vaiorantpromotion.com Open in urlscan Pro
2606:4700:3035::6815:d03 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://vaiorantpromotion.com/winner-5871387
Effective URL:
https://vaiorantpromotion.com/blog/
Submission Tags: https://phish.report @phish_report Search All
Submission: On June 13 via api (June 13th 2023, 6:40:26 pm UTC) from FI — Scanned from FI

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 11 domains to perform 43 HTTP transactions. The main IP is 2606:4700:3035::6815:d03, located in United States and belongs to CLOUDFLARENET, US. The main domain is vaiorantpromotion.com.
TLS certificate: Issued by E1 on June 7th 2023. Valid for: 3 months.

This is the only time vaiorantpromotion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 19	2606:4700:303... 2606:4700:3035::6815:d03	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	52.203.114.80 52.203.114.80	14618 (AMAZON-AES) (AMAZON-AES)
9	2606:4700:10:... 2606:4700:10::6816:d1d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	108.138.37.209 108.138.37.209	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	148.251.135.181 148.251.135.181	24940 (HETZNER-AS) (HETZNER-AS)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	63.33.106.238 63.33.106.238	16509 (AMAZON-02) (AMAZON-02)
43	9

19 2606:4700:3035::6815:d03 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

vaiorantpromotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.203.114.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-114-80.compute-1.amazonaws.com

www.thegamer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6816:d1d (United States)

ASN13335 (CLOUDFLARENET, US)

static1.thegamerimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.37.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-37-209.muc50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

seg.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 148.251.135.181 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy01.cl01.het.mrf.io

mbid.marfeelrev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.180 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.106.238 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-106-238.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	vaiorantpromotion.com 2 redirects vaiorantpromotion.com	199 KB
9	thegamerimages.com static1.thegamerimages.com — Cisco Umbrella Rank: 99725	180 KB
7	thegamer.com www.thegamer.com — Cisco Umbrella Rank: 48461	119 KB
4	marfeelrev.com mbid.marfeelrev.com — Cisco Umbrella Rank: 22001	3 KB
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	3 KB
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 670	747 B
2	casalemedia.com 1 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1360	1 KB
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 353	61 KB
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 375	239 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1149	245 B
1	ad.gt seg.ad.gt — Cisco Umbrella Rank: 9333	134 B
43	11

	Domain	Requested by
19	vaiorantpromotion.com	2 redirects vaiorantpromotion.com
9	static1.thegamerimages.com	vaiorantpromotion.com
7	www.thegamer.com	vaiorantpromotion.com
4	mbid.marfeelrev.com	vaiorantpromotion.com
3	ib.adnxs.com	3 redirects
2	ad.360yield.com	2 redirects
2	ssum.casalemedia.com	1 redirects
2	c.amazon-adsystem.com	vaiorantpromotion.com c.amazon-adsystem.com
1	pixel.rubiconproject.com
1	rtb.openx.net
1	seg.ad.gt	vaiorantpromotion.com
43	11

This site contains no links.

Subject Issuer	Validity	Valid
vaiorantpromotion.com E1	`2023-06-07` - `2023-09-05`	3 months	crt.sh
thegamer.com R3	`2023-04-16` - `2023-07-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-29` - `2024-04-28`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
ssl02.cert.cl01.k8s.mrf.io R3	`2023-06-01` - `2023-08-30`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://vaiorantpromotion.com/blog/
Frame ID: 7DC251F206781C84B75C49E85B6F0AF4
Requests: 34 HTTP requests in this frame

Frame: https://vaiorantpromotion.com/blog/files/cookie-sync.html
Frame ID: 4C9181EF2FFCA2941B9B904BF92830D8
Requests: 8 HTTP requests in this frame

Frame: https://vaiorantpromotion.com/blog/files/saved_resource.html
Frame ID: B0F4AC0AE053CD43910BCBB754314EFF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Valorant: Complete Beginner's Guide

Page URL History Show full URLs

https://vaiorantpromotion.com/winner-5871387 HTTP 302
https://vaiorantpromotion.com/blog HTTP 301
https://vaiorantpromotion.com/blog/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

43
Requests

91 %
HTTPS

27 %
IPv6

11
Domains

11
Subdomains

9
IPs

4
Countries

562 kB
Transfer

1369 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://vaiorantpromotion.com/winner-5871387 HTTP 302
https://vaiorantpromotion.com/blog HTTP 301
https://vaiorantpromotion.com/blog/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://ssum.casalemedia.com/usermatchredir?s=184550&cb= HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1

Request Chain 39

https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmbid.marfeelrev.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526f%253Di%2526uid%253D%2524UID HTTP 302
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=8263754755877416140

Request Chain 40

https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=e3064028-19e0-4e31-9c79-76e4f8279a25

Request Chain 41

https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=8263754755877416140

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
vaiorantpromotion.com/blog/
Redirect Chain

https://vaiorantpromotion.com/winner-5871387
https://vaiorantpromotion.com/blog
https://vaiorantpromotion.com/blog/

370 KB
28 KB

117ms
116ms

Document
text/html

2606:4700:3035::6815:d03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vaiorantpromotion.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:d03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c899ef20f90230583399b7286d2f689bbe811a773cef6794ef29fdfee70918da

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d6c76230af01c12-OSL
content-encoding: br
content-type: text/html
date: Tue, 13 Jun 2023 18:40:21 GMT
last-modified: Wed, 07 Jun 2023 06:49:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vu6dai%2B6Dbs6Aw%2Bz3dUswBK3W34z3Df9F%2FWX8berXhOcg40DVC0o0wuiPj5a%2BZkZHhaPFcfLzpjBw4bTKJccH5zyj6xs4CZ515kmZ640CMURWgsBUj269%2BLa%2BpiZ9FkHKD1JX5mzthXFRjPYjz78pMoQllk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d6c76226a371c12-OSL
content-type: text/html
date: Tue, 13 Jun 2023 18:40:20 GMT
location: https://vaiorantpromotion.com/blog/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Opu9HDJSoykZ0AEtmR1lFE91zSwQURJMQUKR0AIB1VNEgGb1JH6f77FqsGaGspYVoES2QNxPoGkmR0uhHJ%2BKOsoNFxK6jFEknRnVp3AFha15dAHeWa0BRGL75pMRnJiejEQmsV0gjZB1KhpabLVtwQQMs24%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 newsletter-popup.e7b3ff0e.js Show response
www.thegamer.com/public/build/ 6 KB
3 KB 498ms
164ms Script
application/javascript 52.203.114.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegamer.com/public/build/newsletter-popup.e7b3ff0e.js

Requested by

Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.203.114.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-114-80.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bd588f338804d52bb4b2da080d43a604fea9a8bc397b23377c1a903ba80e387f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 13 Jun 2023 18:24:49 GMT
server: nginx
etag: W/"6488b471-164a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
expires: Wed, 12 Jun 2024 18:40:21 GMT

GET
H2 200 pjimage-16-2.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/ 27 KB
27 KB 287ms
142ms Image
image/avif 2606:4700:10::6816:d1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/pjimage-16-2.jpg?q=50&fit=contain&w=1140&h=570&dpr=1.5
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:d1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e24826b79dd8d6027c75dcb429dedd26bf976b9b50d8371efb929f80e7d14e7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
cf-cache-status: HIT
age: 174037
content-disposition: inline; filename="pjimage-16-2.avif"
alt-svc: h3=":443"; ma=86400
content-length: 27833
x-request-id: LGW2jxxOd53O-1nnb_1Ys
server: cloudflare
etag: "V7mkl9OdJMEOV-5MCPNX8UP2qO65-T6lujgSnSsIq68/RIndBVF9KSk1TWU91WDg1MVA4bTZaWFEi"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d6c7624beaa0b41-OSL
expires: Mon, 10 Jun 2024 18:19:44 GMT

GET
H2 200 rajdhani-regular.woff2
www.thegamer.com/public/build/fonts/rajdhani/ 15 KB
15 KB 611ms
278ms Font
font/woff2 52.203.114.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegamer.com/public/build/fonts/rajdhani/rajdhani-regular.woff2

Requested by

Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.203.114.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-114-80.compute-1.amazonaws.com

Software

nginx /

Resource Hash

559b43f7beabc7c03b99de9f0820c720b5e6c8ae68867d0c90cfee83d52b7f45

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vaiorantpromotion.com/
Origin: https://vaiorantpromotion.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14980
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 13 Jun 2023 18:24:49 GMT
server: nginx
etag: "6488b471-3a84"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Wed, 12 Jun 2024 18:40:21 GMT

GET
H2 200 rajdhani-bold.woff2
www.thegamer.com/public/build/fonts/rajdhani/ 15 KB
16 KB 622ms
290ms Font
font/woff2 52.203.114.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegamer.com/public/build/fonts/rajdhani/rajdhani-bold.woff2

Requested by

Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.203.114.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-114-80.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c886e7ce6980565f56761a4e921edd13df2fa16deb88a13f4e2f2500d0ca5a82

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vaiorantpromotion.com/
Origin: https://vaiorantpromotion.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 15716
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 13 Jun 2023 18:24:49 GMT
server: nginx
etag: "6488b471-3d64"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Wed, 12 Jun 2024 18:40:21 GMT

GET
H2 200 roboto-regular_.woff2
www.thegamer.com/public/build/fonts/roboto/ 19 KB
19 KB 755ms
423ms Font
font/woff2 52.203.114.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegamer.com/public/build/fonts/roboto/roboto-regular_.woff2

Requested by

Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.203.114.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-114-80.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3bcf9f5dd1769dbd241485b17788201d9d8d53f5ab2bb2f89a94ae12f154740c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vaiorantpromotion.com/
Origin: https://vaiorantpromotion.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 18988
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 13 Jun 2023 18:24:49 GMT
server: nginx
etag: "6488b471-4a2c"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Wed, 12 Jun 2024 18:40:21 GMT

GET
H2 200 roboto-bold_.woff2
www.thegamer.com/public/build/fonts/roboto/ 19 KB
19 KB 766ms
435ms Font
font/woff2 52.203.114.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegamer.com/public/build/fonts/roboto/roboto-bold_.woff2

Requested by

Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.203.114.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-114-80.compute-1.amazonaws.com

Software

nginx /

Resource Hash

15dcef640cac0fe6f9f5006624cdc828b1ae6292b618aece6607c9952a6ae1cf

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vaiorantpromotion.com/
Origin: https://vaiorantpromotion.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 19076
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 13 Jun 2023 18:24:49 GMT
server: nginx
etag: "6488b471-4a84"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Wed, 12 Jun 2024 18:40:21 GMT

GET
H2 200 icomoon.woff2
www.thegamer.com/public/build/fonts/icons/ 16 KB
16 KB 767ms
436ms Font
font/woff2 52.203.114.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegamer.com/public/build/fonts/icons/icomoon.woff2?v=1.3

Requested by

Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.203.114.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-114-80.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c884dfd88281336423bd6589cb522f8b2c68e1776373ca93b21658335a3a9ae4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vaiorantpromotion.com/
Origin: https://vaiorantpromotion.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 15888
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 13 Jun 2023 18:24:49 GMT
server: nginx
etag: "6488b471-3e10"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Wed, 12 Jun 2024 18:40:21 GMT

GET
H2 200 icomoon.woff
www.thegamer.com/public/build/fonts/icons/ 30 KB
31 KB 766ms
435ms Font
font/woff 52.203.114.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegamer.com/public/build/fonts/icons/icomoon.woff?v=1.3

Requested by

Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.203.114.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-114-80.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7d8aca4a24e0fc01d9f8627550ae9c05e8163b0c73e51c585e97ca13a0503d23

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vaiorantpromotion.com/
Origin: https://vaiorantpromotion.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 31216
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 13 Jun 2023 18:24:49 GMT
server: nginx
etag: "6488b471-79f0"
x-frame-options: SAMEORIGIN
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Wed, 12 Jun 2024 18:40:21 GMT

GET
H3 200 article-regular.a5aa35cd.css
vaiorantpromotion.com/blog/files/ 322 KB
49 KB 155ms
153ms Stylesheet
text/css 2606:4700:3035::6815:d03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vaiorantpromotion.com/blog/files/article-regular.a5aa35cd.css
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:d03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26c95380ef7e6fbda4146e9b208c2d78ef32be34c1c147757edb6099fc3e6dd3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 07 Jun 2023 06:42:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"648026ec-508aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsJtSuEowhm%2Fl2WxUH1IWxLMsfYoiurS9wleV0%2Fq2WWdJEROOyIjBrp%2BtST%2F3lCSmkub9bq4s3AieABpKlgowjDRwHAnomaPe7o6R6uHr06qPCBYHAWxrIYvPkjUHrUjtuAUPrjevD%2FySr2tzBdA21WxYP0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7d6c7623df8e0b45-OSL
alt-svc: h3=":443"; ma=86400

GET
H3 200 css
vaiorantpromotion.com/blog/files/ 1 KB
2 KB 139ms
137ms Stylesheet
application/octet-stream 2606:4700:3035::6815:d03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vaiorantpromotion.com/blog/files/css
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:d03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Jun 2023 06:42:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "648026ed-455"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIngF1dNR6%2FRq62gqVO5cU1khMvzvGOiJYBnSbYNbXEKnqakpxMuSdK1PU741pMWXQT9JIbNsNIVSurRAAg%2F3SCIQsA38%2BeE5sr3u69Hry%2BtuSv5CvxkaUVKroJp9iHpryX3z7tk736MiRkNJiZVJakWOkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 7d6c7623df900b45-OSL
alt-svc: h3=":443"; ma=86400
content-length: 1109

GET
H3 200 tg-logo-full-colored-light.svg
vaiorantpromotion.com/blog/files/ 3 KB
1 KB 161ms
161ms Image
image/svg+xml 2606:4700:3035::6815:d03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vaiorantpromotion.com/blog/files/tg-logo-full-colored-light.svg
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:d03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f136be1c736721a3a258ffed1d6870f3b87cf1266c7ac43cc61250ed117637a1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 07 Jun 2023 06:42:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"648026ed-bbb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZVXM1ehs8dAx0hrkPWUAqGBJxtOfMT7z5Wj2JbYg6y7tTznD1uY82JmbX9CzkuuxwO3JSoefQXx3TOwHnFg0c9egE6BRR3760F8YLpofvmg66gj7SIoiALyRTylgjjfM54OY0uDPDeN9NePzT%2F8V6I%2FJCo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7d6c76240fec0b45-OSL
alt-svc: h3=":443"; ma=86400

GET
H2 200 Valorant.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/ 40 KB
40 KB 178ms
72ms Image
image/avif 2606:4700:10::6816:d1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/Valorant.jpg?q=50&fit=crop&w=740&dpr=1.5
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:d1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b64d1c3350c7857821888624135a8d45fcb9c8834662a7baa63a652c018ad75d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
cf-cache-status: HIT
age: 19014
content-disposition: inline; filename="Valorant.avif"
alt-svc: h3=":443"; ma=86400
content-length: 40609
x-request-id: z5cBgVGemDNmgJRfHv8Ft
server: cloudflare
etag: "kZiz7bHaNXMeShQJrwpwUpwLA3weXxJ7sguUjENOq_s/RIjdqc0RHUllwc0FtN2JGTTNvTlF2TWci"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d6c7624bead0b41-OSL
expires: Wed, 12 Jun 2024 10:32:49 GMT

GET
H2 200 Valorant-1.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/ 28 KB
28 KB 247ms
141ms Image
image/avif 2606:4700:10::6816:d1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/Valorant-1.jpg?q=50&fit=crop&w=740&dpr=1.5
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:d1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bce45860ca3759528116c6a0f1a858eef24eb15b7bc96b67b869c1b126e14468

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
cf-cache-status: HIT
age: 19014
content-disposition: inline; filename="Valorant-1.avif"
alt-svc: h3=":443"; ma=86400
content-length: 28970
x-request-id: f6HfTx2Z4S_epsM7q0WNv
server: cloudflare
etag: "kZiz7bHaNXMeShQJrwpwUpwLA3weXxJ7sguUjENOq_s/RIlZPWkxtSC1jNnAyV0hHT1lGbnpmLUEi"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d6c7624beae0b41-OSL
expires: Mon, 10 Jun 2024 18:19:44 GMT

GET
H2 200 Valorant-2.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/ 31 KB
32 KB 245ms
139ms Image
image/avif 2606:4700:10::6816:d1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/Valorant-2.jpg?q=50&fit=crop&w=740&dpr=1.5
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:d1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e866f910c86828f62271e792fbb1024938453fe60d38f3a74586cdb8c51b60a1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
cf-cache-status: HIT
age: 19014
content-disposition: inline; filename="Valorant-2.avif"
alt-svc: h3=":443"; ma=86400
content-length: 32122
x-request-id: ITCa1og2xkLuZ5bWY1_rR
server: cloudflare
etag: "kZiz7bHaNXMeShQJrwpwUpwLA3weXxJ7sguUjENOq_s/RIjFtNmxUU1RBQkRFVF9MSTdRamttMlEi"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d6c7624beb10b41-OSL
expires: Mon, 10 Jun 2024 18:19:44 GMT

GET
H2 200 Valorant-3.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/ 14 KB
14 KB 246ms
140ms Image
image/avif 2606:4700:10::6816:d1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/Valorant-3.jpg?q=50&fit=crop&w=740&dpr=1.5
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:d1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af104fe80a7951752cbc52101ac6bb04f7097c0d1d9b603ef27330a46fd17ae4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
cf-cache-status: HIT
age: 19014
content-disposition: inline; filename="Valorant-3.avif"
alt-svc: h3=":443"; ma=86400
content-length: 14205
x-request-id: y1I_JvalmFc6Snth1f_A7
server: cloudflare
etag: "kZiz7bHaNXMeShQJrwpwUpwLA3weXxJ7sguUjENOq_s/RIkFUZ0JKdk45MllReDU4NURKSUNqWlEi"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d6c7624beb00b41-OSL
expires: Mon, 10 Jun 2024 18:19:44 GMT

GET
H2 200 Valorant-4.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/ 18 KB
18 KB 241ms
135ms Image
image/avif 2606:4700:10::6816:d1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/Valorant-4.jpg?q=50&fit=crop&w=740&dpr=1.5
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:d1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c2e63f2470ca2324513755bcf8f91b7c1843c3b4b35b2745cd7fabc52772c3b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
cf-cache-status: HIT
age: 19014
content-disposition: inline; filename="Valorant-4.avif"
alt-svc: h3=":443"; ma=86400
content-length: 18624
x-request-id: SpDsskai2jjEy8hv6nArD
server: cloudflare
etag: "kZiz7bHaNXMeShQJrwpwUpwLA3weXxJ7sguUjENOq_s/RIkxvQjVoMG5OMThQay1Ybkw4SXhSdVEi"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d6c7624beac0b41-OSL
expires: Wed, 12 Jun 2024 10:32:49 GMT

GET
H2 200 zodiac-signs-and-demons-of-d4-mephisto-lilith-bhaal.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2023/06/ 5 KB
5 KB 100ms
100ms Image
image/avif 2606:4700:10::6816:d1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thegamerimages.com/wordpress/wp-content/uploads/2023/06/zodiac-signs-and-demons-of-d4-mephisto-lilith-bhaal.jpg?q=50&fit=crop&w=200&h=140&dpr=1.5
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:d1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c481601926be6ed26d5b22eb4c499563ba4d571e353a8ebdcea53dd44412f5da

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
cf-cache-status: HIT
age: 19014
content-disposition: inline; filename="zodiac-signs-and-demons-of-d4-mephisto-lilith-bhaal.avif"
alt-svc: h3=":443"; ma=86400
content-length: 4919
x-request-id: WuzkXdN7QyJMFqLcatI-A
server: cloudflare
etag: "ao_7tkgpsvxXqrDCYD3jjKL1cTnKiThhkUHqCjFtNJQ/RIjR5M3RMWEp6RHF4eGhrdjNtTFJBSHci"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d6c76251f1e0b41-OSL
expires: Wed, 12 Jun 2024 10:32:49 GMT

GET
H2 200 june-spotlight-hour-featured-image.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2023/06/ 6 KB
7 KB 97ms
96ms Image
image/avif 2606:4700:10::6816:d1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thegamerimages.com/wordpress/wp-content/uploads/2023/06/june-spotlight-hour-featured-image.jpg?q=50&fit=crop&w=200&h=140&dpr=1.5
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:d1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b779b139e8c9473f93b75c093a32afeabfc4fd29a6415be4ea59cc8c4147b07

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
cf-cache-status: HIT
age: 19014
content-disposition: inline; filename="june-spotlight-hour-featured-image.avif"
alt-svc: h3=":443"; ma=86400
content-length: 6626
x-request-id: DBta0duu4rKqMSD9zZt3P
server: cloudflare
etag: "ao_7tkgpsvxXqrDCYD3jjKL1cTnKiThhkUHqCjFtNJQ/RIlVRZnpieC1BdFlYYklqWnI0S0lTRVEi"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d6c76251f200b41-OSL
expires: Mon, 10 Jun 2024 18:19:44 GMT

GET
H2 200 diablo-4-altar-of-lilith.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2023/06/ 9 KB
9 KB 99ms
99ms Image
image/avif 2606:4700:10::6816:d1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thegamerimages.com/wordpress/wp-content/uploads/2023/06/diablo-4-altar-of-lilith.jpg?q=50&fit=crop&w=200&h=140&dpr=1.5
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:d1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20d10126b236125f98acd3f319d110cd0b3ba01c4123cf553fb979ef07633e92

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
cf-cache-status: HIT
age: 19014
content-disposition: inline; filename="diablo-4-altar-of-lilith.avif"
alt-svc: h3=":443"; ma=86400
content-length: 8704
x-request-id: p3npz8ArouVKSHnVTQdDx
server: cloudflare
etag: "ao_7tkgpsvxXqrDCYD3jjKL1cTnKiThhkUHqCjFtNJQ/RIlFMOUtKcG85YXhfN0I2WnBFUWdIZVEi"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d6c76251f220b41-OSL
expires: Tue, 04 Jun 2024 16:20:50 GMT

GET
H3 200 email-decode.min.js Show response
vaiorantpromotion.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 68ms
68ms Script
application/javascript 2606:4700:3035::6815:d03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vaiorantpromotion.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:d03 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Jun 2023 14:46:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64833b49-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHs4mbW2KiOdqlmOp3L6DA%2BnYbhbuLjTcfNpKZvg4g7dMBPBZ3AmdR6enEvJakn39NKxDlzcIV%2BwPlAT00Q8GNTor3ifZmm9L7RufArF17wWp5GS7A5wvg0wqTgvV0PL01VKbFH%2BvUzp9LS3DgdTwUEHRyE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7d6c762418040b45-OSL
expires: Thu, 15 Jun 2023 18:40:21 GMT

GET
H3 200 oPS.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
vaiorantpromotion.com/blog/files/ 108 KB
109 KB 168ms
167ms Script
application/octet-stream 2606:4700:3035::6815:d03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vaiorantpromotion.com/blog/files/oPS.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:d03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e47ba52cdf6b89d811f5f499336136c66b4e68d43ba178fcc8563e081306e01

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Jun 2023 06:42:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "648026ed-1affb"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbeME0fHKdGb2iQwU25C8ji%2B6I%2Brv6T99%2Bo4G8qz%2FkYjDHzU1tKIVIKmIMvrjrhrEMW1FqmU2dSUiBxBLtTxGxMwyNp4nU1fVKNLUs3TBBIol3wJ4pyOa2E0hQGfrUwY9GVnLdSAy7ZwNvgD0P%2BFSyR%2B%2F7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 7d6c762428170b45-OSL
alt-svc: h3=":443"; ma=86400
content-length: 110587

GET
H3 200 primisslate.css
vaiorantpromotion.com/blog/files/ 18 KB
5 KB 151ms
151ms Stylesheet
text/css 2606:4700:3035::6815:d03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vaiorantpromotion.com/blog/files/primisslate.css
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:d03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 07 Jun 2023 06:42:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"648026ed-469b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOE1%2BiA2w%2Fr02dK7vG1ePb4u8mBZve%2Fll0xVdEdtKXxdNRNNN%2BMTyVAQmyayKGvam5I3ed4HbU%2B6zHQ8M6WZ6g8im4w%2Fsvm6cC4GpvYvVm0iNMDDbPdOAlmm8%2BsdbSG%2Bmpalzoj8sBSsxvbofOOucfpIcxM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7d6c762428180b45-OSL
alt-svc: h3=":443"; ma=86400

GET
H3 404 icomoon.woff
vaiorantpromotion.com/public/build/fonts/icons/ 0
0 150ms
147ms Font
text/html 2606:4700:3035::6815:d03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vaiorantpromotion.com/public/build/fonts/icons/icomoon.woff?v=1.3
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:d03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vaiorantpromotion.com/blog/
Origin: https://vaiorantpromotion.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qihrCAbGQy4s6PQkYtwhicNwz2zhl4B4oG9QTwODhJyDLRAwWSU75RjbfVyHDxEpEU6cV4df1bwU2jFX0tqc2Ah6nuHAZrhHbeJywtmGN07GU5s1njOr7V4xDgTtRhPxdluqn2tuLDk%2FjKXJTq3y%2F3YIbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 7d6c76261a3b0b45-OSL
alt-svc: h3=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 235 KB
57 KB 289ms
109ms Script
application/javascript 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17f4c082b272213f4da075af5c73893db6c70f060c8441ff6e70f7251324ff9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:16:57 GMT
content-encoding: gzip
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront), 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
last-modified: Thu, 08 Jun 2023 19:47:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, MUC50-P2
age: 1405
x-amz-server-side-encryption: AES256
etag: W/"22e740da4e2336def33bbd74ea6796a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: tykz3LV0rmgf9CVtDaP3-lkzSgSK0uZaq84YTlzA4eXSnM73huNUjw==

GET
H3 404 tg-logo-full-white.fc9e742a.svg
vaiorantpromotion.com/public/build/images/ 207 B
207 B 144ms
144ms Image
text/html 2606:4700:3035::6815:d03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vaiorantpromotion.com/public/build/images/tg-logo-full-white.fc9e742a.svg
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/files/article-regular.a5aa35cd.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:d03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9639e3c4681ce85f852fbac48e2eeee5ba51296dbfec57c200d59b76237ab80

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/blog/files/article-regular.a5aa35cd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krZb7qf3QqRzQALDQmtvXz%2BfnPG8a4TVB7%2BO6TMoVyOHlkbUkwd%2F9SLz4%2FVHnUS8JGkut3E0MlsIO5A1TngTNmB8Dh3h2eHJk%2BwSFORVKJ0w9ybjou%2FeNqoREzs0EwCDbAGc5qsiTlQ%2FYl6PHs9j3woHSDk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 7d6c76267a9d0b45-OSL
alt-svc: h3=":443"; ma=86400

GET
H3 404 rajdhani-bold.woff2
vaiorantpromotion.com/public/build/fonts/rajdhani/ 0
0 140ms
139ms Font
text/html 2606:4700:3035::6815:d03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vaiorantpromotion.com/public/build/fonts/rajdhani/rajdhani-bold.woff2
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:d03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vaiorantpromotion.com/blog/
Origin: https://vaiorantpromotion.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9G6bJr6UmAlOd%2FVYkBPs5pk4gd2upIki3k0emdRuMeOI4N5r%2BGIwYv7ZM7Jcsyl2PKJntHay0ZTlqkBTdu5ktBGzYubztYT6xC6%2BLmI3hJrJ6vQT%2Fga3rCKkZKXhslakTQ6dhM2z48PvXqxPqWQvcQ0AB3c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 7d6c76267a9f0b45-OSL
alt-svc: h3=":443"; ma=86400

GET
H3 404 rajdhani-regular.woff2
vaiorantpromotion.com/public/build/fonts/rajdhani/ 0
0 143ms
142ms Font
text/html 2606:4700:3035::6815:d03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vaiorantpromotion.com/public/build/fonts/rajdhani/rajdhani-regular.woff2
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:d03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vaiorantpromotion.com/blog/
Origin: https://vaiorantpromotion.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8isKleZIJducmar0Xf%2FZySxR74JzWPpKwVkWmadIqxllyVMygQUj7%2FoO3CYvl0VE7NrbWPpfiIp%2FUov8Czt4eyCg%2BW0B3%2BGGK0X769q8EICAE3T94hv2qjnA%2FoZ4Jl1SgTx%2BbwK%2B6LL1Ps8sHKlThAzOPs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 7d6c76267aa60b45-OSL
alt-svc: h3=":443"; ma=86400

GET
H2 204 segments.js Show response
seg.ad.gt/api/v1/ 0
134 B 586ms
438ms Script
text/html 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v1/segments.js?partner_id=269&url=https%3A%2F%2Fvaiorantpromotion.com%2Fblog%2F
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:22 GMT
cache-control: max-age=14400
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 7d6c76279814b50f-OSL
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H3 200 cookie-sync.html Show response
vaiorantpromotion.com/blog/files/ Frame 4C91 6 KB
3 KB 95ms
95ms Document
text/html 2606:4700:3035::6815:d03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vaiorantpromotion.com/blog/files/cookie-sync.html
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:d03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a86bddab19afda6f9c635ca7e0d917e37affe511ae6e3c51bfbfe3589dce520c

Request headers

Referer: https://vaiorantpromotion.com/blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d6c7626aadb0b45-OSL
content-encoding: br
content-type: text/html
date: Tue, 13 Jun 2023 18:40:21 GMT
last-modified: Wed, 07 Jun 2023 06:42:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4g9lwDV%2FFfZluDhMGayMJn9QUHVfIuUn%2B69FH74qRrTPmO2xUEHcelLgOpLCjmnoyx%2FD5y7MT14nzBRTGP%2FqX7z0t%2BVlcvTEiusZ6oLyPJIra53kapHhPN%2FlIACTQRGKoLKeAi8OF9T82alEfbLyquYygU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 saved_resource.html Show response
vaiorantpromotion.com/blog/files/ Frame B0F4 152 B
534 B 93ms
93ms Document
text/html 2606:4700:3035::6815:d03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vaiorantpromotion.com/blog/files/saved_resource.html
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:d03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3

Request headers

Referer: https://vaiorantpromotion.com/blog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d6c7626aae40b45-OSL
content-encoding: br
content-type: text/html
date: Tue, 13 Jun 2023 18:40:21 GMT
last-modified: Wed, 07 Jun 2023 06:42:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4Hm3%2F06iFvcTungsmDDwhEl1HUr2zZQ0caYTTyvK8ENvqqIkuZFY1QgDw8p4sEjT%2Flwlo%2FioyubVgAQMLBK%2F4muO%2BdzyIRC8sEgFJGcPNFisBP%2B8j9kH%2BdfXWDp%2FsUzHXrnbEIBybw7t5jPqxTM3I0X1WM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 404 icomoon.woff2
vaiorantpromotion.com/public/build/fonts/icons/ 0
0 146ms
146ms Font
text/html 2606:4700:3035::6815:d03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vaiorantpromotion.com/public/build/fonts/icons/icomoon.woff2?v=1.3
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:d03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vaiorantpromotion.com/blog/
Origin: https://vaiorantpromotion.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2B8b8d3rinb2mAbvS%2FMJIYLhBVV%2BUVahTH48PTsAjfmKa1LxPohj4LtKb1CIKgAtMWs%2FbawYQXgDAnri7yUnAlPtjDq4x1v43f15RiVSG37bt%2FhnGajMLbUZ5QxH8jqDd4%2ByF%2FzDp%2BVTMB3wgQmDduPto8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 7d6c76270b5f0b45-OSL
alt-svc: h3=":443"; ma=86400

POST
H2 200 cookie_sync Show response
mbid.marfeelrev.com/ Frame 4C91 1 KB
688 B 294ms
89ms XHR
application/json 148.251.135.181
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mbid.marfeelrev.com/cookie_sync
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/files/cookie-sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.135.181 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy01.cl01.het.mrf.io
Software: istio-envoy /
Resource Hash: 369b6a06cf0598a92b22182eb79ecc4387aff4c5507cdf798d5febccb1f5656d

Request headers

Referer: https://vaiorantpromotion.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Jun 2023 18:40:21 GMT
content-encoding: gzip
server: istio-envoy
content-type: application/json
access-control-allow-origin: https://vaiorantpromotion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 435
expires: 0

GET
H3 404 rajdhani-bold.woff
vaiorantpromotion.com/public/build/fonts/rajdhani/ 0
0 142ms
141ms Font
text/html 2606:4700:3035::6815:d03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vaiorantpromotion.com/public/build/fonts/rajdhani/rajdhani-bold.woff
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:d03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vaiorantpromotion.com/blog/
Origin: https://vaiorantpromotion.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0phDHHT5TYJUVfGonCQgiAIN2BEHZHkT67BCAuUlZAuNQVjqsSk8xNTFzB%2FsVDrVhTMoDnqer6gXiOLQiGVK8MIdjmRu9JTX5xNvrX7MifJHhS3j5BbOYWeJpHFSmf%2BfQ2l2%2B%2BjV%2B3PrsSfTcM05GV4kTBo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 7d6c76276bd00b45-OSL
alt-svc: h3=":443"; ma=86400

GET
H3 404 rajdhani-regular.woff
vaiorantpromotion.com/public/build/fonts/rajdhani/ 0
0 148ms
147ms Font
text/html 2606:4700:3035::6815:d03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vaiorantpromotion.com/public/build/fonts/rajdhani/rajdhani-regular.woff
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:d03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vaiorantpromotion.com/blog/
Origin: https://vaiorantpromotion.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kK0ADCjKpkNRntlCobonky8NLJhSAkpM5Qvohp2vmkr8LfV1lYrGThUSTzDYpciBXAia2V195sLPFQmEENgMmdxVaMxNaexcIB57Vh0UY5eGhwGcqwuzAD6pLD5efgsovku0DAfFJY458fYeJlqWfcSsqN8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 7d6c76276bd90b45-OSL
alt-svc: h3=":443"; ma=86400

GET
H3 404 icomoon.ttf
vaiorantpromotion.com/public/build/fonts/icons/ 0
0 143ms
142ms Font
text/html 2606:4700:3035::6815:d03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vaiorantpromotion.com/public/build/fonts/icons/icomoon.ttf?v=1.3
Requested by: Host: vaiorantpromotion.com
URL: https://vaiorantpromotion.com/blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:d03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vaiorantpromotion.com/blog/
Origin: https://vaiorantpromotion.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:40:21 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssdJf0iPsKtpbJpAQv6ltHGeLHGFmt2Fjou8Rz8xE1uG9HmZbAYrPOe06%2FRwh1VmunNww6wD4nj0IqF77xtZG8K9ZEMZoajKU1h3vK3xPOM2Wa75vSeteg90bbx2pC2yElrtwy76G3UVyADzZjvwiOf3zP0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 7d6c7627fc7f0b45-OSL
alt-svc: h3=":443"; ma=86400

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 250ms
90ms XHR
application/javascript 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 08:25:34 GMT
x-amz-version-id: Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding: gzip
via: 1.1 d2e8c709d1f79bde6ed8f833f02bdd34.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 36889
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 01:35:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: klxJWwuzEf7w7AOWAdCyq3UseHUwWft38OR9-8Awyg6Twvr0EAD7Sw==

GET
H/1.1

200
OK

usermatchredir
ssum.casalemedia.com/ Frame 4C91
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=184550&cb=
https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1

43 B
766 B

76ms
76ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Jun 2023 18:40:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 13 Jun 2023 18:40:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /usermatchredir?s=184550&cb=&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 4C91 43 B
245 B 206ms
80ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24%7BUID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jun 2023 18:40:22 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 4C91 0
239 B 513ms
126ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-marfeel&gdpr=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
mbid.marfeelrev.com/ Frame 4C91
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmbid.marfeelrev.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526f%253Di%2526uid%253D%2524UID
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=8263754755877416140

86 B
572 B

90ms
89ms

Image
image/png

148.251.135.181
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=8263754755877416140
Protocol: H2
Server: 148.251.135.181 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy01.cl01.het.mrf.io
Software: istio-envoy /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jun 2023 18:40:22 GMT
content-encoding: gzip
server: istio-envoy
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
expires: 0

Redirect headers

Date: Tue, 13 Jun 2023 18:40:23 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.138.7.240; 193.138.7.240; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: fbb51c2f-3788-4d46-ab54-ed59327ea8fa
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=8263754755877416140
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
mbid.marfeelrev.com/ Frame 4C91
Redirect Chain

https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid...
https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di...
https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=e3064028-19e0-4e31-9c79-76e4f8279a25

86 B
704 B

90ms
89ms

Image
image/png

148.251.135.181
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=e3064028-19e0-4e31-9c79-76e4f8279a25
Protocol: H2
Server: 148.251.135.181 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy01.cl01.het.mrf.io
Software: istio-envoy /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jun 2023 18:40:23 GMT
content-encoding: gzip
server: istio-envoy
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
expires: 0

Redirect headers

location: https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=e3064028-19e0-4e31-9c79-76e4f8279a25
access-control-allow-origin: *
date: Tue, 13 Jun 2023 18:40:23 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

setuid
mbid.marfeelrev.com/ Frame 4C91
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=8263754755877416140

86 B
704 B

90ms
89ms

Image
image/png

148.251.135.181
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=8263754755877416140
Protocol: H2
Server: 148.251.135.181 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy01.cl01.het.mrf.io
Software: istio-envoy /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://vaiorantpromotion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jun 2023 18:40:23 GMT
content-encoding: gzip
server: istio-envoy
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
expires: 0

Redirect headers

Date: Tue, 13 Jun 2023 18:40:23 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.138.7.240; 193.138.7.240; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c32972e5-b358-4d52-960a-ebbd93f1078a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=8263754755877416140
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.casalemedia.com/	1970-01-20 21:16:57	Name: CMID Value: ZIi4FpqOq--pttFZLeeIKgAA
.casalemedia.com/	1970-01-20 14:40:57	Name: CMPS Value: 5132
.casalemedia.com/	1970-01-20 14:40:57	Name: CMPRO Value: 5132
.adnxs.com/	1970-01-20 14:40:57	Name: uuid2 Value: 8263754755877416140
.360yield.com/	1970-01-20 14:40:57	Name: tuuid Value: e3064028-19e0-4e31-9c79-76e4f8279a25
.360yield.com/	1970-01-20 14:40:57	Name: tuuid_lu Value: 1686681623
.mbid.marfeelrev.com/	1970-01-20 14:40:57	Name: uids Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYWRueHMiOnsidWlkIjoiODI2Mzc1NDc1NTg3NzQxNjE0MCIsImV4cGlyZXMiOiIyMDIzLTA2LTI3VDE4OjQwOjI0LjA3NloifSwiaW1wcm92ZWRpZ2l0YWwiOnsidWlkIjoiZTMwNjQwMjgtMTllMC00ZTMxLTljNzktNzZlNGY4Mjc5YTI1IiwiZXhwaXJlcyI6IjIwMjMtMDYtMjdUMTg6NDA6MjMuOTEyWiJ9fSwiYmRheSI6IjIwMjMtMDYtMTNUMTg6NDA6MjMuMzg5WiJ9

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://vaiorantpromotion.com/public/build/fonts/icons/icomoon.woff?v=1.3 Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://vaiorantpromotion.com/blog/files/cookie-sync.html Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://vaiorantpromotion.com/public/build/fonts/rajdhani/rajdhani-bold.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vaiorantpromotion.com/public/build/images/tg-logo-full-white.fc9e742a.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vaiorantpromotion.com/public/build/fonts/rajdhani/rajdhani-regular.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vaiorantpromotion.com/public/build/fonts/icons/icomoon.woff2?v=1.3 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vaiorantpromotion.com/public/build/fonts/rajdhani/rajdhani-bold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vaiorantpromotion.com/public/build/fonts/rajdhani/rajdhani-regular.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vaiorantpromotion.com/public/build/fonts/icons/icomoon.ttf?v=1.3 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
c.amazon-adsystem.com
ib.adnxs.com
mbid.marfeelrev.com
pixel.rubiconproject.com
rtb.openx.net
seg.ad.gt
ssum.casalemedia.com
static1.thegamerimages.com
vaiorantpromotion.com
www.thegamer.com
108.138.37.209
148.251.135.181
185.80.39.216
185.89.210.180
2606:4700:10::6816:d1d
2606:4700:10::ac43:17ea
2606:4700:3035::6815:d03
35.186.253.211
52.203.114.80
63.33.106.238
69.173.144.138
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
15dcef640cac0fe6f9f5006624cdc828b1ae6292b618aece6607c9952a6ae1cf
1b779b139e8c9473f93b75c093a32afeabfc4fd29a6415be4ea59cc8c4147b07
1e24826b79dd8d6027c75dcb429dedd26bf976b9b50d8371efb929f80e7d14e7
20d10126b236125f98acd3f319d110cd0b3ba01c4123cf553fb979ef07633e92
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26c95380ef7e6fbda4146e9b208c2d78ef32be34c1c147757edb6099fc3e6dd3
2c2e63f2470ca2324513755bcf8f91b7c1843c3b4b35b2745cd7fabc52772c3b
324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3
369b6a06cf0598a92b22182eb79ecc4387aff4c5507cdf798d5febccb1f5656d
3bcf9f5dd1769dbd241485b17788201d9d8d53f5ab2bb2f89a94ae12f154740c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
559b43f7beabc7c03b99de9f0820c720b5e6c8ae68867d0c90cfee83d52b7f45
6e47ba52cdf6b89d811f5f499336136c66b4e68d43ba178fcc8563e081306e01
7d8aca4a24e0fc01d9f8627550ae9c05e8163b0c73e51c585e97ca13a0503d23
a86bddab19afda6f9c635ca7e0d917e37affe511ae6e3c51bfbfe3589dce520c
af104fe80a7951752cbc52101ac6bb04f7097c0d1d9b603ef27330a46fd17ae4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17f4c082b272213f4da075af5c73893db6c70f060c8441ff6e70f7251324ff9
b64d1c3350c7857821888624135a8d45fcb9c8834662a7baa63a652c018ad75d
bce45860ca3759528116c6a0f1a858eef24eb15b7bc96b67b869c1b126e14468
bd588f338804d52bb4b2da080d43a604fea9a8bc397b23377c1a903ba80e387f
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c481601926be6ed26d5b22eb4c499563ba4d571e353a8ebdcea53dd44412f5da
c884dfd88281336423bd6589cb522f8b2c68e1776373ca93b21658335a3a9ae4
c886e7ce6980565f56761a4e921edd13df2fa16deb88a13f4e2f2500d0ca5a82
c899ef20f90230583399b7286d2f689bbe811a773cef6794ef29fdfee70918da
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
e866f910c86828f62271e792fbb1024938453fe60d38f3a74586cdb8c51b60a1
e9639e3c4681ce85f852fbac48e2eeee5ba51296dbfec57c200d59b76237ab80
f136be1c736721a3a258ffed1d6870f3b87cf1266c7ac43cc61250ed117637a1

vaiorantpromotion.com Open in urlscan Pro 2606:4700:3035::6815:d03 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

91 %HTTPS

27 %IPv6

11 Domains

11 Subdomains

9 IPs

4 Countries

562 kBTransfer

1369 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vaiorantpromotion.com Open in urlscan Pro
2606:4700:3035::6815:d03 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

91 %
HTTPS

27 %
IPv6

11
Domains

11
Subdomains

9
IPs

4
Countries

562 kB
Transfer

1369 kB
Size

7
Cookies

43 HTTP transactions
0 data transactions