=[Instant%20Decision];ord=5378840964871.119;~oref=http://sergequek.com/

Request Chain 16

https://ad.doubleclick.net/ddm/activity/src=6467223;type=invmedia;cat=mn5atvtq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9456067624232.645 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=6467223;dc_pre=CP-I8rfxmfUCFWgIogMdNF8MSw;type=invmedia;cat=mn5atvtq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9456067624232.645 HTTP 302
https://adservice.google.com/ddm/fls/p/src=6467223;dc_pre=CP-I8rfxmfUCFWgIogMdNF8MSw;type=invmedia;cat=mn5atvtq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9456067624232.645;~oref=http://sergequek.com/ HTTP 302
https://adservice.google.de/ddm/fls/p/src=6467223;dc_pre=CP-I8rfxmfUCFWgIogMdNF8MSw;type=invmedia;cat=mn5atvtq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9456067624232.645;~oref=http://sergequek.com/

Request Chain 19

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=425106&time=1641360792534&url=http%3A%2F%2Fsergequek.com%2Famex-koks%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D425106%26time%3D1641360792534%26url%3Dhttp%253A%252F%252Fsergequek.com%252Famex-koks%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=425106&time=1641360792534&url=http%3A%2F%2Fsergequek.com%2Famex-koks%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=425106&time=1641360792534&url=http%3A%2F%2Fsergequek.com%2Famex-koks%2F&liSync=true&e_ipv6=AQLPOy8wCFE5nwAAAX4ouh0TaxRr1YkAk8si8oYJ3N7CkoUB-neueN4Ti-blTG2Fk4dpPhA

Request Chain 20

https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1641360792734 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1641360792734

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
sergequek.com/amex-koks/ 11 KB
4 KB 554ms
268ms Document
text/html 192.185.79.238
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://sergequek.com/amex-koks/
Protocol: HTTP/1.1
Server: 192.185.79.238 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: ns117.websitewelcome.com
Software: Apache /
Resource Hash: 5081280c83c46705bfc87e6d3857971d2d5c2907aadcd971d535a74167156996

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 05 Jan 2022 05:33:11 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 31 Dec 2021 11:24:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4258
Keep-Alive: timeout=5, max=75
Content-Type: text/html

GET
H2

200

satelliteLib-bea3c9697c6240996731438f72200c4b82ae0d40.js Show response
assets.adobedtm.com/98caf8fccc463fd7e47088b35e73b27720bb5cc1/
Redirect Chain

https://www.americanexpress.com/adobedtm-global/
https://assets.adobedtm.com/98caf8fccc463fd7e47088b35e73b27720bb5cc1/satelliteLib-bea3c9697c6240996731438f72200c4b82ae0d40.js

169 KB
47 KB

23ms
7ms

Script
application/x-javascript

2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/98caf8fccc463fd7e47088b35e73b27720bb5cc1/satelliteLib-bea3c9697c6240996731438f72200c4b82ae0d40.js
Requested by: Host: sergequek.com
URL: http://sergequek.com/amex-koks/
Protocol: H2
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 66b132d551c78a402ad4dccea455619c2694f470d0cb7d4ba9ebf8edce816020

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 05:33:12 GMT
content-encoding: gzip
last-modified: Wed, 30 Jun 2021 05:17:31 GMT
server: AkamaiNetStorage
etag: "4b2280fecfe997acb72ca06f6f5c782c:1625030251.689442"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://sergequek.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 48079
expires: Wed, 05 Jan 2022 06:33:12 GMT

Redirect headers

strict-transport-security: max-age=15552000;
x-frame-options: SAMEORIGIN
date: Wed, 05 Jan 2022 05:33:12 GMT
content-security-policy-report-only: style-src https://*.americanexpress.com/ https://e3.insurance.online-eapp.com/ https://secure.cmax.americanexpress.com/ 'unsafe-inline' 'self' https://cdn.vivocha.com/ https://stackpath.bootstrapcdn.com/ https://fonts.googleapis.com/ https://cloud.webtype.com/ https://*.aexp-static.com/ https://cloud.typenetwork.com/ https://*.typekit.net/; script-src https://www.americanexpress.com.tr/ 'self' https://assets.delvenetworks.com/ https://cdn.taboola.com/ https://ds-aksb-a.akamaihd.net/ https://s.yjtag.jp/ https://www.cdn-path.com/ https://googleads.g.doubleclick.net/ https://cdn.smartnews-ads.com/ https://www.gstatic.com/ https://s.yimg.com/ https://js-cdn.dynatrace.com/ https://www.googleadservices.com/ https://*.hotjar.com/ https://aexp.demdex.net/ https://*.yahoo.co.jp/ https://secure.cmax.americanexpress.com/ https://*.ladsp.com/ https://d5phz18u4wuww.cloudfront.net/ https://img.en25.com/ https://accdn.lpsnmedia.net/ https://s.yimg.jp/ https://bat.bing.com/ https://*.omtrdc.net/ https://aa.agkn.com/ https://bam-cell.nr-data.net/ https://ads.avocet.io/ https://webgwy.neustar.biz/ https://va.v.liveperson.net/ https://unpkg.com/ https://acdn.adnxs.com/ https://cdnssl.clicktale.net/ https://*.bootstrapcdn.com/ https://c.evidon.com/ https://secure.leadforensics.com/ 'unsafe-eval' https://cdnjs.cloudflare.com/ https://assets.adobedtm.com/ 'unsafe-inline' https://use.typekit.net/ https://dsp-media.eskimi.com/ https://sp10056b1c.guided.ss-omtrdc.net/ https://*.d41.co/ https://*.liveperson.net/ https://*.vivocha.com/ https://script.crazyegg.com/ https://code.jquery.com/ https://www.cdn-net.com/ https://js-agent.newrelic.com/ https://*.exactag.com/ https://so.rlcdn.com/ https://dev.visualwebsiteoptimizer.com/ https://www.americanexpress.com.kw/ https://analytics.tiktok.com/ https://service.maxymiser.net/ https://ads.avct.cloud/ https://www.americanexpress.com.mo/ https://www.googletagmanager.com/ https://*.aexp-static.com/ https://www.youtube.com/ https://snap.licdn.com/ https://connect.facebook.net/ https://tag.bounceexchange.com/ https://*.americanexpress.com/ https://e3.insurance.online-eapp.com/ https://cdn.appdynamics.com/ https://*.google-analytics.com/ https://ct.contentsquare.net/ https://nexus.ensighten.com/ https://mc.yandex.ru/ https://*.googleapis.com/ https://www.americanexpress.com.sa/ https://www.amexpressnetwork.com/ https://sc-static.net/ http://ajax.googleapis.com/ https://www.google.com/; base-uri 'self' https://www.aexp-static.com/; plugin-types image/svg+xml; form-action https://www.cdn-net.com/ https://www.facebook.com/ https://amexhk.chubbtravelinsurance.com/ 'self' https://www.axa-travel-insurance.com/ https://tr.snapchat.com/ https://*.custhelp.com/ https://global.americanexpress.com/ https://online.americanexpress.com.sa/ https://www.cdn-path.com/ https://gi.zurich.com.hk/; frame-src https://*.americanexpress.com/ https://icm.aexp-static.com/ https://cdn.appdynamics.com/ https://*.demdex.net/ https://www.youtube-nocookie.com/ https://www.americanexpress.com.qa/ https://player.vimeo.com/ https://um.ladsp.com/ https://www.cdn-path.com/ https://vars.hotjar.com/ https://www.cdn-net.com/ https://*.doubleclick.net/ https://www.facebook.com/ https://s.amazon-adsystem.com/ https://i1.vivocha.com/ https://va.v.liveperson.net/ https://www.americanexpress.com.kw/ https://youtube.com/ https://www.google.com/ https://www.youtube.com/ https://youtu.be/; img-src data: 'self' https:; connect-src https://amexhk.chubbtravelinsurance.com/ https://vid1029.d41.co/ 'self' https://stats.g.doubleclick.net/ https://*.vivocha.com/ https://*.custhelp.com/ https://script.crazyegg.com/ https://ds-aksb-a.akamaihd.net/ https://*.contentsquare.net/ https://www.cdn-path.com/ https://www.google-analytics.com/ https://ing-district.clicktale.net/ https://www.cdn-net.com/ https://functions.aexp.com/ https://s.yimg.com/ https://www.axa-travel-insurance.com/ https://dev.visualwebsiteoptimizer.com/ https://www.googleadservices.com/ https://analytics.tiktok.com/ https://bf93265vfe.bf.dynatrace.com/ https://*.aexp-static.com/ https://*.hotjar.com/ https://siteintercept.qualtrics.com/ https://online.americanexpress.com.sa/ https://images.trvl-media.com/ https://*.americanexpress.com/ https://secure.cmax.americanexpress.com/ https://dpm.demdex.net/ https://trc-events.taboola.com/ https://tr.snapchat.com/ https://lib-us-1.brilliantcollector.com/ https://bat.bing.com/ https://dining-offers-prod.amex.r53.tuimedia.com/ https://gi.zurich.com.hk/ https://bam-cell.nr-data.net/ https://www.facebook.com/ https://vc.hotjar.io/ https://aeopprodvip.acxiom.com/ https://c.evidon.com/ https://www.google.com/ wss://*.hotjar.com/ https://col.eum-appdynamics.com/ data:; object-src 'self' https://icm.aexp-static.com/; worker-src 'self' blob:; media-src https://origin-slgem.americanexpress.com/ https://www.aexp-static.com/ https://*.llnw.net/ 'self' http://production.smedia.lvp.llnw.net/; frame-ancestors 'none'; font-src https://e3.insurance.online-eapp.com/ https://www.aexpstatic.com/ https://fonts.gstatic.com/ https://use.typekit.net/ 'self' https://cdn.vivocha.com/ https://*.aexp-static.com/ https://cloud.typenetwork.com/ data:;
content-type: text/html; charset=iso-8859-1
location: https://assets.adobedtm.com/98caf8fccc463fd7e47088b35e73b27720bb5cc1/satelliteLib-bea3c9697c6240996731438f72200c4b82ae0d40.js
x-cnection: close
content-length: 333

GET
H2 200 normalize.min.css
www.americanexpress.com/content/dam/amex/sg/campaigns/platinum-card/css/ 2 KB
1 KB 508ms
293ms Stylesheet
text/css 23.45.236.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/content/dam/amex/sg/campaigns/platinum-card/css/normalize.min.css

Requested by

Host: sergequek.com
URL: http://sergequek.com/amex-koks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.236.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-236-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

55b731aa03064189b7abca9931deb7b844c75d7664aacecc1356c4bc0635c4af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cnection: close
strict-transport-security: max-age=15552000;
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sat, 20 Jun 2020 00:06:46 GMT
date: Wed, 05 Jan 2022 05:33:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
content-length: 942

GET
H2 200 jtabs.min.css
www.americanexpress.com/content/dam/amex/sg/campaigns/platinum-card/css/ 1 KB
1 KB 520ms
305ms Stylesheet
text/css 23.45.236.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/content/dam/amex/sg/campaigns/platinum-card/css/jtabs.min.css

Requested by

Host: sergequek.com
URL: http://sergequek.com/amex-koks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.236.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-236-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

3b5c5edcbfa6fc01523a21e19422db126b78038df3013f6a2410f466cb5c3e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15552000;
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sat, 20 Jun 2020 01:56:42 GMT
cache-control: max-age=86400
date: Wed, 05 Jan 2022 05:33:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css
x-cnection: close
server-timing: dtRpid;desc="1212643795"
accept-ranges: bytes
content-length: 499

GET
H2 200 bootstrap.min.css
www.americanexpress.com/content/dam/amex/sg/campaigns/platinum-card/css/ 138 KB
21 KB 553ms
338ms Stylesheet
text/css 23.45.236.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/content/dam/amex/sg/campaigns/platinum-card/css/bootstrap.min.css

Requested by

Host: sergequek.com
URL: http://sergequek.com/amex-koks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.236.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-236-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

9ef4fbe459177af5f4e9647cbe584514fd36c7386af6a1712d03ae4b42e45b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cnection: close
strict-transport-security: max-age=15552000;
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 19 Jun 2020 18:49:51 GMT
date: Wed, 05 Jan 2022 05:33:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
content-length: 21091

GET
H/1.1 200
OK amex-rcp.css
sergequek.com/amex-koks/css/ 10 KB
3 KB 136ms
135ms Stylesheet
text/css 192.185.79.238
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://sergequek.com/amex-koks/css/amex-rcp.css
Requested by: Host: sergequek.com
URL: http://sergequek.com/amex-koks/
Protocol: HTTP/1.1
Server: 192.185.79.238 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: ns117.websitewelcome.com
Software: Apache /
Resource Hash: 84728df8885e5ea818c3224b69dcdd544c7391564ef5e4eb5c1fcb047b75c6ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/amex-koks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 05:33:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Jan 2022 08:10:22 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 3287

GET
H/1.1 200
OK responsive.css
sergequek.com/amex-koks/css/ 3 KB
1 KB 266ms
260ms Stylesheet
text/css 192.185.79.238
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://sergequek.com/amex-koks/css/responsive.css
Requested by: Host: sergequek.com
URL: http://sergequek.com/amex-koks/
Protocol: HTTP/1.1
Server: 192.185.79.238 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: ns117.websitewelcome.com
Software: Apache /
Resource Hash: bb32c3b71d8f4aaf9b935018c14880e072924585bf457495c6311de8358654ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/amex-koks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 05:33:12 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Jan 2022 12:24:49 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=75
Content-Length: 1068

GET
H2 200 jquery-1.11.0.min.js Show response
www.americanexpress.com/content/dam/amex/sg/campaigns/platinum-card/js/ 94 KB
33 KB 513ms
298ms Script
application/javascript 23.45.236.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/content/dam/amex/sg/campaigns/platinum-card/js/jquery-1.11.0.min.js

Requested by

Host: sergequek.com
URL: http://sergequek.com/amex-koks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.236.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-236-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15552000;
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sat, 20 Jun 2020 01:56:42 GMT
cache-control: max-age=86400
date: Wed, 05 Jan 2022 05:33:12 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-cnection: close
server-timing: dtRpid;desc="1524360684"
accept-ranges: bytes
content-length: 33369

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
www.americanexpress.com/content/dam/amex/sg/campaigns/platinum-card/js/ 7 KB
3 KB 532ms
318ms Script
application/javascript 23.45.236.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/content/dam/amex/sg/campaigns/platinum-card/js/jquery-migrate-1.2.1.min.js

Requested by

Host: sergequek.com
URL: http://sergequek.com/amex-koks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.236.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-236-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cnection: close
strict-transport-security: max-age=15552000;
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sat, 20 Jun 2020 00:06:46 GMT
date: Wed, 05 Jan 2022 05:33:12 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3063

GET
H2 200 jtabs.min.js Show response
www.americanexpress.com/content/dam/amex/sg/campaigns/platinum-card/js/ 3 KB
2 KB 526ms
312ms Script
application/javascript 23.45.236.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/content/dam/amex/sg/campaigns/platinum-card/js/jtabs.min.js

Requested by

Host: sergequek.com
URL: http://sergequek.com/amex-koks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.236.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-236-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

ff7a8abd224aea808c2bfbdb5f7f218f373b750ebc8b7ce531a9a61072754088

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cnection: close
strict-transport-security: max-age=15552000;
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 19 Jun 2020 18:55:45 GMT
date: Wed, 05 Jan 2022 05:33:12 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1132

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
713 B 270ms
36ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=417787

Requested by

Host: sergequek.com
URL: http://sergequek.com/amex-koks/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jan 2022 05:33:12 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 05 Jan 2022 05:33:12 GMT

GET
H3

200

src=5059967;dc_pre=CN7p-7fxmfUCFVfQGAodNHIEBg;type=sales;cat=agwxx3km;qty=1;cost=0;u1=;u14=%5Bplatcharge%5D;u15=%5Bvf1%5D;u17=%5Bvn1%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[OrderID]
adservice.google.com/ddm/fls/z/
Redirect Chain

https://pixel.sojern.com/pixel/img/82510?p_v=1&f_v=v3_image&vid=tou&vf1=[vf1]&vn1=[vn1]&pn=[platcharge]
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=mY00xVJAZoOiXUxWKLVWww&google_nid=sojern__adx_open_bidder_seat&sjrn_id=QSgcMqnVMg_vUI13WCQ0oC5N_nFQiZdHOb4OjEFJid1ldYs0K0k9AyziK7-j8FcQ&s...
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=mY00xVJAZoOiXUxWKLVWww&google_nid=sojern__adx_open_bidder_seat&sjrn_id=QSgcMqnVMg_vUI13WCQ0oC5N_nFQiZdHOb4OjEFJid1ldYs0K0k9AyziK7-j8FcQ&s...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=QSgcMqnVMg_vUI13WCQ0oC5N_nFQiZdHOb4OjEFJid1ldYs0K0k9AyziK7-j8FcQ&sjrn_r=aHR0cHM6Ly9hZC5kb3VibGVjbGljay5uZXQvZGRtL2FjdGl2aXR5L3NyYz01MD...
https://ad.doubleclick.net/ddm/activity/src=5059967;type=sales;cat=agwxx3km;qty=1;cost=0;u1=;u14=%5Bplatcharge%5D;u15=%5Bvf1%5D;u17=%5Bvn1%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=...
https://ad.doubleclick.net/ddm/activity/src=5059967;dc_pre=CN7p-7fxmfUCFVfQGAodNHIEBg;type=sales;cat=agwxx3km;qty=1;cost=0;u1=;u14=%5Bplatcharge%5D;u15=%5Bvf1%5D;u17=%5Bvn1%5D;dc_lat=;dc_rdid=;tag_...
https://adservice.google.com/ddm/fls/z/src=5059967;dc_pre=CN7p-7fxmfUCFVfQGAodNHIEBg;type=sales;cat=agwxx3km;qty=1;cost=0;u1=;u14=%5Bplatcharge%5D;u15=%5Bvf1%5D;u17=%5Bvn1%5D;dc_lat=;dc_rdid=;tag_f...

42 B
63 B

57ms
41ms

Image
image/gif

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=5059967;dc_pre=CN7p-7fxmfUCFVfQGAodNHIEBg;type=sales;cat=agwxx3km;qty=1;cost=0;u1=;u14=%5Bplatcharge%5D;u15=%5Bvf1%5D;u17=%5Bvn1%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[OrderID]

Requested by

Host: sergequek.com
URL: http://sergequek.com/amex-koks/

Protocol

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jan 2022 05:33:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Jan 2022 05:33:12 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=5059967;dc_pre=CN7p-7fxmfUCFVfQGAodNHIEBg;type=sales;cat=agwxx3km;qty=1;cost=0;u1=;u14=%5Bplatcharge%5D;u15=%5Bvf1%5D;u17=%5Bvn1%5D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[OrderID]
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 52ms
30ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-53388043-15

Requested by

Host: sergequek.com
URL: http://sergequek.com/amex-koks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

01a78f5566ea356f3d053e92b7d1eb69b4ef81f3beeee87f6d3cf909cd39520f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 05:33:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36185
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Jan 2022 05:33:12 GMT

GET
H2 200 logo_bluebox-55x54.svg
www.americanexpress.com/content/dam/amex/sg/campaigns/platinum-card/ 9 KB
4 KB 241ms
240ms Image
image/svg+xml 23.45.236.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.americanexpress.com/content/dam/amex/sg/campaigns/platinum-card/logo_bluebox-55x54.svg

Requested by

Host: sergequek.com
URL: http://sergequek.com/amex-koks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.236.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-236-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

9bedfbcc3e602d182e232daca408a303b96620908e515e31743c2b431d416d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15552000;
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sat, 20 Jun 2020 00:04:38 GMT
date: Wed, 05 Jan 2022 05:33:12 GMT
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-cnection: close
accept-ranges: bytes
content-length: 3267

GET
H2 200 bootstrap.bundle.min.js Show response
www.americanexpress.com/content/dam/amex/sg/campaigns/platinum-card/js/ 69 KB
21 KB 274ms
274ms Script
application/javascript 23.45.236.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com/content/dam/amex/sg/campaigns/platinum-card/js/bootstrap.bundle.min.js

Requested by

Host: sergequek.com
URL: http://sergequek.com/amex-koks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.236.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-236-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

928f97f310d8f768c5e3d521e3b1ce2cff156f9cc60c5d09fad772f4a2c43f52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15552000;
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 19 Jun 2020 23:57:15 GMT
cache-control: max-age=86400
date: Wed, 05 Jan 2022 05:33:12 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-cnection: close
server-timing: dtRpid;desc="-1166176633"
accept-ranges: bytes
content-length: 20688

GET
H2

200

/
adservice.google.de/ddm/fls/p/src=3777021;dc_pre=CMGG8rfxmfUCFQdDGAodkOAGqw;type=eapps202;cat=platc0;u1=[PCN%20Number];u2=[Product%20ID];u3=[Instant%20Decision];ord=5378840964871.119;~oref=http://s...
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=3777021;type=eapps202;cat=platc0;u1=[PCN%20Number];u2=[Product%20ID];u3=[Instant%20Decision];ord=5378840964871.119?
https://ad.doubleclick.net/ddm/activity/src=3777021;dc_pre=CMGG8rfxmfUCFQdDGAodkOAGqw;type=eapps202;cat=platc0;u1=[PCN%20Number];u2=[Product%20ID];u3=[Instant%20Decision];ord=5378840964871.119?
https://adservice.google.com/ddm/fls/p/src=3777021;dc_pre=CMGG8rfxmfUCFQdDGAodkOAGqw;type=eapps202;cat=platc0;u1=[PCN%20Number];u2=[Product%20ID];u3=[Instant%20Decision];ord=5378840964871.119;~oref...
https://adservice.google.de/ddm/fls/p/src=3777021;dc_pre=CMGG8rfxmfUCFQdDGAodkOAGqw;type=eapps202;cat=platc0;u1=[PCN%20Number];u2=[Product%20ID];u3=[Instant%20Decision];ord=5378840964871.119;~oref=...

42 B
737 B

64ms
42ms

Image
image/gif

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.de/ddm/fls/p/src=3777021;dc_pre=CMGG8rfxmfUCFQdDGAodkOAGqw;type=eapps202;cat=platc0;u1=[PCN%20Number];u2=[Product%20ID];u3=[Instant%20Decision];ord=5378840964871.119;~oref=http://sergequek.com/

Requested by

Host: sergequek.com
URL: http://sergequek.com/amex-koks/

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jan 2022 05:33:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Jan 2022 05:33:12 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://adservice.google.de/ddm/fls/p/src=3777021;dc_pre=CMGG8rfxmfUCFQdDGAodkOAGqw;type=eapps202;cat=platc0;u1=[PCN%20Number];u2=[Product%20ID];u3=[Instant%20Decision];ord=5378840964871.119;~oref=http://sergequek.com/
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 65ms
15ms Script
application/x-javascript 2a02:26f0:6b::5f64:615a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: sergequek.com
URL: http://sergequek.com/amex-koks/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6b::5f64:615a Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 05:33:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=14032
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2

200

/
adservice.google.de/ddm/fls/p/src=6467223;dc_pre=CP-I8rfxmfUCFWgIogMdNF8MSw;type=invmedia;cat=mn5atvtq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9456067624232.645;~oref=http...
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=6467223;type=invmedia;cat=mn5atvtq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9456067624232.645?
https://ad.doubleclick.net/ddm/activity/src=6467223;dc_pre=CP-I8rfxmfUCFWgIogMdNF8MSw;type=invmedia;cat=mn5atvtq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9456067624232.645?
https://adservice.google.com/ddm/fls/p/src=6467223;dc_pre=CP-I8rfxmfUCFWgIogMdNF8MSw;type=invmedia;cat=mn5atvtq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9456067624232.645;~...
https://adservice.google.de/ddm/fls/p/src=6467223;dc_pre=CP-I8rfxmfUCFWgIogMdNF8MSw;type=invmedia;cat=mn5atvtq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9456067624232.645;~o...

42 B
107 B

64ms
42ms

Image
image/gif

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.de/ddm/fls/p/src=6467223;dc_pre=CP-I8rfxmfUCFWgIogMdNF8MSw;type=invmedia;cat=mn5atvtq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9456067624232.645;~oref=http://sergequek.com/

Requested by

Host: sergequek.com
URL: http://sergequek.com/amex-koks/

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jan 2022 05:33:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Jan 2022 05:33:12 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://adservice.google.de/ddm/fls/p/src=6467223;dc_pre=CP-I8rfxmfUCFWgIogMdNF8MSw;type=invmedia;cat=mn5atvtq;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9456067624232.645;~oref=http://sergequek.com/
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: sergequek.com
URL: http://sergequek.com/amex-koks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: qcVukELDfB1yH5FCQYnKi6bftnJZvgyJ/QrDXTKZa7uYHxmAyWE0RxAra3na0zNcSEU3tlnWrqsrjB5/5RTkXg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 05 Jan 2022 05:33:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 723721657994897 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 230ms
230ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/723721657994897?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fd3105a900557db7f2850b3e015106498dbbd602c56506df961548fcd155c32d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: +4s4RUb67Ljf9HXjikBD2DVBW0yvLyDzTKQihNezqaWGKML+uRPRKzwRGbPVPJpOv0uIEDXkoGnXlk5xqf4XMQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 05 Jan 2022 05:33:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=425106&time=1641360792534&url=http%3A%2F%2Fsergequek.com%2Famex-koks%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D425106%26time%3D1641360792534%26url%3Dhttp%253A%252F%252Fsergequek.com%252Famex-k...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=425106&time=1641360792534&url=http%3A%2F%2Fsergequek.com%2Famex-koks%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=425106&time=1641360792534&url=http%3A%2F%2Fsergequek.com%2Famex-koks%2F&liSync=true&e_ipv6=AQLPOy8wCFE5nwAAAX4ouh0TaxRr1YkAk8si8oYJ3N7CkoUB-neueN...

0
156 B

309ms
113ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=425106&time=1641360792534&url=http%3A%2F%2Fsergequek.com%2Famex-koks%2F&liSync=true&e_ipv6=AQLPOy8wCFE5nwAAAX4ouh0TaxRr1YkAk8si8oYJ3N7CkoUB-neueN4Ti-blTG2Fk4dpPhA
Requested by: Host: sergequek.com
URL: http://sergequek.com/amex-koks/
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 05:33:13 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: gIzG7/FIxxawa9PO+SoAAA==

Redirect headers

date: Wed, 05 Jan 2022 05:33:12 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8E0DCB7F9E9145D69A0B07E605C51F88 Ref B: FRAEDGE1510 Ref C: 2022-01-05T05:33:12Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=425106&time=1641360792534&url=http%3A%2F%2Fsergequek.com%2Famex-koks%2F&liSync=true&e_ipv6=AQLPOy8wCFE5nwAAAX4ouh0TaxRr1YkAk8si8oYJ3N7CkoUB-neueN4Ti-blTG2Fk4dpPhA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXUzxcBYqv1QEgfKV6FyA==

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1641360792734
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1641360792734

4 KB
2 KB

52ms
52ms

XHR
application/json

52.16.52.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1641360792734

Requested by

Host: sergequek.com
URL: http://sergequek.com/amex-koks/

Protocol

HTTP/1.1

Server

52.16.52.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-52-14.eu-west-1.compute.amazonaws.com

Software

Resource Hash

dd1f3f40c5e8070c65ece966042f3bb26cc9ae84ab6e5b402a091c8630e9cacf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v026-0d7558eda.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 64JiLnMBTsM=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://sergequek.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1387
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v026-0da4e48b4.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: http://sergequek.com
X-TID: ITf6jCdQRt0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&ts=1641360792734
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EXc1753a73499444cab36d976137faf714-libraryCode_source.min.js Show response
assets.adobedtm.com/dcb19cbd6cbf/61650f53735f/4464bf4fd9dd/ 83 KB
29 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/dcb19cbd6cbf/61650f53735f/4464bf4fd9dd/EXc1753a73499444cab36d976137faf714-libraryCode_source.min.js
Requested by: Host: www.americanexpress.com
URL: https://www.americanexpress.com/adobedtm-global/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 11fc9942b84e014209e3ed06823f5131f0d4b1595f47bbbb43c4e24d26461b05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 05:33:12 GMT
content-encoding: gzip
last-modified: Wed, 30 Jun 2021 05:17:33 GMT
server: AkamaiNetStorage
etag: "ceffa545dc1e7c3bc0cc14f201224f15:1625030253.669675"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://sergequek.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 28981
expires: Wed, 05 Jan 2022 06:33:12 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 23ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=723721657994897&ev=PageView&dl=http%3A%2F%2Fsergequek.com%2Famex-koks%2F&rl=&if=false&ts=1641360792788&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1641360792788.1541687238&it=1641360792511&coo=false&rqm=GET

Requested by

Host: sergequek.com
URL: http://sergequek.com/amex-koks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 05:33:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 05 Jan 2022 05:33:12 GMT

GET
H2 200 id Show response
omns.americanexpress.com/ 89 B
691 B 78ms
17ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://omns.americanexpress.com/id?d_visid_ver=5.0.0&d_fieldgroup=A&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&mid=64854112947303889153429686385124861752&ts=1641360792993

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/adobedtm-global/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

29105e7009bacdce48fad211c72d5cf53ea44858360b5e185c0386baae96fdb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sergequek.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 05 Jan 2022 05:33:13 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-675dccd488-qwdnx
vary: Origin
x-c: main-1548.I52ef9e.M0-537
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://sergequek.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 89
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 4 KB
2 KB 53ms
52ms XHR
application/json 52.16.52.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=15&d_mid=64854112947303889153429686385124861752&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%0130EA96CCC7B4A4CD-4000043A4C538798&ts=1641360793074

Requested by

Host: www.americanexpress.com
URL: https://www.americanexpress.com/adobedtm-global/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.52.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-52-14.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6833465adde9e47e7b866cda84c0d2f33470e3e0dc636a302064f8d7da6e133a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://sergequek.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v026-095a919c8.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 8toBHhLtQRA=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://sergequek.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1386
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK s78455087083266
omn.americanexpress.com/b/ss/amexpressprod,amexpressenterpriseprod/1/JS-2.17.0-LBSQ/ 43 B
599 B 84ms
27ms Image
image/gif 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://omn.americanexpress.com/b/ss/amexpressprod,amexpressenterpriseprod/1/JS-2.17.0-LBSQ/s78455087083266?AQB=1&ndh=1&pf=1&t=5%2F0%2F2022%205%3A33%3A13%203%200&mid=64854112947303889153429686385124861752&aid=30EA96CCC7B4A4CD-4000043A4C538798&aamlh=6&ce=UTF-8&ns=1americanexpress&pageName=SG%7Cacq%7CCampaigns%7CPlatRCP%7Cplatinum-rcp-microsite&g=http%3A%2F%2Fsergequek.com%2Famex-koks%2F&c.&omn.&lob=acquisition&.omn&visitorCheck=VisitorAPI%20Present&gvs=1&.c&cc=USD&server=sergequek.com&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&h1=SG%7Cacq%7CCampaigns%7CPlatRCP&c4=SG&c10=prospect&c19=SG%7Cacq&v22=D%3Dgctrac&c24=SG%7Cacq%7CCampaigns&v27=SG&c30=SG%7Cacq%7CCampaigns%7CPlatRCP&c31=SG%7Cacq&c38=SG%7Cacq%7CCampaigns%7CPlatRCP&v45=prospect&c48=D%3Dgctrac&c49=Launch-OneCMS%3Av1.0-AM%3A2.17.0-VISID%3A5.0.0-DIL%3A9.3-Mbox%3ANA-CSVisID%3Afalse-msuite%3Atrue-PD%3Aundefined&c56=OneCMS&v60=1600&v61=landscape&v74=SG%7Cacq%7CCampaigns%7CPlatRCP%7Cplatinum-rcp-microsite&c75=Launch&v82=0.9507735009134568_1641360793150&v94=D%3Dagent-id&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&AQE=1

Requested by

Host: sergequek.com
URL: http://sergequek.com/amex-koks/

Protocol

HTTP/1.1

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 05:33:13 GMT
x-content-type-options: nosniff
x-c: main-1548.I52ef9e.M0-537
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 06 Jan 2022 05:33:13 GMT
server: jag
xserver: anedge-675dccd488-79jv9
etag: 3524795463809761280-4619783308630360406
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 04 Jan 2022 05:33:13 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=723721657994897&ev=Microdata&dl=http%3A%2F%2Fsergequek.com%2Famex-koks%2F&rl=&if=false&ts=1641360794291&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22American%20Express%20Singapore%20%7C%20KOKS%20Booking%22%2C%22meta%3Adescription%22%3A%22Welcome%20to%20American%20Express%20Singapore%2C%20provider%20of%20Cards%2C%20Travel%20%26%20Insurance%20products.%20Apply%20for%20a%20Card%20or%20login%20to%20your%20Account%22%2C%22meta%3Akeywords%22%3A%22american%20express%2C%20american%20express%20Singapore%2C%20amex%20Singapore%2C%20american%20express%20sg%2C%20amex%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1641360792788.1541687238&it=1641360792511&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://sergequek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 05:33:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 05 Jan 2022 05:33:14 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 09:17:36	Name: IDE Value: AHWqTUkBL2Pj2tJJZ1xKEnvyQKwo90LncaWN0vzV1tGgZC02PeXEOavPRf3T51ujY5I
.sojern.com/	1970-01-20 08:41:36	Name: gid Value: CAESENbTjJGrz-MWjouhBFzT6jk
.sojern.com/	1970-01-20 08:41:36	Name: cid Value: 998d34c5-5240-6683-a25d-4c5628b556c3#1641340800000
.linkedin.com/	1970-01-20 00:39:12	Name: UserMatchHistory Value: AQLkWLKRrBYkLwAAAX4ouhwqD7ryqxgNLFnUCW7iv_UNR4fvreCLfNikMJRHekM5VSIqubKUEcl_NQ
.linkedin.com/	1970-01-20 00:39:12	Name: AnalyticsSyncHistory Value: AQIC1FP4t-ovRQAAAX4ouhwqc1DUuuwX8zqXC4mCjiY5NtL-hHpMKEIHw25ULZ38KJKSvDm5ZBbNDU-aKTl-qg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:27:54	Name: bcookie Value: "v=2&0098b5b8-96c8-4422-8685-83be5ba5037d"
.linkedin.com/	1970-01-19 23:57:27	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2598:u=1:x=1:i=1641360792:t=1641447192:v=2:sig=AQFKJIBLfyskLEWjTm1NjGSiyTz24VTz"
.yahoo.com/	1970-01-20 08:41:58	Name: A3 Value: d=AQABBJgt1WECEHVTTxtTTdcsytnv40D-6HEFEgEBAQF_1mHfYQAAAAAA_eMAAA&S=AQAAAkncdi5Cp8H3z59UthNmzms
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 17:27:54	Name: bscookie Value: "v=1&20220105053312757db524-f97d-4143-8438-b7f4c3f44cd5AQHro-RzcddRqwpHu0FfeA0jNXjPj8L3"
.linkedin.com/	1970-01-20 17:01:15	Name: li_gc Value: MTswOzE2NDEzNjA3OTI7MjswMjE4iT+HmYH/YLDr/eY5GZhPAcWzsCweOfVVFlm4UaTpbw==
.sergequek.com/	1970-01-20 02:05:36	Name: _fbp Value: fb.1.1641360792788.1541687238
.demdex.net/	1970-01-20 04:15:12	Name: demdex Value: 65055267961041226833445315879061431216
.sergequek.com/	1969-12-31 23:59:59	Name: AMCVS_5C36123F5245AF470A490D45%40AdobeOrg Value: 1
.americanexpress.com/	1970-01-20 17:27:12	Name: s_vi Value: [CS]v1\|30EA96CCC7B4A4CD-4000043A4C538798[CE]
.americanexpress.com/	1970-01-20 17:27:12	Name: s_ecid Value: MCMID%7C64854112947303889153429686385124861752
.sergequek.com/	1970-01-20 17:27:12	Name: AMCV_5C36123F5245AF470A490D45%40AdobeOrg Value: 870038026%7CMCMID%7C64854112947303889153429686385124861752%7CMCAAMLH-1641965593%7C6%7CMCAAMB-1641965593%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1641367993s%7CNONE%7CMCAID%7C30EA96CCC7B4A4CD-4000043A4C538798%7CvVersion%7C5.0.0
.sergequek.com/	1970-01-19 23:56:02	Name: s_pers Value: %20gpv_v41%3DSG%257Cacq%257CCampaigns%257CPlatRCP%257Cplatinum-rcp-microsite%7C1641362593145%3B%20s_tbm%3Dtrue%7C1641362593147%3B
.sergequek.com/	1970-01-19 23:56:02	Name: _cs_mk Value: 0.9507735009134568_1641360793150
.sergequek.com/	1969-12-31 23:59:59	Name: s_sess Value: %20s_visit%3D1%3B%20s_tp%3D1200%3B%20s_cc%3Dtrue%3B%20s_ppv%3DSG%25257Cacq%25257CCampaigns%25257CPlatRCP%25257Cplatinum-rcp-microsite%252C100%252C100%252C1200%3B

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
assets.adobedtm.com
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
omn.americanexpress.com
omns.americanexpress.com
pixel.sojern.com
px.ads.linkedin.com
px4.ads.linkedin.com
sergequek.com
snap.licdn.com
sp.analytics.yahoo.com
www.americanexpress.com
www.facebook.com
www.googletagmanager.com
www.linkedin.com
107.178.244.119
108.174.10.14
13.36.218.177
142.250.184.230
142.250.185.98
15.236.176.210
192.185.79.238
212.82.100.181
23.45.236.85
2620:1ec:21::14
2a00:1450:4001:801::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:827::2002
2a02:26f0:6b::5f64:615a
2a02:26f0:6c00:28a::1e80
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.16.52.14
01a78f5566ea356f3d053e92b7d1eb69b4ef81f3beeee87f6d3cf909cd39520f
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11fc9942b84e014209e3ed06823f5131f0d4b1595f47bbbb43c4e24d26461b05
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
29105e7009bacdce48fad211c72d5cf53ea44858360b5e185c0386baae96fdb8
3b5c5edcbfa6fc01523a21e19422db126b78038df3013f6a2410f466cb5c3e6f
5081280c83c46705bfc87e6d3857971d2d5c2907aadcd971d535a74167156996
55b731aa03064189b7abca9931deb7b844c75d7664aacecc1356c4bc0635c4af
66b132d551c78a402ad4dccea455619c2694f470d0cb7d4ba9ebf8edce816020
6833465adde9e47e7b866cda84c0d2f33470e3e0dc636a302064f8d7da6e133a
84728df8885e5ea818c3224b69dcdd544c7391564ef5e4eb5c1fcb047b75c6ae
928f97f310d8f768c5e3d521e3b1ce2cff156f9cc60c5d09fad772f4a2c43f52
9bedfbcc3e602d182e232daca408a303b96620908e515e31743c2b431d416d74
9ef4fbe459177af5f4e9647cbe584514fd36c7386af6a1712d03ae4b42e45b24
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bb32c3b71d8f4aaf9b935018c14880e072924585bf457495c6311de8358654ba
dd1f3f40c5e8070c65ece966042f3bb26cc9ae84ab6e5b402a091c8630e9cacf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd3105a900557db7f2850b3e015106498dbbd602c56506df961548fcd155c32d
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff7a8abd224aea808c2bfbdb5f7f218f373b750ebc8b7ce531a9a61072754088

sergequek.com Open in urlscan Pro 192.185.79.238 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

28 Requests

64 %HTTPS

44 %IPv6

14 Domains

19 Subdomains

14 IPs

5 Countries

331 kBTransfer

1107 kBSize

21 Cookies

9 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sergequek.com Open in urlscan Pro
192.185.79.238 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

64 %
HTTPS

44 %
IPv6

14
Domains

19
Subdomains

14
IPs

5
Countries

331 kB
Transfer

1107 kB
Size

21
Cookies

28 HTTP transactions
0 data transactions