sandstrike.io Open in urlscan Pro
136.244.91.127 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sandstrike.io/
Effective URL:
https://sandstrike.io/
Submission: On February 13 via api (February 13th 2024, 11:51:23 am UTC) from US — Scanned from DE

Summary HTTP 177 Redirects Behaviour Indicators

Summary

This website contacted 61 IPs in 8 countries across 45 domains to perform 177 HTTP transactions. The main IP is 136.244.91.127, located in Frankfurt am Main, Germany and belongs to AS-CHOOPA, US. The main domain is sandstrike.io.
TLS certificate: Issued by R3 on January 6th 2024. Valid for: 3 months.

This is the only time sandstrike.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	136.244.91.127 136.244.91.127	20473 (AS-CHOOPA) (AS-CHOOPA)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:2e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
8	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
1	35.82.244.1 35.82.244.1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
6	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6812:1791	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:293c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
2	151.101.193.35 151.101.193.35	54113 (FASTLY) (FASTLY)
2	146.75.122.214 146.75.122.214	54113 (FASTLY) (FASTLY)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
9	104.18.43.178 104.18.43.178	() ()
1 8	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225b:fa00:a:e047:753:eb41	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	52.30.159.215 52.30.159.215	16509 (AMAZON-02) (AMAZON-02)
2	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
5	37.157.6.232 37.157.6.232	198622 (ADFORM) (ADFORM)
1 1	35.214.240.36 35.214.240.36	15169 (GOOGLE) (GOOGLE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	37.157.2.250 37.157.2.250	198622 (ADFORM) (ADFORM)
1	35.157.7.115 35.157.7.115	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.73.193.1 54.73.193.1	16509 (AMAZON-02) (AMAZON-02)
2	34.111.113.40 34.111.113.40	() ()
2 2	13.248.245.213 13.248.245.213	() ()
1	34.107.172.168 34.107.172.168	() ()
177	61

9 136.244.91.127 (Frankfurt am Main, Germany) 1 redirects

ASN20473 (AS-CHOOPA, US)
PTR: 136.244.91.127.vultrusercontent.com

sandstrike.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:2e8 (United States)

ASN13335 (CLOUDFLARENET, US)

api.adinplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.82.244.1 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-244-1.us-west-2.compute.amazonaws.com

id.twitch.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.122.214 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

api.twitch.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.43.178 (None, )

ASN- ()

elb.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.210.153 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:fa00:a:e047:753:eb41 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.159.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-159-215.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France) 1 redirects

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.6.232 (Denmark)

ASN198622 (ADFORM, DK)

server.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.240.36 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 36.240.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (San Francisco, United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.250 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.7.115 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-7-115.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.193.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-193-1.eu-west-1.compute.amazonaws.com

ad2.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.40 (None, )

ASN- ()

config.uca.cloud.unity3d.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (None, ) 2 redirects

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.172.168 (None, )

ASN- ()

cdp.cloud.unity3d.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com 22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 pagead2.googlesyndication.com — Cisco Umbrella Rank: 114	246 KB
17	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 ad.doubleclick.net — Cisco Umbrella Rank: 157 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 258	231 KB
10	criteo.net static.criteo.net — Cisco Umbrella Rank: 667 csm.eu.criteo.net — Cisco Umbrella Rank: 8856	26 KB
10	paypal.com www.paypal.com — Cisco Umbrella Rank: 2979 t.paypal.com — Cisco Umbrella Rank: 3519	285 KB
9	adform.net server.adform.net — Cisco Umbrella Rank: 52823 s1.adform.net — Cisco Umbrella Rank: 11041	133 KB
9	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 252 acdn.adnxs.com — Cisco Umbrella Rank: 620	30 KB
9	the-ozone-project.com elb.the-ozone-project.com — Cisco Umbrella Rank: 4502	12 KB
9	sandstrike.io 1 redirects sandstrike.io	33 MB
7	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 513 eus.rubiconproject.com — Cisco Umbrella Rank: 604 token.rubiconproject.com — Cisco Umbrella Rank: 474	15 KB
6	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 3029 ads.eu.criteo.com — Cisco Umbrella Rank: 8767 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10356 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 14835	66 KB
6	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2624	40 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	104 KB
5	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 702	2 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	167 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 627	2 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 851 api.btloader.com — Cisco Umbrella Rank: 942	25 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 imasdk.googleapis.com — Cisco Umbrella Rank: 472	133 KB
3	unity3d.com config.uca.cloud.unity3d.com cdp.cloud.unity3d.com	347 B
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2136 google-bidout-d.openx.net — Cisco Umbrella Rank: 2135	786 B
3	twitch.tv id.twitch.tv — Cisco Umbrella Rank: 52609 api.twitch.tv — Cisco Umbrella Rank: 17082	644 B
2	3lift.com 2 redirects eb2.3lift.com	798 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net — Cisco Umbrella Rank: 920	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 854 id5-sync.com — Cisco Umbrella Rank: 419	26 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1610	25 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 898	1 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1237	104 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 314	3 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2173	306 B
2	adinplay.com api.adinplay.com — Cisco Umbrella Rank: 13179 stats.adinplay.com Failed	196 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 761	194 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	141 KB
1	360yield.com ad2.360yield.com — Cisco Umbrella Rank: 19365	199 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 505	35 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	256 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 886	298 B
1	omnitagjs.com 1 redirects visitor.omnitagjs.com — Cisco Umbrella Rank: 711	389 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 782	7 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2735	3 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2476	1 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1783	8 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 2440	46 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1103	9 KB
0	bidswitch.net Failed x.bidswitch.net Failed
0	servenobid.com Failed ads.servenobid.com — Cisco Umbrella Rank: 2496 Failed
0	workers.dev Failed country.adinplay-venatus.workers.dev Failed
177	45

	Domain	Requested by
10	pagead2.googlesyndication.com	22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com pagead2.googlesyndication.com sandstrike.io tpc.googlesyndication.com
9	tpc.googlesyndication.com	22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com sandstrike.io
9	elb.the-ozone-project.com	api.adinplay.com cadmus.script.ac elb.the-ozone-project.com
9	sandstrike.io	1 redirects sandstrike.io
8	static.criteo.net	cadmus.script.ac ads.eu.criteo.com
8	ib.adnxs.com	1 redirects api.adinplay.com acdn.adnxs.com googleads.g.doubleclick.net
8	securepubads.g.doubleclick.net	api.adinplay.com cadmus.script.ac sandstrike.io 22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
8	www.paypal.com	sandstrike.io www.paypal.com www.paypalobjects.com
6	www.paypalobjects.com	sandstrike.io cadmus.script.ac www.paypalobjects.com
5	server.adform.net	22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com sandstrike.io s1.adform.net
5	cdn.ampproject.org	cadmus.script.ac
5	onetag-sys.com	api.adinplay.com cadmus.script.ac
4	s1.adform.net	sandstrike.io
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	fastlane.rubiconproject.com	api.adinplay.com
4	www.gstatic.com	sandstrike.io
3	googleads.g.doubleclick.net	22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com sandstrike.io
3	22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com	cadmus.script.ac
3	api.btloader.com	cadmus.script.ac btloader.com
3	fonts.googleapis.com	sandstrike.io cadmus.script.ac
2	eb2.3lift.com	2 redirects
2	config.uca.cloud.unity3d.com	cadmus.script.ac
2	csm.eu.criteo.net	ads.eu.criteo.com
2	eus.rubiconproject.com	cadmus.script.ac eus.rubiconproject.com
2	gum.criteo.com	1 redirects cadmus.script.ac
2	oajs.openx.net	1 redirects sandstrike.io
2	script.4dex.io	cadmus.script.ac
2	api.twitch.tv	cadmus.script.ac
2	t.paypal.com	sandstrike.io
2	ad.doubleclick.net	sandstrike.io 22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
2	ad-delivery.net	sandstrike.io
2	i.clean.gg	cadmus.script.ac
2	cdn.jsdelivr.net	api.adinplay.com cadmus.script.ac
2	region1.google-analytics.com	www.googletagmanager.com
2	api.adinplay.com	sandstrike.io api.adinplay.com
2	code.jquery.com	sandstrike.io
2	www.googletagmanager.com	sandstrike.io
1	cdp.cloud.unity3d.com	cadmus.script.ac
1	ad2.360yield.com	elb.the-ozone-project.com
1	rtb.fr3.eu.criteo.com	22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
1	match.sharethrough.com	elb.the-ozone-project.com
1	www.google.com	1 redirects
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	csync.loopme.me	1 redirects
1	ads.eu.criteo.com	22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
1	google-bidout-d.openx.net	cadmus.script.ac
1	visitor.omnitagjs.com	1 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	static.cloudflareinsights.com	elb.the-ozone-project.com
1	mug.criteo.com	sandstrike.io
1	acdn.adnxs.com	cadmus.script.ac
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	cdn.prod.uidapi.com	cadmus.script.ac
1	tags.crwdcntrl.net	cadmus.script.ac
1	invstatic101.creativecdn.com	cadmus.script.ac
1	cdn.id5-sync.com	cadmus.script.ac
1	oa.openxcdn.net	cadmus.script.ac
1	btloader.com	api.adinplay.com
1	imasdk.googleapis.com	api.adinplay.com
1	cadmus.script.ac	api.adinplay.com
1	fonts.gstatic.com	fonts.googleapis.com
1	id.twitch.tv	sandstrike.io
1	maxcdn.bootstrapcdn.com	sandstrike.io
0	x.bidswitch.net Failed	elb.the-ozone-project.com
0	ads.servenobid.com Failed	elb.the-ozone-project.com
0	stats.adinplay.com Failed	api.adinplay.com
0	country.adinplay-venatus.workers.dev Failed	api.adinplay.com
177	69

This site contains no links.

Subject Issuer	Validity	Valid
sandstrike.io R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
adinplay.com GTS CA 1P5	`2023-12-15` - `2024-03-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-01-24` - `2024-08-21`	7 months	crt.sh
id.twitch.tv Amazon RSA 2048 M01	`2023-03-27` - `2024-04-24`	a year	crt.sh
script.ac E1	`2023-12-29` - `2024-03-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
btloader.com GTS CA 1P5	`2023-12-17` - `2024-03-16`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2024-01-11` - `2024-04-10`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2024-02-06` - `2024-05-06`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-01-20` - `2024-04-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh
twitch.tv GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-01` - `2024-10-02`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
the-ozone-project.com E1	`2023-12-24` - `2024-03-23`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2024-01-22` - `2024-04-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
cdn.prod.uidapi.com R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-06` - `2024-05-03`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-21`	3 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-10` - `2024-05-05`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
config.services.api.unity.com GTS CA 1D4	`2024-02-10` - `2024-05-10`	3 months	crt.sh
cdp.cloud.unity3d.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-26` - `2024-05-28`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://sandstrike.io/
Frame ID: E77B18D959B1449AB210620A85ACE2ED
Requests: 81 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.422&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVRUazE2MFJUQXk4aTluWldJYW1OX1dmR2g4RGNUNDRxTUFPbmE1LW90QmZtU3NkSUVZTHM3bzc0Z1hLR2VKeVJQWHhyazFNZ0hYRHQxYjkmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCIsImF0dHJzIjp7ImRhdGEtc2RrLWludGVncmF0aW9uLXNvdXJjZSI6ImJ1dHRvbi1mYWN0b3J5IiwiZGF0YS11aWQiOiJ1aWRfenh1cWp6Z3N2cGt3cXF1eXZoamxodGN5Z29tYWRoIn19&clientID=ATTk160RTAy8i9nZWIamN_WfGh8DcT44qMAOna5-otBfmSsdIEYLs7o74gXKGeJyRPXxrk1MgHXDt1b9&sdkCorrelationID=f625515f3b2f6&storageID=uid_db1b5f3de7_mte6nte6mte&sessionID=uid_1b674f1386_mte6nte6mte&buttonSessionID=uid_1cf20b8136_mte6nte6mte&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&clientMetadataID=uid_1b674f1386_mte6nte6mte&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true
Frame ID: 26250CC1CC4804561CF00C07EF611247
Requests: 7 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-white.svg
Frame ID: 8F61D475AF7E57631B128A76949F04AA
Requests: 3 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 89BBA19D784BE1E78220BD247DF5FA26
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=sandstrike.io
Frame ID: ED47B64FE842E969F3B653C81F95EBDA
Requests: 2 HTTP requests in this frame

Frame: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 000C039438FD53E98BB8C557F64FDB8E
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1707825072954&bidder=ozone
Frame ID: 0D9C5BFCAB260553BD252A3DD58FBC9B
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1707825072962
Frame ID: FD526A3BF8D2D73DAD80DCF01D56B121
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A2DB4066D0FA800206C40528685996EF
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2EB9E4A80561E58E6EEB5C68D0F892FF
Requests: 3 HTTP requests in this frame

Frame: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EBA2D06B8FC8FBFB2BDB30152EB7EBA5
Requests: 7 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: A443C11B0B5A9BA3F2C4D940119A437A
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZctXsQAAr3UIu8lAAAMkRarjzGKLMNeNkTJ0EA&u=%7CxeiPBEmknJETif56feWSsH%2Bk2ALb4VEXf4w3bHCA%2BpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12Mk5ggn13iuEic_NwgTl1RzDYuYpdIxRMUHYV7U0Q5eYTN3eJfzfSFwHEG40MYyIBCeOI7JEC7bFQE7vurt35H6vga6Cx8hUeKf8DXDvwfviSqfB-tfSGKcm721tUTpi-ZLHK9A3N14d48BIGDRNr5_4ZAgvnH3FJs9kgqVsXX179XVKUnGAPV2B8Bd8FZgJpQ96Bjxnaa1VchDa15P5vJxE_Y5vS4Anm7QkEIehvA26bDpBsiDscbKQe9mUtLYMndluOE89EmIm9z_OgWC_y2h9NptW3LAZ4pG_MEikj7xvQWDMJ2Mc4rvAH305wN8KbR_hUFc0iJiw_UCg7bCJ1D4Zv2are-jM8fwXWphUKjkaqSqeiLsvS7W4NgrykP2ndHaQg7goYY7jT1Q8FlornqdaiJRXDhZ-VD8zWQb7q-n7aGoQM4ZrX5Z2Ju2ELsBp_y0tyt2WKhyLkwi6fCmvc1n6nDIUxM6nIiQUJrY1jDRnTSR87B_7nCyU4aCAYVXf1-5EqSAG_CK6ZZlbCCTAle6uBQ14Po9s4lPkVZMiMUaYj4rq6030Py7lm0Bnix6VzXegz_e3BSExTrJGwXXPO4ifqqiFvU0Ej6A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFGFWsVfLZfXeAsCS7_UPxciMoAPJntKxXNWdkfdwwI23ARABIJHi5B9gleKagqwHyAEJqQJc5GOEtRCyPuACAKgDAcgDAqoEqgJP0EVHaPrIduY5qH-xkbR8gnqQKup2By88wKUuiG6DeerFzLu15nApYCvMAAGZhRAhUcRQpiG_W5Pmkszgef_jHBSZNlh50n32KpuQz6DChiSPlaCe_2ovf8lS_1IpjDBSMz3FJjXgIguPhfNARA_LFpU3C0Z4kTJDIlTyi1gsaXg4lwT1SEFsDwce6CF3mjqNxZhdJBxV4P3ftT8RlROLGXYuWjsJGg5BY9Imrrmh3UrX7s66R-ZcxRNC3Sh3RwuLzhhyqvNT_E3BIzW8FeUe3Ta9XS26kudSVYuy_ogfRWk6ew1QwpN6kUoSXXXGG6siK49YhEZwHukNk-aoYikkmTFXqHjheAKBR3GtqwTpVqYPlHybmGxwIVR0fgbnTikT6_xB-ZqWJuEL4AQBgAaEx8qrrI6yiq8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAhAhIvf3BOliSx8OWoKiEA_oLAggBgAwB4g0TCNf0w5agqIQDFUDJuwgdRSQDNNAVAYAXAQ%26num%3D1%26sig%3DAOD64_13bo4tv4KvD_2ot7hlHE_xmHArEQ%26client%3Dca-pub-3282547114800347%26adurl%3D
Frame ID: 4D1A9FA535EAA1DE38A633A647798071
Requests: 11 HTTP requests in this frame

Frame: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2D175AFE15F9BB0CC144F24EFE6127DA
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012402060239000/amp4ads-v0.mjs
Frame ID: BA4B42D857F36F62CAC3C3C6A9FF93F7
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKnk7gEQrLv-ARiNh4yHAjAB&v=APEucNVYfONi6KCBkwtraXB1ry2amUgvQHGD3SHwgx5Jf6HRFn8V2i5PId--9T5nmMeuog0ETf-Ih2r26DEDU9LjZ32CDJdNOB0TkUMnGPUEru5zKDCbC9NsZbVesXDoaAwbB3cGUg6ZKev56Wb4-MuOf1PJ6MGbbj26f-Li2aT8G_hSpRdYs1hpT8hOhNK0rDaI04c_WHKzUZawkG4NRVuaUpzi9R7uRw
Frame ID: 7DAA70B0E20E12144A565649F6158C12
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B84006E121481B13DA29F2B9139211F7
Requests: 3 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=310&uid=IJ5HARZHzjr_eOLpRjCVcbn2&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D5%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID
Frame ID: DFBBC4D58D070E1A5395202846CD44BE
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2181979/14308870/main/14308870.js?ADFassetID=14308870&bv=259
Frame ID: 04760F5130649E9525F2F267E5DB825E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SandStrike.io | BEST 3D Online Multiplayer

Page URL History Show full URLs

http://sandstrike.io/ HTTP 301
https://sandstrike.io/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

177
Requests

90 %
HTTPS

47 %
IPv6

45
Domains

69
Subdomains

61
IPs

8
Countries

35644 kB
Transfer

90736 kB
Size

46
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sandstrike.io/ HTTP 301
https://sandstrike.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://oajs.openx.net/esp?url=https%3A%2F%2Fsandstrike.io%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fsandstrike.io%2F&rid=esp&cc=1

Request Chain 98

https://gum.criteo.com/sid/json?origin=publishertagids&domain=sandstrike.io&sn=ChromeSyncframe&so=0&topUrl=sandstrike.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=VX2ZUHw5MDdud05KVjdmSGZpQ29iZDZIc1VaNHE1VjlOTWczVXN3QTRSVlM3MHFxVjZaQjk1NE8yMGdmQVJoTkl4emxMMkRkK0kvNDY3SC9ZOE0rY0xWTlM5WFpURStkbjZrTUo0a1RBdjUrQS92UmEwVEZzOVkrRmpKTTNiS3VtOTh6QVduOVNhL2ZBV2hQdndFL0s2ODNJWjB1WVg2eEpmL2NqZW5nRVBYWVBEUFAwazQydUt6TTVRRUpxNlZGQnBpZUNpN01WUnFmeVpYUFB0Q3pscGNnd2tFVHZCcW5mUjlscFljYWczaVhnRlR6akRheHg2c3ZqVm1tbkczZk1nV21LekF4REdPZGdzMU5NMzJvejBQcWRsekRJTksycjRRSGtkYWl0QWJZOEFzcz18&cppv=2

Request Chain 105

https://visitor.omnitagjs.com/visitor/bsync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[BUYER_USERID] HTTP 307
https://elb.the-ozone-project.com/setuid?bidder=adyoulike&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=58011ba967f2951ed762e61d31cfe842

Request Chain 129

https://csync.loopme.me/?pubid=%3C12744%3E&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dloopme%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D{viewer_token} HTTP 307
https://elb.the-ozone-project.com/setuid?bidder=loopme&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=14674941-a5b9-433e-be71-3c1c1777a488&gdpr_consent=${gdpr_consent}&gdpr=${gdpr}

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG2YqAXGAbrsRbzJHm7H8nI&google_cver=1

Request Chain 136

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZctXsVVbLIwAAAZsAD1yDAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG2YqAXGAbrsRbzJHm7H8nI&google_cver=1

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEO81rKViD7lFrgM8a30kTEM&google_cver=1

Request Chain 138

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU1MTQ1NDU5Mjc2NDc3MDUxMA%3D%3D

Request Chain 142

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 161

https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D$UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D1%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=8551454592764770510&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D1%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/getsync?jp=1&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D2%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D2%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID&cb=1707825078026 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=1309384522 HTTP 302
https://sync.1rx.io/usersync/turn/7236770634091550292?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-951e435d-2f5c-49ef-868d-1d7000e2d565-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-951e435d-2f5c-49ef-868d-1d7000e2d565-003%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D2%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
https://ads.servenobid.com/sync?pid=321&uid=RX-951e435d-2f5c-49ef-868d-1d7000e2d565-003&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D2%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/getsync?jp=2&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%5Bssb_sync_pid%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D3%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
https://ads.servenobid.com/sync?pid=317&uid=4791195508558186247&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D3%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/getsync?jp=3&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D4%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
https://ads.servenobid.com/sync?pid=353&uid=0000EEA&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D4%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/getsync?jp=4&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D5%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D5%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=IJ5HARZHzjr_eOLpRjCVcbn2&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D5%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID

Request Chain 173

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3584624213607586227794

177 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
sandstrike.io/
Redirect Chain

http://sandstrike.io/
https://sandstrike.io/

36 KB
37 KB

133ms
53ms

Document
text/html

136.244.91.127
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://sandstrike.io/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 136.244.91.127 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 136.244.91.127.vultrusercontent.com
Software: nginx/1.14.1 /
Resource Hash: b53b852d31d9e53ef897317c5ba27a72bb2abce556fa62b20b0812edf8714253

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 37280
Content-Type: text/html
Date: Tue, 13 Feb 2024 11:51:11 GMT
ETag: "656f5c3b-91a0"
Last-Modified: Tue, 05 Dec 2023 17:22:03 GMT
Server: nginx/1.14.1

Redirect headers

Connection: keep-alive
Content-Length: 185
Content-Type: text/html
Date: Tue, 13 Feb 2024 11:51:10 GMT
Location: https://sandstrike.io/
Server: nginx/1.14.1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 279 KB
93 KB 148ms
56ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HNP6484PF7

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d0688fd145e7c89d19292c60a45a139e52b8f2294e487e0d5e60276366728e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94921
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Feb 2024 11:51:11 GMT

GET
H2 200 jquery-3.6.0.js Show response
code.jquery.com/ 282 KB
83 KB 188ms
57ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.js
Requested by: Host: sandstrike.io
URL: https://sandstrike.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:11 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 282690
x-cache: HIT, HIT
content-length: 84714
x-served-by: cache-lga21935-LGA, cache-sof1510027-SOF
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1707825071.238931,VS0,VE0
etag: W/"28feccc0-46744"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 35, 5546

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.11.2/ 458 KB
111 KB 245ms
114ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.2/jquery-ui.js
Requested by: Host: sandstrike.io
URL: https://sandstrike.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 26e1b509ca17a756db87864840e31a1a7caa2ce9164aa2fff2c61284c582c0c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:11 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 13024375
x-cache: HIT, HIT
content-length: 113672
x-served-by: cache-lga21920-LGA, cache-sof1510027-SOF
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1707825071.239129,VS0,VE0
etag: W/"28feccc0-7296c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 58, 368

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/ 31 KB
9 KB 141ms
50ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 874
age: 6504051
cdn-cachedat: 05/01/2023 21:10:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"abda843684d022f3bc22bc83927fe05f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9836310e40db51f9e6d3c1149dc7bb5c
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 854cdba6fc0d914a-FRA
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
867 B 137ms
47ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=VT323&display=swap

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

03ffeb5fe80c55b010183e198bf57795fcebd6098082120338c06f74a225ae39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 11:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 11:40:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Feb 2024 11:51:11 GMT

GET
H/1.1 200
OK style.css
sandstrike.io/TemplateData/ 4 KB
4 KB 121ms
40ms Stylesheet
text/css 136.244.91.127
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://sandstrike.io/TemplateData/style.css
Requested by: Host: sandstrike.io
URL: https://sandstrike.io/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 136.244.91.127 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 136.244.91.127.vultrusercontent.com
Software: nginx/1.14.1 /
Resource Hash: fe67ee7ad0d78b3d6de22c3a5f46825c8cc755ffb426995806b2aa48e431288c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 11:51:11 GMT
Last-Modified: Tue, 05 Dec 2023 17:22:36 GMT
Server: nginx/1.14.1
ETag: "656f5c5c-ea0"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3744

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
597 B 146ms
56ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fjalla+One&display=swap

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f13234dabd5e0c1168d32682fd179b8e279d1f4a660afd642406d4ffd80bf772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 11:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 11:39:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Feb 2024 11:51:11 GMT

GET
H2 200 tag.min.js Show response
api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/ 623 KB
196 KB 198ms
72ms Script
application/javascript 2606:4700:20::681a:2e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js
Requested by: Host: sandstrike.io
URL: https://sandstrike.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8536ff71652fda866cd2d5fdf1b5e782f6c99ae3cdd3a21b8132f1dceb58a4a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 818
x-host: adinplay-1
last-modified: Mon, 29 Jan 2024 10:00:28 GMT
server: cloudflare
etag: W/"65b7773c-9bbc3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRHp2dFovkV3PGRg0R1X%2Bd%2BdcUSD9ONZ6OSwnQIOPVUAe9w8FTie3Fms65fzcZiSuT6AbhfMSBKz9YnX0Y%2BbXygiYUrmk6vte%2BJUfIcMEE84RBn4A97Os7uN3oDixi7nIZOLVc3AFM7CF02NmWM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
cf-ray: 854cdba94e4368ef-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 124 KB
48 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P2BZ9SQN

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

20059e1c2ca06c1c8f000ee561cfca12306d88c6f359290143f41642ab5cb5aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48765
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Feb 2024 11:51:11 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 141ms
49ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HNP6484PF7&gtm=45je4270v9117836560za200&_p=1707825071096&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1786166092.1707825071&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707825071&sct=1&seg=0&dl=https%3A%2F%2Fsandstrike.io%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=501
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HNP6484PF7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sandstrike.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK logo.png
sandstrike.io/ 44 KB
44 KB 54ms
52ms Image
image/png 136.244.91.127
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sandstrike.io/logo.png
Requested by: Host: sandstrike.io
URL: https://sandstrike.io/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 136.244.91.127 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 136.244.91.127.vultrusercontent.com
Software: nginx/1.14.1 /
Resource Hash: e59b479cd72f5be6bd8254d28ad751c9080e3082544f6b614ce231d94429061d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 11:51:11 GMT
Last-Modified: Tue, 07 Nov 2023 13:07:26 GMT
Server: nginx/1.14.1
ETag: "654a368e-b0b4"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45236

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.0.1/ 20 KB
7 KB 141ms
43ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.0.1/firebase-app.js

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5d0d42501bc85f5f45f018d747151bba120204247dd1ae8fdd0a50ed78fa859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 09:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6546
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 20:31:08 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Feb 2025 09:05:53 GMT

GET
H2 200 firebase-auth.js Show response
www.gstatic.com/firebasejs/8.0.1/ 172 KB
55 KB 160ms
107ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.0.1/firebase-auth.js

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9379ab8f9ed37d88d8744c364bbbe2bc886b6f3ebc4a47496e7cc070c6b2b2dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 09:02:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56449
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 20:30:55 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Feb 2025 09:02:12 GMT

GET
H2 200 firebase-database.js Show response
www.gstatic.com/firebasejs/8.0.1/ 186 KB
50 KB 109ms
56ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.0.1/firebase-database.js

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bd72ae140053fd03361a9dd5fc883638cd9b3bf821e979ba50387b10d926882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 09:02:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50807
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 20:30:53 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Feb 2025 09:02:12 GMT

GET
H2 200 firebase-storage.js Show response
www.gstatic.com/firebasejs/8.0.1/ 35 KB
11 KB 100ms
47ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.0.1/firebase-storage.js

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ebac2c15017f64ffd71d0b65ce358db3e1ec1169e884f97b55ee056b6e947d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 09:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11319
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 20:30:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Feb 2025 09:11:16 GMT

GET
H/1.1 200
OK firebase.js Show response
sandstrike.io/ 34 KB
35 KB 95ms
94ms Script
application/javascript 136.244.91.127
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://sandstrike.io/firebase.js
Requested by: Host: sandstrike.io
URL: https://sandstrike.io/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 136.244.91.127 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 136.244.91.127.vultrusercontent.com
Software: nginx/1.14.1 /
Resource Hash: 8c3eaebfc5ee5b77100159e7baa0b77efc9fcf8bbcc81ba475ce4297f2fa9702

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 11:51:11 GMT
Last-Modified: Tue, 07 Nov 2023 13:07:25 GMT
Server: nginx/1.14.1
ETag: "654a368d-89ef"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35311

GET
H2 200 js Show response
www.paypal.com/sdk/ 294 KB
80 KB 167ms
46ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=ATTk160RTAy8i9nZWIamN_WfGh8DcT44qMAOna5-otBfmSsdIEYLs7o74gXKGeJyRPXxrk1MgHXDt1b9&enable-funding=venmo&currency=USD&disable-funding=credit,card

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

080a5fd4763f64da23867cafa2bd115d613a1fae8b1716b62823619a8dbe2c1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-ThTMLme2GG0gC/b9LeZ7uTycD8Oo7vb9sJpwYgWvc2sRVntc' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ThTMLme2GG0gC/b9LeZ7uTycD8Oo7vb9sJpwYgWvc2sRVntc' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-ThTMLme2GG0gC/b9LeZ7uTycD8Oo7vb9sJpwYgWvc2sRVntc' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ThTMLme2GG0gC/b9LeZ7uTycD8Oo7vb9sJpwYgWvc2sRVntc' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Tue, 13 Feb 2024 11:51:11 GMT
age: 6218
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f910715fcc305
server-timing: "traceparent;desc="00-0000000000000000000f910715fcc305-3b99b4278daffbb2-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 80177
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220044-FRA, cache-fra-etou8220044-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f910715fcc305-51e5866d639e44da-01
x-timer: S1707825072.561976,VS0,VE5
etag: W/"13931-jwRpWFdNDTHpBMJxlZm0UdBClCw"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

POST
H2 200 token Show response
id.twitch.tv/oauth2/ 93 B
237 B 1099ms
417ms Fetch
application/json 35.82.244.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.twitch.tv/oauth2/token?client_id=carfje4970i91xrle7zhr435pql28l&client_secret=az6byl60d1719bpf27xqn8lcvmsm37&grant_type=client_credentials
Requested by: Host: sandstrike.io
URL: https://sandstrike.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.82.244.1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-82-244-1.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: bfddac8c6a215e01e9bd8a6bbcae49edf6d33029150bbdf52e4e55b32e92dba5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Feb 2024 11:51:12 GMT
content-type: application/json
server: nginx
content-length: 93
x-ctxlog-logid: 1-65cb57b0-6746c40224514e1216e3e1ff

GET
H/1.1 200
OK sandstrikeWeb.loader.js Show response
sandstrike.io/Build/ 17 KB
18 KB 174ms
84ms Script
application/javascript 136.244.91.127
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://sandstrike.io/Build/sandstrikeWeb.loader.js
Requested by: Host: sandstrike.io
URL: https://sandstrike.io/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 136.244.91.127 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 136.244.91.127.vultrusercontent.com
Software: nginx/1.14.1 /
Resource Hash: 423a124b1aaf743a23e8a74bd3bf1cdaee25dc468cefdc42b9bf603c5bb692af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 11:51:11 GMT
Last-Modified: Tue, 05 Dec 2023 17:22:04 GMT
Server: nginx/1.14.1
ETag: "656f5c3c-45cf"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17871

GET
H2 200 Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
fonts.gstatic.com/s/fjallaone/v15/ 44 KB
44 KB 156ms
44ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fjalla+One&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sandstrike.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:56:02 GMT
x-content-type-options: nosniff
age: 10509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44584
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 20:46:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:56:02 GMT

GET
H/1.1 200
OK sandstrikeWeb.framework.js.br Show response
sandstrike.io/Build/ 568 KB
90 KB 56ms
55ms Script
application/javascript 136.244.91.127
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://sandstrike.io/Build/sandstrikeWeb.framework.js.br
Requested by: Host: sandstrike.io
URL: https://sandstrike.io/Build/sandstrikeWeb.loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 136.244.91.127 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 136.244.91.127.vultrusercontent.com
Software: nginx/1.14.1 /
Resource Hash: 8a48ae57338f5f79d7bed7a8a785a241ffc9de5c5b4eefeed82fa387356862f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 11:51:11 GMT
Content-Encoding: br
Last-Modified: Tue, 05 Dec 2023 17:22:04 GMT
Server: nginx/1.14.1
ETag: "656f5c3c-16724"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91940

GET
H/1.1 200
OK sandstrikeWeb.data.br
sandstrike.io/Build/ 35 MB
24 MB 69ms
69ms Fetch
application/octet-stream 136.244.91.127
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://sandstrike.io/Build/sandstrikeWeb.data.br
Requested by: Host: sandstrike.io
URL: https://sandstrike.io/Build/sandstrikeWeb.loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 136.244.91.127 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 136.244.91.127.vultrusercontent.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 11:51:11 GMT
Content-Encoding: br
Last-Modified: Tue, 05 Dec 2023 17:23:21 GMT
Server: nginx/1.14.1
ETag: "656f5c89-17f0bb2"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25103282

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
5 KB 65ms
55ms Script
application/x-javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=sandstrike.io&t=xo&v=5.0.422&source=payments_sdk&client_id=ATTk160RTAy8i9nZWIamN_WfGh8DcT44qMAOna5-otBfmSsdIEYLs7o74gXKGeJyRPXxrk1MgHXDt1b9&disableSetCookie=true&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ATTk160RTAy8i9nZWIamN_WfGh8DcT44qMAOna5-otBfmSsdIEYLs7o74gXKGeJyRPXxrk1MgHXDt1b9&enable-funding=venmo&currency=USD&disable-funding=credit,card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5138ca9a9d3fe712e1ecb5bc6c92f6738c615afdaa0e2cf592a4f207a76023cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-7kh3XI/g9Zq3lc6vFLyr0y8rDldt9xDxG6vUKZw3DdGbIHqT' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-7kh3XI/g9Zq3lc6vFLyr0y8rDldt9xDxG6vUKZw3DdGbIHqT' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 13 Feb 2024 11:51:11 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 51383
x-cache: HIT, MISS
paypal-debug-id: f1668303263b9
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4777
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220044-FRA, cache-fra-etou8220044-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f1668303263b9-a3e818a885945adf-01
x-timer: S1707825072.712529,VS0,VE6
etag: W/"366a-qGJnKwprLdxnWoGsJLGUzle4kYY"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 2625 434 KB
115 KB 483ms
482ms Document
text/html 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.422&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVRUazE2MFJUQXk4aTluWldJYW1OX1dmR2g4RGNUNDRxTUFPbmE1LW90QmZtU3NkSUVZTHM3bzc0Z1hLR2VKeVJQWHhyazFNZ0hYRHQxYjkmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCIsImF0dHJzIjp7ImRhdGEtc2RrLWludGVncmF0aW9uLXNvdXJjZSI6ImJ1dHRvbi1mYWN0b3J5IiwiZGF0YS11aWQiOiJ1aWRfenh1cWp6Z3N2cGt3cXF1eXZoamxodGN5Z29tYWRoIn19&clientID=ATTk160RTAy8i9nZWIamN_WfGh8DcT44qMAOna5-otBfmSsdIEYLs7o74gXKGeJyRPXxrk1MgHXDt1b9&sdkCorrelationID=f625515f3b2f6&storageID=uid_db1b5f3de7_mte6nte6mte&sessionID=uid_1b674f1386_mte6nte6mte&buttonSessionID=uid_1cf20b8136_mte6nte6mte&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&clientMetadataID=uid_1b674f1386_mte6nte6mte&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

64fe912e348369463acc56270a3b8d85657ae5343451ec70f44fbb547069fabe

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sandstrike.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Tue, 13 Feb 2024 11:51:12 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"6c84e-e1Gi0c5Di5Q0nX2dgKQADWAn9B4"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f881770678c56
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f881770678c56-702c1ac10571d324-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f881770678c56-53e4eb83b5b5bda9-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-fra-etou8220044-FRA, cache-fra-etou8220044-FRA
x-timer: S1707825072.748390,VS0,VE390
x-xss-protection: 1; mode=block

GET
H2 200 paypal-white.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 8F61 3 KB
1 KB 540ms
107ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-white.svg

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CEB) /

Resource Hash

3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 6f351d43d2f8e
dc: ccg11-origin-www-1.paypal.com
content-length: 1210
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (frc/4CEB)
traceparent: 00-00000000000000000006f351d43d2f8e-57db498aac5658a6-01
etag: W/"642c9aab-cc2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 13 Feb 2024 12:51:12 GMT

GET
H2 200 sepa-default.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 8F61 9 KB
4 KB 539ms
105ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/sepa-default.svg

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CCC) /

Resource Hash

e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: ccadaf6ad818a
dc: ccg11-origin-www-1.paypal.com
content-length: 3268
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (frc/4CCC)
traceparent: 00-0000000000000000000ccadaf6ad818a-2ed6971948ed8d3f-01
etag: W/"642c9aab-2204"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 13 Feb 2024 12:51:12 GMT

GET
H2 200 giropay-default.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 8F61 4 KB
2 KB 539ms
106ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/giropay-default.svg

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC5) /

Resource Hash

07f6b880cfa8dfe89bf94553045a063a4d0204282b27f793a6b9af1d084881c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: f122f43d44cf0
dc: ccg11-origin-www-1.paypal.com
content-length: 1577
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (frc/4CC5)
traceparent: 00-0000000000000000000f122f43d44cf0-6736339704aca154-01
etag: W/"642c9aab-ed4"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 13 Feb 2024 12:51:12 GMT

GET
H/1.1 200
OK sandstrikeWeb.wasm.br
sandstrike.io/Build/ 46 MB
9 MB 77ms
77ms Fetch
application/wasm 136.244.91.127
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://sandstrike.io/Build/sandstrikeWeb.wasm.br
Requested by: Host: sandstrike.io
URL: https://sandstrike.io/Build/sandstrikeWeb.framework.js.br
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 136.244.91.127 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 136.244.91.127.vultrusercontent.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 11:51:11 GMT
Content-Encoding: br
Last-Modified: Tue, 05 Dec 2023 17:22:34 GMT
Server: nginx/1.14.1
ETag: "656f5c5a-8824d4"
Content-Type: application/wasm
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8922324

GET
H2 200 script.js Show response
cadmus.script.ac/d1r100yi8pmbig/ 132 KB
46 KB 198ms
55ms Script
application/javascript 2606:4700::6812:1791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ccfa761fdde0aed1c5ca988df26cd7080bf203b8e3b9116718e0b2ab94ae12c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:11 GMT
content-encoding: gzip
last-modified: Mon, 12 Feb 2024 22:59:34 GMT
server: cloudflare
age: 0
etag: W/"78c09b99f73ff59796cf2f9987e15952815a73ad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 854cdbabbd949960-FRA

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 1092ms
48ms Fetch
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240213

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e47600adb7efdda2088c6e4010517f5742419ec2235bda27b5b92d0cf8aa1e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Feb 2024 11:51:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 28215
x-jsd-version: 1.0.1964
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21956-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"641-ymlnKCobqrsOVetgfOsDmYIGVnk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOjLyztUvTxD9UAUS0flfIDuGAuoxW34Hg969bsu5vxbfT4MyiR92QegQjzudkP3wFYaLzr5CGY8R4uCbh2iVk64shXoLPXt3SDbjfGYW8Ni5Mfzoe4YjcTGuZ0IkvfetYJ7ZWa%2BazCijlOrnmE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 854cdbb15bf28fef-FRA

GET /
country.adinplay-venatus.workers.dev/ 0
0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
30 KB 484ms
87ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3ff84f01ed1bb9d794c2431bfa2398e04c37b386e8ace9b3c4a26f5e888dc40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29740
x-xss-protection: 0
server: cafe
etag: 608 / 19766 / m202402070101 / config-hash: 11694957100782630588
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 11:51:12 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 379 KB
131 KB 517ms
83ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea5e83246f6639bb89d6ac5e7b5d5597d5d05eee7b5dcb7996fbffaf6297f3e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133145
x-xss-protection: 0
expires: Tue, 13 Feb 2024 11:51:12 GMT

GET
H2 200 tag Show response
btloader.com/ 80 KB
24 KB 201ms
65ms Script
application/javascript 2606:4700:10::ac43:293c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5130683165442048&upapi=true
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 593206ec463cff494720b2a8f49ad2c6365566a771b4686043d29b6821739c7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:11 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 11:24:24 GMT
server: cloudflare
age: 1467
etag: "47f820b330a5771467ccfe278a7948d9"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 854cdbabaeb5bb89-FRA
content-length: 24528

GET
H2 200 adsbygoogle.js Show response
api.adinplay.com/libs/aiptag/assets/ 16 B
352 B 84ms
77ms Script
application/javascript 2606:4700:20::681a:2e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1302543
x-host: adinplay-1
content-length: 16
last-modified: Wed, 04 Apr 2018 16:13:25 GMT
server: cloudflare
etag: "5ac4f9a5-10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BoQNPK7jrneKsIzPwo%2Fmu1l9No%2FC45BaM0AAc4HgxODh4TArqFR3O2ebJVjtWuCtH6HUtwzjyXmlwRvpu45FDa03v0Hw79ZhXDGvOZrH%2FJ44p3IBomqt6GHZ1Sa1oZX5qySYKR3s0htpOXbJYQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 854cdbaaefdd68ef-FRA

POST collect
stats.adinplay.com/ 0
0

OPTIONS collect
stats.adinplay.com/ Frame 0
0

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 389ms
387ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Feb 2024 11:51:12 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 372ms
255ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sandstrike.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 13 Feb 2024 11:51:12 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 state Show response
api.btloader.com/mw/ 40 B
167 B 282ms
160ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 862da7a63ed8c7a0ff4fdfe2df7678c4739d6f49dc38eee1067b245553dc9119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Feb 2024 11:51:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40
vary: Origin
content-type: application/json

GET
H2 200 px.gif
ad-delivery.net/ 43 B
336 B 319ms
61ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: sandstrike.io
URL: https://sandstrike.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 963896
x-guploader-uploadid: ABPtcPpORm-EksFfbSQJkNtGI-6JEsMvD9DCCA4tfXx0VHyoQ_4UwRkz4WA9nBQNA5l3HHu8RF6jQVYabA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBW7yhJLnqBOklrJFMqkldZTakibReFhIAN7xin8SNzMCQ5V9VzhBWeAZAYbcgilVJSW8r81Y%2F4r7VQF3xhPByIWXI005jpCageT6zchDuaV7D0ee7xu%2B2Fn0guTYwoY7oTjXNAA7PRW3SC8dw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 854cdbaddadebbaf-FRA
expires: Fri, 02 Feb 2024 09:00:58 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 406ms
49ms Image
image/x-icon 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 12:58:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Feb 2024 12:58:06 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
927 B 318ms
60ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.17115049182397013
Requested by: Host: sandstrike.io
URL: https://sandstrike.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 963896
x-guploader-uploadid: ABPtcPpORm-EksFfbSQJkNtGI-6JEsMvD9DCCA4tfXx0VHyoQ_4UwRkz4WA9nBQNA5l3HHu8RF6jQVYabA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2B%2FUSRpQdO8B%2BjDd3KQ1BLtDDmviXAziS08vgPjylK4Mr3uP6b60aBmlFgkjgqIHQQtMVZf%2FO%2Bb2e0xw9qju%2BbE78EDK8qXLbP3tj%2FxAzpMcwIAUT871mOf549iWRPwg27BTLeKfdDDc%2BnkMaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 854cdbaddae2bbaf-FRA
expires: Fri, 02 Feb 2024 09:00:58 GMT

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
16 KB 150ms
107ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA9) /

Resource Hash

20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 3e24b953ab43c
dc: ccg11-origin-www-1.paypal.com
content-length: 16488
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
server: ECAcc (frc/4CA9)
traceparent: 00-00000000000000000003e24b953ab43c-65b96e041ecdff74-01
etag: "64f25363-daa8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 13 Feb 2024 12:51:12 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
512 B 328ms
192ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AUJ2A2TLRF7SB2-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AUJ2A2TLRF7SB2-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=d4ca5664-67d8-4422-89de-50496e2bbc9f&fltp=analytics&mrid=UJ2A2TLRF7SB2&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=SandStrike.io%20%7C%20BEST%203D%20Online%20Multiplayer&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1707825072115&g=-60&completeurl=https%3A%2F%2Fsandstrike.io%2F&disableSetCookie=true

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 13 Feb 2024 11:51:12 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 29c79d79cd3c9
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220048-FRA
pragma: no-cache
correlation-id: 29c79d79cd3c9
traceparent: 00-000000000000000000029c79d79cd3c9-124e5519ee910596-01
x-timer: S1707825072.268896,VS0,VE144
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Feb 2024 11:51:12 GMT

GET
DATA 200
OK truncated
/ Frame 2625 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2625 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2625 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07f6b880cfa8dfe89bf94553045a063a4d0204282b27f793a6b9af1d084881c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 2625 294 KB
80 KB 87ms
87ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=ATTk160RTAy8i9nZWIamN_WfGh8DcT44qMAOna5-otBfmSsdIEYLs7o74gXKGeJyRPXxrk1MgHXDt1b9&enable-funding=venmo&currency=USD&disable-funding=credit,card

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.422&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVRUazE2MFJUQXk4aTluWldJYW1OX1dmR2g4RGNUNDRxTUFPbmE1LW90QmZtU3NkSUVZTHM3bzc0Z1hLR2VKeVJQWHhyazFNZ0hYRHQxYjkmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCIsImF0dHJzIjp7ImRhdGEtc2RrLWludGVncmF0aW9uLXNvdXJjZSI6ImJ1dHRvbi1mYWN0b3J5IiwiZGF0YS11aWQiOiJ1aWRfenh1cWp6Z3N2cGt3cXF1eXZoamxodGN5Z29tYWRoIn19&clientID=ATTk160RTAy8i9nZWIamN_WfGh8DcT44qMAOna5-otBfmSsdIEYLs7o74gXKGeJyRPXxrk1MgHXDt1b9&sdkCorrelationID=f625515f3b2f6&storageID=uid_db1b5f3de7_mte6nte6mte&sessionID=uid_1b674f1386_mte6nte6mte&buttonSessionID=uid_1cf20b8136_mte6nte6mte&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&clientMetadataID=uid_1b674f1386_mte6nte6mte&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

080a5fd4763f64da23867cafa2bd115d613a1fae8b1716b62823619a8dbe2c1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-ThTMLme2GG0gC/b9LeZ7uTycD8Oo7vb9sJpwYgWvc2sRVntc' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ThTMLme2GG0gC/b9LeZ7uTycD8Oo7vb9sJpwYgWvc2sRVntc' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.422&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVRUazE2MFJUQXk4aTluWldJYW1OX1dmR2g4RGNUNDRxTUFPbmE1LW90QmZtU3NkSUVZTHM3bzc0Z1hLR2VKeVJQWHhyazFNZ0hYRHQxYjkmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCIsImF0dHJzIjp7ImRhdGEtc2RrLWludGVncmF0aW9uLXNvdXJjZSI6ImJ1dHRvbi1mYWN0b3J5IiwiZGF0YS11aWQiOiJ1aWRfenh1cWp6Z3N2cGt3cXF1eXZoamxodGN5Z29tYWRoIn19&clientID=ATTk160RTAy8i9nZWIamN_WfGh8DcT44qMAOna5-otBfmSsdIEYLs7o74gXKGeJyRPXxrk1MgHXDt1b9&sdkCorrelationID=f625515f3b2f6&storageID=uid_db1b5f3de7_mte6nte6mte&sessionID=uid_1b674f1386_mte6nte6mte&buttonSessionID=uid_1cf20b8136_mte6nte6mte&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&clientMetadataID=uid_1b674f1386_mte6nte6mte&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-ThTMLme2GG0gC/b9LeZ7uTycD8Oo7vb9sJpwYgWvc2sRVntc' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ThTMLme2GG0gC/b9LeZ7uTycD8Oo7vb9sJpwYgWvc2sRVntc' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Tue, 13 Feb 2024 11:51:12 GMT
age: 6219
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f910715fcc305
server-timing: "traceparent;desc="00-0000000000000000000f910715fcc305-3b99b4278daffbb2-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 80177
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220044-FRA, cache-fra-etou8220044-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f910715fcc305-51e5866d639e44da-01
x-timer: S1707825072.297420,VS0,VE7
etag: W/"13931-jwRpWFdNDTHpBMJxlZm0UdBClCw"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 89BB 55 KB
17 KB 51ms
51ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBF) /

Resource Hash

7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sandstrike.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16892
content-type: text/html
date: Tue, 13 Feb 2024 11:51:12 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "64f25363-dacc"
expires: Tue, 13 Feb 2024 12:51:12 GMT
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id: f301923883254
server: ECAcc (frc/4CBF)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000f301923883254-6cc5163cafc457bb-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame 89BB 18 B
210 B 241ms
240ms Fetch
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (daa/7D46) /

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/analytics/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
paypal-debug-id: 0767c6465835f
dc: ccg11-origin-www-1.paypal.com
content-length: 18
last-modified: Sat, 13 Feb 2021 00:26:56 GMT
server: ECAcc (daa/7D46)
traceparent: 00-00000000000000000000767c6465835f-c71cc1e5fbee14f7-01
etag: "60271cd0-12"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 13 Feb 2024 11:51:11 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
168 B 187ms
187ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AUJ2A2TLRF7SB2-1&page=muse%3Aoffer%3A%3A%3AUJ2A2TLRF7SB2-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=d4ca5664-67d8-4422-89de-50496e2bbc9f&es=visitorInfoFlowStarted&mrid=UJ2A2TLRF7SB2&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=SandStrike.io%20%7C%20BEST%203D%20Online%20Multiplayer&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1707825072347&g=-60&completeurl=https%3A%2F%2Fsandstrike.io%2F&disableSetCookie=true

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 13 Feb 2024 11:51:12 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: eb6f49dec05fa
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220048-FRA
pragma: no-cache
correlation-id: eb6f49dec05fa
traceparent: 00-0000000000000000000eb6f49dec05fa-7a598b139f1453cf-01
x-timer: S1707825072.365545,VS0,VE146
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Feb 2024 11:51:12 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/ 436 KB
137 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

244f9013ff972cac8f03cdac206e08c733ba70140153ed7607ee424b58272341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 10:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4995
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139960
x-xss-protection: 0
server: cafe
etag: 11977059823252198946
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 12 Feb 2025 10:27:57 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
120 B 165ms
164ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:12 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 169ms
168ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=maWQGCnY&w=5142737271128064&o=5130683165442048&cv=2.1.33-1-gba855a8&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fsandstrike.io%2F&sid=pAhWmrJ5CW&pm=true&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5130683165442048&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Feb 2024 11:51:12 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 2625 1022 B
1 KB 259ms
259ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

229a0bbc756880fe1e956c4083206ad7140e276089c24e5ad9e750accf8c76b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.422&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVRUazE2MFJUQXk4aTluWldJYW1OX1dmR2g4RGNUNDRxTUFPbmE1LW90QmZtU3NkSUVZTHM3bzc0Z1hLR2VKeVJQWHhyazFNZ0hYRHQxYjkmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCIsImF0dHJzIjp7ImRhdGEtc2RrLWludGVncmF0aW9uLXNvdXJjZSI6ImJ1dHRvbi1mYWN0b3J5IiwiZGF0YS11aWQiOiJ1aWRfenh1cWp6Z3N2cGt3cXF1eXZoamxodGN5Z29tYWRoIn19&clientID=ATTk160RTAy8i9nZWIamN_WfGh8DcT44qMAOna5-otBfmSsdIEYLs7o74gXKGeJyRPXxrk1MgHXDt1b9&sdkCorrelationID=f625515f3b2f6&storageID=uid_db1b5f3de7_mte6nte6mte&sessionID=uid_1b674f1386_mte6nte6mte&buttonSessionID=uid_1cf20b8136_mte6nte6mte&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&clientMetadataID=uid_1b674f1386_mte6nte6mte&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: application/json

Response headers

date: Tue, 13 Feb 2024 11:51:12 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f32971116d97e
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-etou8220044-FRA, cache-fra-etou8220044-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f32971116d97e-b5cd3ccd4b5816d7-01
x-timer: S1707825073.514159,VS0,VE215
etag: W/"3fe-mXQ/XR5ElIibCijL14gSYYs0LZs"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 2625 1022 B
1 KB 316ms
316ms Ping
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4884db81949bb43c17f3d91ab3c8ff64cd0ebd87e1295fe4494d306d4624e392

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.422&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVRUazE2MFJUQXk4aTluWldJYW1OX1dmR2g4RGNUNDRxTUFPbmE1LW90QmZtU3NkSUVZTHM3bzc0Z1hLR2VKeVJQWHhyazFNZ0hYRHQxYjkmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCIsImF0dHJzIjp7ImRhdGEtc2RrLWludGVncmF0aW9uLXNvdXJjZSI6ImJ1dHRvbi1mYWN0b3J5IiwiZGF0YS11aWQiOiJ1aWRfenh1cWp6Z3N2cGt3cXF1eXZoamxodGN5Z29tYWRoIn19&clientID=ATTk160RTAy8i9nZWIamN_WfGh8DcT44qMAOna5-otBfmSsdIEYLs7o74gXKGeJyRPXxrk1MgHXDt1b9&sdkCorrelationID=f625515f3b2f6&storageID=uid_db1b5f3de7_mte6nte6mte&sessionID=uid_1b674f1386_mte6nte6mte&buttonSessionID=uid_1cf20b8136_mte6nte6mte&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&clientMetadataID=uid_1b674f1386_mte6nte6mte&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Feb 2024 11:51:12 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f329711956021
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-etou8220044-FRA, cache-fra-etou8220044-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f329711956021-c98b3db3198f061e-01
x-timer: S1707825073.558074,VS0,VE229
etag: W/"3fe-mFPPPUJbTWWPSuIns061Uv0aF2s"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 games Show response
api.twitch.tv/helix/ 165 B
407 B 216ms
216ms Fetch
application/json 146.75.122.214
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.twitch.tv/helix/games?name=SandStrike.io

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.122.214 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

33f7a986b50ecf8cbfaccf7d20f5e467dfc837e166f0417c4dca38a3a7f33384

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
Client-ID: carfje4970i91xrle7zhr435pql28l
Authorization: Bearer vrmprpi8ygcg6xhq2bmnw84rg3ab3z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-served-by: cache-bfi-krnt7300117-BFI, cache-fra-etou8220107-FRA
ratelimit-reset: 1707825073
date: Tue, 13 Feb 2024 11:51:13 GMT
strict-transport-security: max-age=300
x-timer: S1707825073.844302,VS0,VS0,VE175
vary: Accept-Encoding, Origin
x-cache: MISS, MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
ratelimit-limit: 800
timing-allow-origin: https://www.twitch.tv
ratelimit-remaining: 799
content-length: 165
x-cache-hits: 0, 0

OPTIONS
H2 200 games
api.twitch.tv/helix/ Frame 0
0 300ms
183ms Preflight 146.75.122.214
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.twitch.tv/helix/games?name=SandStrike.io

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.122.214 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,client-id
Access-Control-Request-Method: GET
Origin: https://sandstrike.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Client-Id
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 600
content-length: 0
date: Tue, 13 Feb 2024 11:51:12 GMT
strict-transport-security: max-age=300
timing-allow-origin: https://www.twitch.tv
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: HIT, MISS
x-cache-hits: 2, 0
x-served-by: cache-bfi-krnt7300030-BFI, cache-fra-etou8220107-FRA
x-timer: S1707825073.659310,VS0,VS0,VE143

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 89BB 435 B
1 KB 375ms
370ms Fetch
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c632093094f358d6061873ed3165adaf08d4efe0700f8ac2dc3f16ad6a27c78

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-1y0JW9NUVc2pW27ojz9IwG4AoyZC1VjvBqxjzNS9ISV/INeY' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
disable-set-cookie: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-1y0JW9NUVc2pW27ojz9IwG4AoyZC1VjvBqxjzNS9ISV/INeY' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 13 Feb 2024 11:51:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f3297111d62c1
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220044-FRA, cache-fra-etou8220044-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f3297111d62c1-27ae12a78e0f46da-01
x-timer: S1707825073.906071,VS0,VE321
etag: W/"1b3-bebSrEokfh15kAkQGHXE265/3dk"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 290ms
211ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,disable-set-cookie
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,disable-set-cookie
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Tue, 13 Feb 2024 11:51:12 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f329711c59548
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f329711c59548-78c4483206df5859-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-fra-etou8220076-FRA, cache-fra-etou8220076-FRA
x-timer: S1707825073.688275,VS0,VE170

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1 KB 365ms
238ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 11:51:12 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Fri, 02 Feb 2024 12:34:08 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 947812
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3i9NnW88%2F0i69jwq74KKHN86J1NmpKrKF%2B6%2FmeP%2FM6Wr%2Bxz8qGwa7xmqQbMVq75R5SbkeZD6dcDMgR%2BJud7ye4OAiBXE%2B8NnzPksHI80CBlTBqxOV1cP0lxgVKIxEh6vXNOkCCShuNq52fO"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 854cdbb158ee1c0b-FRA

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
409 B 260ms
132ms Fetch
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://sandstrike.io
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 2 B
668 B 243ms
116ms Fetch
text/plain 104.18.43.178

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://sandstrike.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 854cdbb15ec6266d-TXL
content-length: 2
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 138 B
824 B 254ms
129ms Fetch
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

6f32f93515380f0f62e804d09cfca36d28d974383d0672ddb7a53ac03b52867a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:12 GMT
an-x-request-uuid: 5e411dfb-8991-406e-8c78-c51a37808215
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sandstrike.io
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.103; 80.255.7.103; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 138
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 366 B
726 B 440ms
317ms Fetch
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23042&site_id=360062&zone_id=2685800&size_id=15&rp_schain=1.0,1!adinplay.com,FGI,1,,,&rf=https%3A%2F%2Fsandstrike.io%2F&kw=SandStrike.io%2Ciogame%2C.io%2Conlinegame%2Cfreegame%2Cbrowserfps%2Ctps%2Croblox%2Cfreegames%2Ccoolgames%2Cshooting%2CIO%2Cio%2CGames%2CTanks%2Cfree%2Ctank%2Cmultiplayer%2Cfriends%2Cweapons%2Ccoins%2Cboom&tg_i.domain=sandstrike.io&tg_i.page=https%3A%2F%2Fsandstrike.io%2F&tg_i.pbadslot=%2F421469808%2C22733542416%2Fsandstrike.io_300x250_2&tk_flint=pbjs_lite_v8.10.0&l_pb_bid_id=8ad5ccdadeb179&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F421469808%2C22733542416%2Fsandstrike.io_300x250_2&slots=1&rand=0.19045398456505613
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 723ff0a73aada4fafaf792b4ff37ccaab12efe8810d9bcb6b58754673320fc9d

Request headers

Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:13 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://sandstrike.io
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 366
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 362 B
873 B 236ms
116ms Fetch
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23042&site_id=360062&zone_id=2685800&size_id=2&rp_schain=1.0,1!adinplay.com,FGI,1,,,&rf=https%3A%2F%2Fsandstrike.io%2F&kw=SandStrike.io%2Ciogame%2C.io%2Conlinegame%2Cfreegame%2Cbrowserfps%2Ctps%2Croblox%2Cfreegames%2Ccoolgames%2Cshooting%2CIO%2Cio%2CGames%2CTanks%2Cfree%2Ctank%2Cmultiplayer%2Cfriends%2Cweapons%2Ccoins%2Cboom&tg_i.domain=sandstrike.io&tg_i.page=https%3A%2F%2Fsandstrike.io%2F&tg_i.pbadslot=%2F421469808%2C22733542416%2Fsandstrike.io_728x90&tk_flint=pbjs_lite_v8.10.0&l_pb_bid_id=10b4266fac419b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F421469808%2C22733542416%2Fsandstrike.io_728x90&slots=1&rand=0.1576495875012165
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 265c8c4de2f2be094b466f168e9594feaed3af4882a74dce315bc9e32c83de33

Request headers

Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:12 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://sandstrike.io
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 362
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 2 B
848 B 228ms
108ms Fetch
text/plain 104.18.43.178

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://sandstrike.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 854cdbb15ec3266d-TXL
content-length: 2
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
409 B 251ms
132ms Fetch
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://sandstrike.io
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 13 KB
7 KB 322ms
204ms Fetch
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

dd93497bca2f2d75a9b2f2577d1475feaaa297485d5d3a7203e06f08e8f7683f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:13 GMT
content-encoding: gzip
an-x-request-uuid: 5b3bb708-4347-45f0-9b05-577511c221e3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sandstrike.io
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.103; 80.255.7.103; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
825 B 246ms
129ms Fetch
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

fa2e7c826a56d6955cc1e367a044dc0e1e86880cd6c8f38d7622d147cc105a5f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:12 GMT
an-x-request-uuid: e41b9227-138c-4e6a-88e8-d37830aab698
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sandstrike.io
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.103; 80.255.7.103; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 2 B
663 B 239ms
123ms Fetch
text/plain 104.18.43.178

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://sandstrike.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 854cdbb15ec7266d-TXL
content-length: 2
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 366 B
703 B 237ms
122ms Fetch
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23042&site_id=360062&zone_id=2685800&size_id=15&rp_schain=1.0,1!adinplay.com,FGI,1,,,&rf=https%3A%2F%2Fsandstrike.io%2F&kw=SandStrike.io%2Ciogame%2C.io%2Conlinegame%2Cfreegame%2Cbrowserfps%2Ctps%2Croblox%2Cfreegames%2Ccoolgames%2Cshooting%2CIO%2Cio%2CGames%2CTanks%2Cfree%2Ctank%2Cmultiplayer%2Cfriends%2Cweapons%2Ccoins%2Cboom&tg_i.domain=sandstrike.io&tg_i.page=https%3A%2F%2Fsandstrike.io%2F&tg_i.pbadslot=%2F421469808%2C22733542416%2Fsandstrike.io_300x250_1&tk_flint=pbjs_lite_v8.10.0&l_pb_bid_id=229c2aff017c276&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F421469808%2C22733542416%2Fsandstrike.io_300x250_1&slots=1&rand=0.14428849940694088
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9ed022a558ba221bee9a5419986231129490cd8045565d54366252b2b42712a3

Request headers

Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:12 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://sandstrike.io
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 366
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
409 B 246ms
131ms Fetch
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://sandstrike.io
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
826 B 164ms
51ms Fetch
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

6b89e8c3bf6640b72625cc47b796bd54b157ca76ae28ae1e656792ede1278749

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:12 GMT
an-x-request-uuid: 8e4717a6-2735-46f6-ad6b-a2babe5ec73a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sandstrike.io
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.103; 80.255.7.103; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 364 B
703 B 235ms
124ms Fetch
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23042&site_id=360062&zone_id=2685800&size_id=14&rp_schain=1.0,1!adinplay.com,FGI,1,,,&rf=https%3A%2F%2Fsandstrike.io%2F&kw=SandStrike.io%2Ciogame%2C.io%2Conlinegame%2Cfreegame%2Cbrowserfps%2Ctps%2Croblox%2Cfreegames%2Ccoolgames%2Cshooting%2CIO%2Cio%2CGames%2CTanks%2Cfree%2Ctank%2Cmultiplayer%2Cfriends%2Cweapons%2Ccoins%2Cboom&tg_i.domain=sandstrike.io&tg_i.page=https%3A%2F%2Fsandstrike.io%2F&tg_i.pbadslot=%2F421469808%2C22733542416%2Fsandstrike.io_250x250&tk_flint=pbjs_lite_v8.10.0&l_pb_bid_id=288b60aaf7ee1c1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F421469808%2C22733542416%2Fsandstrike.io_250x250&slots=1&rand=0.7285500762801267
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ff10b7ed85e0ab8e5a77c795eb9e9a680f2d3d20eb4ca977c867bdf81e71d47e

Request headers

Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:12 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://sandstrike.io
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 364
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
410 B 228ms
117ms Fetch
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://sandstrike.io
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 2 B
664 B 228ms
118ms Fetch
text/plain 104.18.43.178

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/FGI/sandstrike.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://sandstrike.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 854cdbb15ec8266d-TXL
content-length: 2
expires: 0

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 140ms
40ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:37:25 GMT
content-encoding: gzip
age: 389627
x-guploader-uploadid: ABPtcPr5tQkSZMG_5UN5h3slBwC624T9DHdL9NxJ25pQFDGDCoWcqtVv4v0xSqxt9R3q53_4r6o
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Fri, 07 Feb 2025 23:37:25 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 207ms
100ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

309c794d20c6824c9c401713bc7ba07938e85509e557ddbc944f6fa17e7b7469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 07 Feb 2024 07:37:39 GMT
server: nginx
etag: W/"65c33343-a585"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 11:51:12 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 149ms
50ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 36172
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230131-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=810kgkvUCvoIBvFsfpWXNS0T4IQmfjXz%2BusBHSm5tbyL5ZFcXyxJDMZ89%2FQSUZU2LNFxStll%2FnUS4zDAeHfsJ7KOpESgX9eJU23LeDfUICu2RBtWOxcEKyV6RxsvlkIDrhq6Suspw91ud4EaSgI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 854cdbb15d145b98-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 89 KB
26 KB 173ms
62ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1344f2cf7e2562ce1c954075dda071857f4ff0c6bb6d2022384883f24d3bd1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 09:41:43 GMT
server: cloudflare
x-amz-request-id: 70CAKFGKXYXMGFSP
age: 162
etag: W/"294eab17112a5071cb7b92bc188fc8b9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 854cdbb16a51bbc1-FRA
x-amz-id-2: pd5P6q30rgM4MYTvVaFvwPVjaTbTqK4KF3YjVqISdUWWPXH5AExUXrtyju1not/bnTs82YcES8zVLGJA8ni3cw==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 174ms
68ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:12 GMT
via: 1.1 google, 1.1 google
last-modified: Mon, 05 Feb 2024 22:07:56 GMT
server: Google Frontend
etag: cd19e0900da0cdbc6697310fd9330fb6
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 1c13765e0b5e7de58562005fe99e7fb7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1195

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 282ms
166ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 12:30:07 GMT
content-encoding: gzip
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 84066
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: T946-pQa9Owqdg0dUyGxIGRUX5GAI2OYy2opQqB-mXaEjg102bUwkg==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 162ms
45ms Script
text/javascript 2600:9000:225b:fa00:a:e047:753:eb41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:fa00:a:e047:753:eb41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Tue, 13 Feb 2024 06:32:02 GMT
Via: 1.1 a4a80ac7ffee78c042728f52e3f729e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P1
Age: 19151
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: jAaDVIrGT_d_CF5om7PoKTJEFLn-4GWpMXYBFSnFcOaxTsv1Re7VQQ==

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fsandstrike.io%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fsandstrike.io%2F&rid=esp&cc=1

85 B
194 B

166ms
166ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fsandstrike.io%2F&rid=esp&cc=1
Requested by: Host: sandstrike.io
URL: https://sandstrike.io/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 293b7b977abe069f4647a89e2cf74431aea47a82009df91bd88aeba83294b211

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:13 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-cYKlqFdKmTrIhRgKs8jqNiEhxlk"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sandstrike.io
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Tue, 13 Feb 2024 11:51:13 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://sandstrike.io
location: /esp?url=https%3A%2F%2Fsandstrike.io%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
229 B 155ms
42ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sandstrike.io
date: Tue, 13 Feb 2024 11:51:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame ED47 14 KB
6 KB 151ms
51ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=sandstrike.io

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sandstrike.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 11:51:13 GMT
server: Kestrel
server-processing-duration-in-ticks: 454251
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 36 KB
15 KB 321ms
320ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4219919912248734&correlator=2315027552361983&eid=44809527&output=ldjh&gdfp_req=1&vrg=202402070101&ptt=17&impl=fif&iu_parts=421469808%3A22733542416%2Csandstrike.io_250x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1707825072986&lmt=1701796923&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsandstrike.io%2F&vis=1&psz=1600x1200&msz=0x0&fws=132&ohw=1600&ga_vid=1786166092.1707825071&ga_sid=1707825073&ga_hid=537484825&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY4JS6ktoxSABSAghkEhkKCnB1YmNpZC5vcmcY-pW6ktoxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOCUupLaMUgAUgIIZBIXCghydGJob3VzZRiSlrqS2jFIAFICCGoSFAoFb3BlbngY4JS6ktoxSABSAghkEhkKCnVpZGFwaS5jb20Y4JS6ktoxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjglLqS2jFIAFICCGQ.&dlt=1707825071081&idt=1596&prev_scp=CDT%3Dno%26richmedia%3Dno%26GS%3DNo%26update_id%3D7.0%252029%252F01%252F24%252011%253A00%252065b7773cef55f%26FC%3D1%26OS%3DOther%26Conc%3DNo&adks=3494208913&frm=20

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dde3adba90bd2ef4873b5adba3925b4f5e1ea982068f71f326e1cef077c9aeea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:13 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15050
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sandstrike.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 000C 6 KB
3 KB 186ms
55ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sandstrike.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 11:51:13 GMT
expires: Wed, 12 Feb 2025 11:51:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 433ms
433ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4219919912248734&correlator=3774970770606049&eid=44809527&output=ldjh&gdfp_req=1&vrg=202402070101&ptt=17&impl=fif&iu_parts=421469808%3A22733542416%2Csandstrike.io_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1707825073002&lmt=1701796923&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsandstrike.io%2F&vis=1&psz=1600x1200&msz=0x0&fws=132&ohw=1600&ga_vid=1786166092.1707825071&ga_sid=1707825073&ga_hid=537484825&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY4JS6ktoxSABSAghkEhkKCnB1YmNpZC5vcmcY-pW6ktoxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOCUupLaMUgAUgIIZBIXCghydGJob3VzZRiSlrqS2jFIAFICCGoSFAoFb3BlbngY4JS6ktoxSABSAghkEhkKCnVpZGFwaS5jb20Y4JS6ktoxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjglLqS2jFIAFICCGQ.&dlt=1707825071081&idt=1596&prev_scp=CDT%3Dno%26richmedia%3Dno%26GS%3DNo%26update_id%3D7.0%252029%252F01%252F24%252011%253A00%252065b7773cef55f%26FC%3D1%26OS%3DOther%26Conc%3DNo&adks=1473964036&frm=20

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1995011ccacd68d757799be7d348167e6233cc2a3abf8600ff588ed57f7f11e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:13 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10908
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sandstrike.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 6908ms
6353ms XHR
application/json 52.30.159.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.159.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-159-215.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a17f82e2f40c1b341e663ae3e90679d3ed7c88afdd46738db8b893d9df5a2bb4

Request headers

Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:18 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://sandstrike.io
cache-control: no-cache
x-server: 10.45.1.209
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 66 KB
17 KB 388ms
388ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4219919912248734&correlator=1106001591241984&eid=44809527&output=ldjh&gdfp_req=1&vrg=202402070101&ptt=17&impl=fif&iu_parts=421469808%3A22733542416%2Csandstrike.io_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1707825073054&lmt=1701796923&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsandstrike.io%2F&vis=1&psz=1600x1200&msz=0x0&fws=132&ohw=1600&ga_vid=1786166092.1707825071&ga_sid=1707825073&ga_hid=537484825&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY4JS6ktoxSABSAghkEhkKCnB1YmNpZC5vcmcY-pW6ktoxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOCUupLaMUgAUgIIZBIXCghydGJob3VzZRiSlrqS2jFIAFICCGoSFAoFb3BlbngY4JS6ktoxSABSAghkEhkKCnVpZGFwaS5jb20Y4JS6ktoxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjglLqS2jFIAFICCGQ.&dlt=1707825071081&idt=1596&prev_scp=CDT%3Dno%26richmedia%3Dno%26GS%3DNo%26update_id%3D7.0%252029%252F01%252F24%252011%253A00%252065b7773cef55f%26FC%3D1%26OS%3DOther%26Conc%3DNo%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.05%26hb_adid_appnexus%3D33c07923fb49b1e%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.05%26hb_adid%3D33c07923fb49b1e%26hb_bidder%3Dappnexus&adks=4043467732&frm=20

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d511dfbc16ad6350f93632e5490bedd6f7bd7893a5615f61b989ee2f843ebdf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:13 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17253
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sandstrike.io
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 load-cookie.html Show response
elb.the-ozone-project.com/static/ Frame 0D9C 12 KB
5 KB 86ms
82ms Document
text/html 104.18.43.178

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1707825072954&bidder=ozone
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b26460b45ee0a523d92b1236496a9039a8075be122b1bf87d16d21b798c4d473

Request headers

Referer: https://sandstrike.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 854cdbb2c90f266d-TXL
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 13 Feb 2024 11:51:13 GMT
expires: 0
last-modified: Thu, 08 Feb 2024 08:49:46 GMT
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame FD52 0
0 48ms
45ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1707825072962

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sandstrike.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A2DB 281 B
555 B 149ms
47ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://sandstrike.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Feb 2024 11:51:13 GMT
ETag: "280524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2EB9 52 KB
17 KB 166ms
63ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sandstrike.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 23269
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Feb 2024 11:51:13 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 08 Feb 2024 05:23:14 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 303, 149371
X-Served-By: cache-lga13626-LGA, cache-fra-etou8220082-FRA
X-Timer: S1707825073.197514,VS0,VE0

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 166ms
77ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b1976fe80c2d62438ff78bd757560555c15428672d295f4ae75f385e28ab687

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 11:51:13 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 943448
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 02 Feb 2024 12:34:07 GMT
Server: cloudflare
ETag: W/"5e52aafe0731d9e2e776e4109559f5de"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svErAUrgKSzMpaV4Jl2sr1zyGWqO%2FDEkV%2BKLWfqZarhfcKY%2BookUAirSezMdbKwjvXutEv0lPj58EWJhlOEhQTdap5AJjiTGEviQtEWMqLot9Lk4dLxQzmtvTYEeCKNjDy0x2er63SlLflfD"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 854cdbb36ae21da8-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame ED47
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=sandstrike.io&sn=ChromeSyncframe&so=0&topUrl=sandstrike.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=VX2ZUHw5MDdud05KVjdmSGZpQ29iZDZIc1VaNHE1VjlOTWczVXN3QTRSVlM3MHFxVjZaQjk1NE8yMGdmQVJoTkl4emxMMkRkK0kvNDY3SC9ZOE0rY0xWTlM5WFpURStkbjZrTUo0a1RBdjUrQS92UmEwVEZzOVkrRmpKTT...

435 B
654 B

74ms
73ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=VX2ZUHw5MDdud05KVjdmSGZpQ29iZDZIc1VaNHE1VjlOTWczVXN3QTRSVlM3MHFxVjZaQjk1NE8yMGdmQVJoTkl4emxMMkRkK0kvNDY3SC9ZOE0rY0xWTlM5WFpURStkbjZrTUo0a1RBdjUrQS92UmEwVEZzOVkrRmpKTTNiS3VtOTh6QVduOVNhL2ZBV2hQdndFL0s2ODNJWjB1WVg2eEpmL2NqZW5nRVBYWVBEUFAwazQydUt6TTVRRUpxNlZGQnBpZUNpN01WUnFmeVpYUFB0Q3pscGNnd2tFVHZCcW5mUjlscFljYWczaVhnRlR6akRheHg2c3ZqVm1tbkczZk1nV21LekF4REdPZGdzMU5NMzJvejBQcWRsekRJTksycjRRSGtkYWl0QWJZOEFzcz18&cppv=2

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

198ffed7c19328c7cac0314d98810b7aeebc61492c8db6b924d07ad0ef525c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3406848
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=VX2ZUHw5MDdud05KVjdmSGZpQ29iZDZIc1VaNHE1VjlOTWczVXN3QTRSVlM3MHFxVjZaQjk1NE8yMGdmQVJoTkl4emxMMkRkK0kvNDY3SC9ZOE0rY0xWTlM5WFpURStkbjZrTUo0a1RBdjUrQS92UmEwVEZzOVkrRmpKTTNiS3VtOTh6QVduOVNhL2ZBV2hQdndFL0s2ODNJWjB1WVg2eEpmL2NqZW5nRVBYWVBEUFAwazQydUt6TTVRRUpxNlZGQnBpZUNpN01WUnFmeVpYUFB0Q3pscGNnd2tFVHZCcW5mUjlscFljYWczaVhnRlR6akRheHg2c3ZqVm1tbkczZk1nV21LekF4REdPZGdzMU5NMzJvejBQcWRsekRJTksycjRRSGtkYWl0QWJZOEFzcz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 334457
content-length: 0
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 766 B
365 B 267ms
266ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4219919912248734&correlator=479976670511002&eid=44809527&output=ldjh&gdfp_req=1&vrg=202402070101&ptt=17&impl=fif&iu_parts=421469808%3A22733542416%2Csandstrike.io_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1707825073165&lmt=1701796923&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsandstrike.io%2F&vis=1&psz=1600x1200&msz=0x0&fws=132&ohw=1600&ga_vid=1786166092.1707825071&ga_sid=1707825073&ga_hid=537484825&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY4JS6ktoxSABSAghkEhkKCnB1YmNpZC5vcmcY-pW6ktoxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOCUupLaMUgAUgIIZBIXCghydGJob3VzZRiSlrqS2jFIAFICCGoSFAoFb3BlbngY4JS6ktoxSABSAghkEhkKCnVpZGFwaS5jb20Y4JS6ktoxSABSAghkEhsKDGlkNS1zeW5jLmNvbRizl7qS2jFIAFICCGo.&dlt=1707825071081&idt=1596&prev_scp=CDT%3Dno%26richmedia%3Dno%26GS%3DNo%26update_id%3D7.0%252029%252F01%252F24%252011%253A00%252065b7773cef55f%26FC%3D1%26OS%3DOther%26Conc%3DNo&adks=3960830635&frm=20

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b940dc195538df257591ede3d20bcde53422c66ec9e7ba5e8be70cafbb4deae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:13 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sandstrike.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 0D9C 20 KB
7 KB 447ms
88ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1707825072954&bidder=ozone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://elb.the-ozone-project.com/
Origin: https://elb.the-ozone-project.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:13 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 854cdbb5cd75373c-FRA

POST
H2 200 cookie_sync Show response
elb.the-ozone-project.com/ Frame 0D9C 10 KB
2 KB 89ms
88ms XHR
text/plain 104.18.43.178

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/cookie_sync
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1707825072954&bidder=ozone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: c6b61f7d963f8656e91aa200ac35e08f2edd5539b0777068e5a6c050dcf973aa

Request headers

Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1707825072954&bidder=ozone
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:13 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://elb.the-ozone-project.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 854cdbb38a2c266d-TXL
expires: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A2DB 39 KB
11 KB 43ms
43ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: fc255c0307018264ea056bce47bbd901452d16a2c528512435e3c81ce41eb677

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 11:51:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Feb 2024 01:51:50 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=50377
Connection: keep-alive
Content-Length: 10921
Expires: Wed, 14 Feb 2024 01:50:50 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 2EB9 0
917 B 46ms
46ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:13 GMT
an-x-request-uuid: c9664d56-5083-4c65-bfba-9789c8514126
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.103; 80.255.7.103; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame A2DB 7 B
380 B 449ms
41ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 7d6e3b6fefbbeb4d018118d74243a2fc
Expires: 0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 0D9C
Redirect Chain

https://visitor.omnitagjs.com/visitor/bsync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fb...
https://elb.the-ozone-project.com/setuid?bidder=adyoulike&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=58011ba967f2951ed762e61d31cfe842

0
673 B

78ms
77ms

Image
text/plain

104.18.43.178

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=adyoulike&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=58011ba967f2951ed762e61d31cfe842
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1707825072954&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 854cdbb5ae21266d-TXL
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:13 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://elb.the-ozone-project.com/setuid?bidder=adyoulike&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=58011ba967f2951ed762e61d31cfe842
p3p: CP="CAO PSA OUR"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 0
expires: 0

GET
H2 200 container.html Show response
22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EBA2 6 KB
3 KB 51ms
50ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sandstrike.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 11:51:13 GMT
expires: Wed, 12 Feb 2025 11:51:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame A443 199 B
298 B 161ms
49ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://sandstrike.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Tue, 13 Feb 2024 11:51:13 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 4D1A 197 KB
58 KB 251ms
139ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZctXsQAAr3UIu8lAAAMkRarjzGKLMNeNkTJ0EA&u=%7CxeiPBEmknJETif56feWSsH%2Bk2ALb4VEXf4w3bHCA%2BpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12Mk5ggn13iuEic_NwgTl1RzDYuYpdIxRMUHYV7U0Q5eYTN3eJfzfSFwHEG40MYyIBCeOI7JEC7bFQE7vurt35H6vga6Cx8hUeKf8DXDvwfviSqfB-tfSGKcm721tUTpi-ZLHK9A3N14d48BIGDRNr5_4ZAgvnH3FJs9kgqVsXX179XVKUnGAPV2B8Bd8FZgJpQ96Bjxnaa1VchDa15P5vJxE_Y5vS4Anm7QkEIehvA26bDpBsiDscbKQe9mUtLYMndluOE89EmIm9z_OgWC_y2h9NptW3LAZ4pG_MEikj7xvQWDMJ2Mc4rvAH305wN8KbR_hUFc0iJiw_UCg7bCJ1D4Zv2are-jM8fwXWphUKjkaqSqeiLsvS7W4NgrykP2ndHaQg7goYY7jT1Q8FlornqdaiJRXDhZ-VD8zWQb7q-n7aGoQM4ZrX5Z2Ju2ELsBp_y0tyt2WKhyLkwi6fCmvc1n6nDIUxM6nIiQUJrY1jDRnTSR87B_7nCyU4aCAYVXf1-5EqSAG_CK6ZZlbCCTAle6uBQ14Po9s4lPkVZMiMUaYj4rq6030Py7lm0Bnix6VzXegz_e3BSExTrJGwXXPO4ifqqiFvU0Ej6A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFGFWsVfLZfXeAsCS7_UPxciMoAPJntKxXNWdkfdwwI23ARABIJHi5B9gleKagqwHyAEJqQJc5GOEtRCyPuACAKgDAcgDAqoEqgJP0EVHaPrIduY5qH-xkbR8gnqQKup2By88wKUuiG6DeerFzLu15nApYCvMAAGZhRAhUcRQpiG_W5Pmkszgef_jHBSZNlh50n32KpuQz6DChiSPlaCe_2ovf8lS_1IpjDBSMz3FJjXgIguPhfNARA_LFpU3C0Z4kTJDIlTyi1gsaXg4lwT1SEFsDwce6CF3mjqNxZhdJBxV4P3ftT8RlROLGXYuWjsJGg5BY9Imrrmh3UrX7s66R-ZcxRNC3Sh3RwuLzhhyqvNT_E3BIzW8FeUe3Ta9XS26kudSVYuy_ogfRWk6ew1QwpN6kUoSXXXGG6siK49YhEZwHukNk-aoYikkmTFXqHjheAKBR3GtqwTpVqYPlHybmGxwIVR0fgbnTikT6_xB-ZqWJuEL4AQBgAaEx8qrrI6yiq8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAhAhIvf3BOliSx8OWoKiEA_oLAggBgAwB4g0TCNf0w5agqIQDFUDJuwgdRSQDNNAVAYAXAQ%26num%3D1%26sig%3DAOD64_13bo4tv4KvD_2ot7hlHE_xmHArEQ%26client%3Dca-pub-3282547114800347%26adurl%3D

Requested by

Host: 22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
URL: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

77ea9d68bc237e9b31a33b86363f03f888e27b8b318365bc44ee1f40b9960e33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 11:51:13 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=P12SvzvMPF6wCOFnChTR7HcbOZGWLHVCPWjlyuq9jcxmlLkuN5_LlkXrQluyj6usR41qK5J8bBZI6Kx8xljTtKwVXWjOdlUBQJ5vy7DjYN6qzL8L04TKLrfBWMYOOChSNpSrC1sf_w3QyUPm6l7peU6FrJDcUciPBWhLvbk2rCC3L7UnmAGLuqmrp8w9Cegb7PHcjvVeEup_plZfAOB5KZU26LKRu2zeitUSBs4Mu6BUZAK_5FcD09WbJXNGmZsf7TbsUQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 73002017
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame EBA2 3 KB
1 KB 191ms
78ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/window_focus_fy2021.js

Requested by

Host: 22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
URL: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 08:46:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame EBA2 20 KB
8 KB 152ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
URL: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:51:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:51:09 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EBA2 24 KB
7 KB 193ms
81ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
URL: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:56:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 12 Feb 2025 08:56:14 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame EBA2 203 KB
62 KB 144ms
42ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
URL: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:04:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 12:04:15 GMT

GET
H2 200 container.html Show response
22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2D17 6 KB
3 KB 49ms
49ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sandstrike.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 11:51:13 GMT
expires: Wed, 12 Feb 2025 11:51:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012402060239000/ Frame BA4B 196 KB
56 KB 175ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402060239000/amp4ads-v0.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a7c5cebbb6d6eff010530c59b73e9e423125219661ff9bc5866c55cd17a5607

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Feb 2024 18:11:22 GMT
age: 63591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56214
x-xss-protection: 0
server: sffe
etag: "51ebc873ede2e2f0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 11 Feb 2025 18:11:22 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012402060239000/v0/ Frame BA4B 15 KB
5 KB 257ms
122ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402060239000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2125b73ae211f46f82ee27eee87e5aa312c5bbf2aedca1b50b7d80f21fd3d5d2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Feb 2024 09:00:14 GMT
age: 10259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5214
x-xss-protection: 0
server: sffe
etag: "1e0d3e55ad08d21f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Feb 2025 09:00:14 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012402060239000/v0/ Frame BA4B 95 KB
28 KB 260ms
125ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402060239000/v0/amp-analytics-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70651252ddc3ae3cc902b7f374fb9037f0a27192fb31b66acbf5300441b45ad3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Feb 2024 09:03:45 GMT
age: 10048
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29043
x-xss-protection: 0
server: sffe
etag: "f8b65ff06b47be2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Feb 2025 09:03:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012402060239000/v0/ Frame BA4B 5 KB
2 KB 274ms
140ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402060239000/v0/amp-fit-text-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

288fd8ba8cb04967d8ffdb274e8828d79fe679e6991ceff828f0f48e04f315db

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Feb 2024 09:03:46 GMT
age: 10047
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "a50cf387c592e9af"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Feb 2025 09:03:46 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012402060239000/v0/ Frame BA4B 40 KB
13 KB 246ms
112ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402060239000/v0/amp-form-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da80171367ccb86206235641cfa5efc267725e1870f5cc5c2a777dc57c7d5ebe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Feb 2024 18:11:22 GMT
age: 63591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12948
x-xss-protection: 0
server: sffe
etag: "cd1beca569c88c8d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 11 Feb 2025 18:11:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BA4B 14 KB
1 KB 51ms
49ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 11:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 10:17:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Feb 2024 11:51:13 GMT

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BA4B 2 KB
3 KB 126ms
79ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 21:40:03 GMT
x-content-type-options: nosniff
server: cafe
age: 51070
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
expires: Tue, 13 Feb 2024 21:40:03 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BA4B 295 B
423 B 125ms
78ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 09:22:58 GMT
x-content-type-options: nosniff
server: cafe
age: 8895
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 14 Feb 2024 09:22:58 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7DAA 624 B
826 B 172ms
75ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKnk7gEQrLv-ARiNh4yHAjAB&v=APEucNVYfONi6KCBkwtraXB1ry2amUgvQHGD3SHwgx5Jf6HRFn8V2i5PId--9T5nmMeuog0ETf-Ih2r26DEDU9LjZ32CDJdNOB0TkUMnGPUEru5zKDCbC9NsZbVesXDoaAwbB3cGUg6ZKev56Wb4-MuOf1PJ6MGbbj26f-Li2aT8G_hSpRdYs1hpT8hOhNK0rDaI04c_WHKzUZawkG4NRVuaUpzi9R7uRw

Requested by

Host: 22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
URL: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 11:51:13 GMT
expires: Tue, 13 Feb 2024 11:51:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2D17 93 KB
33 KB 156ms
152ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
URL: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 11:51:13 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D17 42 B
173 B 153ms
151ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DcdXv8MmFkICjh4DWjtpX7YbviLnynxZsbiiyEOld2CuTYA-VpAg7vQiYas2f-9CMOPWvtMsltr1VIgZRuDxj_Iorv3rd-8lcq1hBtoGiJjdlGh-U

Requested by

Host: 22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
URL: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
server.adform.net/adfscript/ Frame 2D17 3 KB
3 KB 143ms
44ms Script
text/javascript 37.157.6.232
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://server.adform.net/adfscript/?bn=71339599;gdpr=;gdpr_consent=;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CjiwYsVfLZbvPA_Dj9u8P3-y6gATkrKHcdeDJpfWGEvuF1tDJOBABIJHi5B9gleKagqwHoAHnk6noAsgBCakCXORjhLUQsj6oAwHIA5sEqgSqAk_QC6LXnUtJHFdz9fy5erZwVjUqx4af9CzAwmuuJmL_YLjJ38hxJfYDxgn19FJ160y7liOVF4lhbvPp2HmF6uX31evSHQNTjDJQlljhzjIvtAgUL8fjxPXmlSK8lePmmwt9531cUOwDcZkv44t0_8GaEStQj5-qnfa0Db3C38MRosTLkvAdQOV6M5dZBCYG7DUgkR5bIWqNtVbMF5_SwUmXhmrRBq-3nh0Etmvrv0gJeTP70SSCklVLbMB_pW9K5yeQgCQppETz2eikVrT3djcEGbon7xfSoruO07vW8Jq5VMiaW2_UmMhSUKNn5sRhi2hGAqUyK-wVD2mLbK66WcPYsjRPzmYKbmXq40wEKtpvj6CEYkkdt89sK2_OKCH-qLJNNDWUgzyNa6HABNbVj4nEBOAEA4gFl6f74U2QBgGgBk2AB4Hs1pcBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJgiA4YAQEAEYHTICqgI6CYBAgICEgICECEi9_cE6WKiPxJagqIQDgAoDmAsByAsBgAwBqg0CREXiDRMI9s_ElqCohAMV8LH9Bx1ftg5AsBP1o84W2BMK2BQB0BUB-BYBgBcB6BcB&ae=1&num=1&cid=CAQSTgAvHhf_u6Q8_weZ4Rhe8vtlSxoDc39cZnKzNIRuTUrbHr6rEeUT0LiC_Od2zPojZinEP5O56KSCk0YZ1oqfIYPU731WmpVh0ypSyj-6IBgB&sig=AOD64_0e2SxmUMCLgR_UhEmf2p3sIMz55A&client=ca-pub-3282547114800347&dbm_c=AKAmf-CLx19d-qc85AFlGiIq0tj1JkQI-f7ViytN5lg81eiUeYtIro9njemfJeC4O8SiAfFcp8AT3S3a6wLsy373EmM_q-_jBG6rgamDkE5lo2R8AzDz3Q9U49hzBiLWwQucVKkdNI9wXA1qF6HPcaZ60I3XxoDartGcDPwGHuSKuVJWH9Dv8WA&cry=1&dbm_d=AKAmf-Dz_vnrzI80N0QqIN9OtlVucBjCEdRF5p_aRLLwh8a032frnxY9lfRb_2XK3OjkaDMXV9QbgjotQ3fW8Xr_PLpdQ9H2S0LGjP-vd3-WwKP8LztmiWycXQWokDvYmhrqvsiFw4tRRbp9kWfvohJjzRSlia8xT4m0oKX6wAx_Uo8fqjiAxiLRRZKfaxmdVYFd5m4rwWiVKCfGjWDFbxsXmK7e73vl3rXkulsOyc5ovs3X6J5hm-cbUM2EE5C3AS-wOEjJ10GjTfq8LHJ4Q3SwLvwzS7wp9mA7opB_yLQqTA9JAzViySaGNsBoIcw__jM0CLwXx0if9VjqOBAy5dMoZNDQGYMGPHTK8hoMZRaIZGcvr_c9EgNB40jEgTi-crndg9pjYruuKiVyVSJ52Nh_A6IO9XN5DXJSY-ZspGgkNLmmQDtfzX6k5B5rFTL1_e_JFPXd8PzZuVXhds3q6HIammqAiaaU0syzzwhNAi2jGLr_zp2hE9ppyRF-SyQjdQQhWnxQKM9QPgixMjx9Uzd9A3-eHmd9Ej5WhZg3kyR3D-iXzkXdEU3ky7yNXLxH2th79P8Ix3p5&adurl=

Requested by

Host: 22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
URL: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fa260bc65ec5b6c1b367bae744d1a39179c21726fd69b11c2e2482e3c39bd5c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2519
expires: -1

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame 2D17 3 KB
1 KB 64ms
52ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/window_focus_fy2021.js

Requested by

Host: 22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
URL: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 08:46:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame 2D17 20 KB
8 KB 57ms
45ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
URL: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:51:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:51:09 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2D17 203 KB
61 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
URL: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:04:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 12:04:15 GMT

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 0D9C
Redirect Chain

https://csync.loopme.me/?pubid=%3C12744%3E&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dloopme%26gdpr%3D0%26gdpr_consent%3D%26us_pr...
https://elb.the-ozone-project.com/setuid?bidder=loopme&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=14674941-a5b9-433e-be71-3c1c1777a488&gdpr_consent=${gdpr_consent}&gdpr=${gdpr}

0
782 B

77ms
77ms

Image
text/plain

104.18.43.178

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=loopme&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=14674941-a5b9-433e-be71-3c1c1777a488&gdpr_consent=${gdpr_consent}&gdpr=${gdpr}
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1707825072954&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 854cdbb6f8ad266d-TXL
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=loopme&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=14674941-a5b9-433e-be71-3c1c1777a488&gdpr_consent=${gdpr_consent}&gdpr=${gdpr}
date: Tue, 13 Feb 2024 11:51:13 GMT
server: _
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 4D1A 2 KB
1 KB 46ms
46ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZctXsQAAr3UIu8lAAAMkRarjzGKLMNeNkTJ0EA&u=%7CxeiPBEmknJETif56feWSsH%2Bk2ALb4VEXf4w3bHCA%2BpU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12Mk5ggn13iuEic_NwgTl1RzDYuYpdIxRMUHYV7U0Q5eYTN3eJfzfSFwHEG40MYyIBCeOI7JEC7bFQE7vurt35H6vga6Cx8hUeKf8DXDvwfviSqfB-tfSGKcm721tUTpi-ZLHK9A3N14d48BIGDRNr5_4ZAgvnH3FJs9kgqVsXX179XVKUnGAPV2B8Bd8FZgJpQ96Bjxnaa1VchDa15P5vJxE_Y5vS4Anm7QkEIehvA26bDpBsiDscbKQe9mUtLYMndluOE89EmIm9z_OgWC_y2h9NptW3LAZ4pG_MEikj7xvQWDMJ2Mc4rvAH305wN8KbR_hUFc0iJiw_UCg7bCJ1D4Zv2are-jM8fwXWphUKjkaqSqeiLsvS7W4NgrykP2ndHaQg7goYY7jT1Q8FlornqdaiJRXDhZ-VD8zWQb7q-n7aGoQM4ZrX5Z2Ju2ELsBp_y0tyt2WKhyLkwi6fCmvc1n6nDIUxM6nIiQUJrY1jDRnTSR87B_7nCyU4aCAYVXf1-5EqSAG_CK6ZZlbCCTAle6uBQ14Po9s4lPkVZMiMUaYj4rq6030Py7lm0Bnix6VzXegz_e3BSExTrJGwXXPO4ifqqiFvU0Ej6A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFGFWsVfLZfXeAsCS7_UPxciMoAPJntKxXNWdkfdwwI23ARABIJHi5B9gleKagqwHyAEJqQJc5GOEtRCyPuACAKgDAcgDAqoEqgJP0EVHaPrIduY5qH-xkbR8gnqQKup2By88wKUuiG6DeerFzLu15nApYCvMAAGZhRAhUcRQpiG_W5Pmkszgef_jHBSZNlh50n32KpuQz6DChiSPlaCe_2ovf8lS_1IpjDBSMz3FJjXgIguPhfNARA_LFpU3C0Z4kTJDIlTyi1gsaXg4lwT1SEFsDwce6CF3mjqNxZhdJBxV4P3ftT8RlROLGXYuWjsJGg5BY9Imrrmh3UrX7s66R-ZcxRNC3Sh3RwuLzhhyqvNT_E3BIzW8FeUe3Ta9XS26kudSVYuy_ogfRWk6ew1QwpN6kUoSXXXGG6siK49YhEZwHukNk-aoYikkmTFXqHjheAKBR3GtqwTpVqYPlHybmGxwIVR0fgbnTikT6_xB-ZqWJuEL4AQBgAaEx8qrrI6yiq8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAhAhIvf3BOliSx8OWoKiEA_oLAggBgAwB4g0TCNf0w5agqIQDFUDJuwgdRSQDNNAVAYAXAQ%26num%3D1%26sig%3DAOD64_13bo4tv4KvD_2ot7hlHE_xmHArEQ%26client%3Dca-pub-3282547114800347%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 07 Feb 2025 11:51:13 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4D1A 2 KB
1 KB 47ms
47ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 07 Feb 2025 11:51:13 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 4D1A 308 B
636 B 45ms
45ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 07 Feb 2025 11:51:13 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 4D1A 293 B
621 B 46ms
46ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 07 Feb 2025 11:51:13 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 4D1A 43 B
348 B 125ms
41ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=DJ1wuHUU8dy9CwEVXzy6PKGhy3TN-VRNpqOYCuH5MqYUbuVuolcOWVZJstUVlwgPmx0VTZggPSFZvRFujbOf4E2N6nQakeWpeCuzn8Zb17REbsNS4iUrglhM9ScA93I60s1bjg0pxXZuvK2X3-QWV6WV5MiSFOdpZPZH7BpOPOGKU3kJzU0tNVhF5FDBSijU6EvWca9_FY_s9YJyepdU9AC8maHIhDUxXAwnIJIOGjVkVwNjAAM-LC7yG4yasgEDV8VymdvpARzUMDF7scKEN6a904W9jvPy1NyHYfv0k776ejl1JQZQPgo4H9lm9zJ8XQEgEUG0YeNjcM5sIVuwclX4Vqwbe-6JHGKYeWaEzeupmanwtkivw2KBiTM2vlw12PaPRmZ03L3FYTVo1hYg76q3PNqpsuhG4514NEas82ChSxQ1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2440653
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 7DAA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG2YqAXGAbrsRbzJHm7H8nI&google_cver=1

43 B
340 B

77ms
74ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG2YqAXGAbrsRbzJHm7H8nI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKnk7gEQrLv-ARiNh4yHAjAB&v=APEucNVYfONi6KCBkwtraXB1ry2amUgvQHGD3SHwgx5Jf6HRFn8V2i5PId--9T5nmMeuog0ETf-Ih2r26DEDU9LjZ32CDJdNOB0TkUMnGPUEru5zKDCbC9NsZbVesXDoaAwbB3cGUg6ZKev56Wb4-MuOf1PJ6MGbbj26f-Li2aT8G_hSpRdYs1hpT8hOhNK0rDaI04c_WHKzUZawkG4NRVuaUpzi9R7uRw
Protocol: H2
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5No5vXiiTLb9a3bkoKqV2iVljzrv%2FJo4d74%2FmMAOQRhn4uE40iKdYW6nQJAUxmAgurgLnZIpzmskG7wrDeT52gN2ni%2B87ZpA2wNJStdF%2FD8WzDEGFeeL0PzaMt9Vd10N2%2Bhq3P4Bsn%2BUMg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 854cdbb7bf196a75-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG2YqAXGAbrsRbzJHm7H8nI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7DAA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZctXsVVbLIwAAAZsAD1yDAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG2YqAXGAbrsRbzJHm7H8nI&google_cver=1

43 B
769 B

68ms
67ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG2YqAXGAbrsRbzJHm7H8nI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKnk7gEQrLv-ARiNh4yHAjAB&v=APEucNVYfONi6KCBkwtraXB1ry2amUgvQHGD3SHwgx5Jf6HRFn8V2i5PId--9T5nmMeuog0ETf-Ih2r26DEDU9LjZ32CDJdNOB0TkUMnGPUEru5zKDCbC9NsZbVesXDoaAwbB3cGUg6ZKev56Wb4-MuOf1PJ6MGbbj26f-Li2aT8G_hSpRdYs1hpT8hOhNK0rDaI04c_WHKzUZawkG4NRVuaUpzi9R7uRw
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNcMaKuGBX254FywHD3aWUEcE4ya1ZgHXl%2BVSogbygnTLFQo6LY%2FcUpjnmPdRoN9j2PWXoTdmN9yw8lVkJEbAwrLJoda8XQt8ttDyxBvts8lmi%2Fdb0Oakyb%2FUgrooPTLECamZDHD717DoA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 854cdbb88bfc6a76-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG2YqAXGAbrsRbzJHm7H8nI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 7DAA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEO81rKViD7lFrgM8a30kTEM&google_cver=1

43 B
1 KB

44ms
44ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEO81rKViD7lFrgM8a30kTEM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKnk7gEQrLv-ARiNh4yHAjAB&v=APEucNVYfONi6KCBkwtraXB1ry2amUgvQHGD3SHwgx5Jf6HRFn8V2i5PId--9T5nmMeuog0ETf-Ih2r26DEDU9LjZ32CDJdNOB0TkUMnGPUEru5zKDCbC9NsZbVesXDoaAwbB3cGUg6ZKev56Wb4-MuOf1PJ6MGbbj26f-Li2aT8G_hSpRdYs1hpT8hOhNK0rDaI04c_WHKzUZawkG4NRVuaUpzi9R7uRw

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:13 GMT
an-x-request-uuid: b4a90e14-fd65-4ad5-bd03-7918ed96ce54
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.103; 80.255.7.103; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEO81rKViD7lFrgM8a30kTEM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7DAA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU1MTQ1NDU5Mjc2NDc3MDUxMA%3D%3D

170 B
243 B

106ms
63ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU1MTQ1NDU5Mjc2NDc3MDUxMA%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:13 GMT
an-x-request-uuid: b63c5727-6368-45bc-a3b6-0a95c529f7b0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU1MTQ1NDU5Mjc2NDc3MDUxMA%3D%3D
x-proxy-origin: 80.255.7.103; 80.255.7.103; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D17 0
58 B 70ms
70ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5193974589822&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D17 0
56 B 70ms
70ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5193974589822&version=m202401290101&ct=77&x=1&cor=3883745720432763000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2D17 34 KB
20 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ddn7k967HRt9iqywCs1QsSxkMfUSRyUhLNTaJ6J-BNvcVyDXatlOBolCpfJVxgdnRHGfUjWeAgU205WEKEMrCPWLJP9IgjBhCdu2XOAsOwCWvyKTtaDJi4YI3mvpd72yq5UQK2y1oiXn5kuCSkyhlgXWv4IuD7HocY58mBW59OFUxj9UI&cry=1&dbm_d=AKAmf-DoYYKCI35D1lXGhrTxp1qs4GPPWO7v8Tbjdzmcu7gWSGtvOEJ9OkE6r_sA4o-q_1V-kBwxhMPvfPmLHGcaWx4VMLmunHkbbFu-EHyrdUSb_FuUoIzdg8hw45vTUMoBoUUJ0Ca1EEw9Qr-dcUMztBn5Ucrk9qIkwOB0PYa35w4IQ_6c0yl7-A8oetERX4MDV7IgD-6OdQbWsT61x8triRTtAxty0DclSt4sfoF2ZxUrFwPCVkN0xM2uBloCoD15Ye12fhrrP-L76JpLwP2xBSDq-CPmda86QKPYQTJ41-VABjznuSZWnaHcRSjv87gM1EntxQTIDptYjRjw0dk4WP7lC6fH96ZLDmE53OmTPwh5_7-1wviVb6bKwivyOrsMJzlnwi1Jtw3c2qwAIAIvHqkaZ3F_EZQ_np7fKUHI0HPxedn3aNNsAd2QokK8kIORQoe4XOaoTqeMQEYcU5vFIKFirEeS7siqbua4qRPKqn6oG-M2SogxfJvMPQpEPQEd7fw6vhqf1GT8n5og79GS8xbN37i1UUhMBImcdAfqqta3VAnb72HMk2z8R_0yRQ0F16E1f7K5Bl70m_YvOHDGPU5nNqrx3xH1zZh1mkSVv-X2PexF8kNQ060z-kAnc7mV1E4bBzue4dnr_PcX03d-f0s7ExKH7JAoWsMXd3CONiS4VvyMY-v3ST37SVYVRpfyTC8oNxlVey-7DsLvcWs4vn14RwwVUjhtqtk5M5BRp70WanWHHyupTZ6CyJ5uV90vheCmcd5AOmYwsromO7ZpqJ3fyhSi11QQnztZgI2vJEMYwlsyxnh0mf8sAC82CsIbTRwk_JgaDlOXXHIQ-KDH5hmlY9I6lU3YJD1kQ5dukdMHP2Mv1VAIKjZeoyekbEAk5CSNzAQQJHp51jkkZP3uTF0h9zNuxwqP0sfokefvwiY9PhQhXf7N5aGeshNncBX0X4DEeGpbMBFkykgQuVHeCCUBzosIBp-V43EkObBOwAxKiNQa-xHxv42VMr49i-4VAzZui1YWpyRjxRO2cwjhxjejyufP-9yBADWfdHgABiK9c6N_h4zncIki5ldCcSzjE_GPJkdebZf4d2EuCvH2c60A3TNOmLibrwFvkHP6qr6ivgLOzt-asjoyeOWiBi4W6Anp983GpsS-NXO4mgPge1auOtbSX9PixsEXEkkVqjoPVYhwAgKCk1UB50VLPPJf0oVpZJIPzwLoK08xcvrwXv8LyhuJNs7Kpo9qdjVilXlv204O2PW7M-Ukps6sL71-HXMVYVQANqCcCjO1xThq2rWBxT56WI45kEUSO2Ao1DuUv0nzLW9q-ClFZmu9sIYmid2Ud13gA-ABeif2Onmfw4yX-R-rU7c8bSToO-Bolw67GPKXqNOhzthc2tnBSn-MLdi7IKhkz-gPbYIiKIaCyz7fRUKRN-UpjhT4lNAbPXz92ZROqcyYPBj0A6jhlneCiMxVlJPZeh07iht-o12r-pT_L5msj-O9IvyiLPtb1Yu1ZT4xgBE2tf9GTTepCP84E-7hwrSs44j-7F92w4i0gt3Zc8fGReEg9U4dRuihxGUTQbFBp3z2VMhbECbNkq0CWNZJTmi8mSr7vYrJsWDEQFZOI_DNkQL9BwU2p1eS1mmGraV15zPontA0tuzAefjDpT3935S1WUCU8XkDWrcCdtVlmVixXq0FRQ2ZaGWKv9Vrak7A6eXpNR5x3H_CSvW239uCFmUETsWpBn92DRC62_-i0iKsrv88Y_w2SQLo5vtvQLrClBd-hsc-pDojnUywa-aZZUFkPEL7qwxj5VxnhbHfgUT3Nz4ToRXHhzOZ8FtpafpaloXqXPtqmeb-PE3MtuB-U9ZDjxHyfGsF-dZZBsNVsAi9O82OjO1CpnFv_DZs_hJe2eTfdoQ1Y3cx2JFiY6qfM7WMTnWaYdl7ZvmRd22EJL0yBQdTHbOF5Z6mPEea_PsGkefNc5kr_tT9tjA_4lQJtP0I-JkAy1sRTFgq8d2nSlYxBicHJVcTq80TbYo-w9CYHrSt0wiqihQINppuJ3GeOuMWp8K_HodGogmKQ-dOOorg0WLFKhOv2cJTwAJRVrB2_Pv9_6yuRfNeKRVi9cWaD4Pdk3GW2C_NNL8tZl9Yaz42C-4N6iCijSMhpdgSM4RWY3t5N0flQIVxofFL8kh_CjiEfSEJKrkoTrcwaCKDc-lnf1VUhPuHYVHCSd1zvMmHOkM1Y9fJpl93z295z1iogbsN55DH6jF_NSGtXVnqtNQL5NLM6HpM9W-L2nVuR0U-5ecJoIAlX7Xmf7Z09wtsJ0JgPxtu2lEP_GjqVLUlWASpmkbbjJdiNvJK-Rw0e3Vdv0nfp6hdVuYr8fWsHk7rSizCw31uI7lFSFRUs_hT9NA67jLqvsT700ThbB9Y_eLo-WAvLxovEZaZdIe0F3G61euPlVu5lULKLDFO--BWyuRIgx6xFxuQA-ErozaR6zinfQJSLTITk25qXNuzCMAQHUnFZ2qvrv8nKlDFD0qRjl8IHASzpzVhLA2p_VKfXYTN1cMXelHhPCgCNjBDULrpDO8_-PEfyIuFYAtCKRJF7VKebroCRxFqWBM-Ulm51-cpFtkgUSPoDDWw--W4ZTe8V-G-0NLOvobUhL-IvLRV2LwAC24mB7qKalmoj6aPKEC7JtuobgEPE4b8ZgikRXOkZSNo4n6eQJI4UPTdTEF3ZMmPBTX8d_1O9hC5VrP1kjQNKtIhomLfeIA6a41ZmYrw0bUZ_ijHCjjWwL-c1zHifZAnsiwu7X62s4Y_Uko1SOfV72GKnUxzHNrmLTslJxzXWZTiFDOby05s-FJb3Y9puSrpltRP48hDaw7vwslCZwaO4jw9mhlwttdNiZQELJRaJCnEoSf54HW9uv-_sDKvwMUhIN9Kzjk1D3hgeNYJX1BitrUrcnQhsR7o0b7ewWql1x0uzKCJJdYe63xVNrAW0tworEzlo7iXsUIqV53xy5PLvN0IYm7jkG4VX8KHLgBEVdCUdJBPchHRmMvK_VWsw03NSN8hqm4faavs37d5pp47SZiX1Urm4knKto9ZK2DKYXZWuh6EX-Epx9JDT-UyjZ4cTxeKDiat2xKadhr4xVf_HrLLiUWyoHRUhDnowS5ZSyZxH-Pcq9oAXAOYBgAZG3nm6AkrbFMkdxo4uKtI0bb-MQaooCw793DS4IzyD-Bp9bu_BZAh4RR-fWV-bFNXi3vXr3Owjmi5PfR_qAm7rrTQbmHZgFWr-JZQ0LbLiBqs9fScC-v3PAZ_Kyko9UPXrWq2x1UtjgTX4hNLYwwz4ZBIQ9PPJFY8q5Pejr54m47_MySgeM3k0nrub5WBdSfkVu4Q8fYnNPb3amRSTGT38ESei-279cBL3K_gffKRoeNQ5T_3KwbOD3IlkuhbcEcUD4J6rQRZvtXeS3VKjLo0GUUcqmZNIJAyRJXHCUfiIJv6gvhubcHXgUSlmUNxSjv66zOryZs-Kele9c2irEV1lbSf9a-Cbw5YUTww1M3LA_u9uGiO-GhB31_0bgI3YW0i8nuLogJvfIUCpUmS0xC7Knb21cDWDwcKlm0WwlSJ1JYH2Xbv_6hrArb6LicJcJnNwvSrgINSdeEyu-FUXUGD8irlt4J7v8GOuuzBTEi7RBciqSs510_Q0ft3DEiTmngn2oT3SOv9n3Pf2bHvbLsPxAvIeWRgnHK_AaQca-W4HSKzjOSkQ8TU__X5rxkXBKN5Wgzoj7UJAZhyGY30yLBOXcr3HBS3_0nBjigXSPCbm5X4JA2W1QRG7YuCy5wawKOip_Vwe856jG_1MRGtUuOuZSAAsnmGOoFo4KX8hrk-X2RFc4Vs_s4Y7Hp0gNTxpbvNh87KumRX9_4wYOKqDjmOmTA_iqul2lwak_724qtA9bitgfRD3XAKlmUOKK7JIub3fmWhAzQGgSJPtpTHyi3oIT4iz5MFqFKYnEstWGo9RX2HbfOovXu54_Dj-pE6L2w12Rvp6g&cid=CAQSTgAvHhf_u6Q8_weZ4Rhe8vtlSxoDc39cZnKzNIRuTUrbHr6rEeUT0LiC_Od2zPojZinEP5O56KSCk0YZ1oqfIYPU731WmpVh0ypSyj-6IBgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fsandstrike.io%2F&ds=l&xdt=1&iif=1&cor=3883745720432763000&adk=3690638928&idt=168&cac=0&dtd=8

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14e5fec87f3faa33091115ac3904a9375fffea7bdd47170309c039e66b4cd427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19604
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame BA4B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

50ms
50ms

Image
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: sandstrike.io
URL: https://sandstrike.io/
Protocol: H3
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Redirect headers

date: Tue, 13 Feb 2024 11:51:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 4D1A 12 KB
6 KB 51ms
50ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 07 Feb 2025 11:51:13 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4D1A 0
128 B 138ms
45ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=P12SvzvMPF6wCOFnChTR7HcbOZGWLHVCPWjlyuq9jcxmlLkuN5_LlkXrQluyj6usR41qK5J8bBZI6Kx8xljTtKwVXWjOdlUBQJ5vy7DjYN6qzL8L04TKLrfBWMYOOChSNpSrC1sf_w3QyUPm6l7peU6FrJDcUciPBWhLvbk2rCC3L7UnmAGLuqmrp8w9Cegb7PHcjvVeEup_plZfAOB5KZU26LKRu2zeitUSBs4Mu6BUZAK_5FcD09WbJXNGmZsf7TbsUQ&sds=2&rev=90562.7&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 13 Feb 2024 11:51:13 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4D1A 2 KB
1 KB 52ms
51ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 07 Feb 2025 11:51:13 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 4D1A 2 KB
1 KB 49ms
48ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 07 Feb 2025 11:51:13 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BA4B 0
0 80ms
79ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFhIIsVfLZf3cBvCW7_UPz46iiAXgooTlcpysusXjEYKd3KDUARABIJHi5B9gleKagqwHoAG3k9WYA8gBBqkC0sLa5XYPsj7gAgCoAwHIAwqqBLQCT9DN-WRXBtq4bnj01X_Bp4d3PAeKA58UG9_0P9I7E5cHEhBiMPi89DFi0M3SCMvWCVzlBnz4WGmL1-DIGI5MGZchzaPTv4cLAopakuaUhWt5pLGLU04RUUnlUUYdukuEdgXnIt66hU0WbROdklDTvNCBH8NmQJRtGyRMNtPH6YJRb9jCCmJ_zTZ3RW39OXSUp_mAMI3i8ewIkOAcOlVRCM5GTOh1oCljA46WHekChWRnhzL52kYIl4WG9dCtGnywINvM4azPK2U6glOD_U9fUJVfzI9k5m4wWUqaW78KaSl-ApfQJZKOXgsUyXyUwQvOrnal1XfINRZckBLj_g4aZc_uJ4YpbKk2l07Mv3tRI2Me9yrQjASKqp51TAmnWoej9JHIqLwSgbO9a70TGWVpDUUtq-nABPTlx9e5BOAEAYgF6723rkyAB7HsqmeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCOzgnSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOlicoseWoKiEA5oJRGh0dHBzOi8vd3d3LmJha2tlcnRyYWlsZXJwYXJ0cy5ubC9kZS96dXNhbW1lbmFyYmVpdC12b24tdW50ZXJuZWhtZW4vgAoDyAsB4g0TCOvux5agqIQDFXDLuwgdT4cIUdgTA4gUA9AVAYAXAbIXHgocCAASFHB1Yi0xNTcwNjYxOTYyODY2OTgxGJD9Eg&sigh=DqlOsk7AQ6M&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgAvHhf_6wpYghELQszZL-_WjLKoacapE6_qHno3pG3iFZv01Pc0bqCmEAvKVHCkrOhLoeYqraCUcQwuSLNu73jfLQGniohOM70TX_yIpRgB&template_id=492&cbvp=2
Requested by: Host: sandstrike.io
URL: https://sandstrike.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/ Frame 2D17 30 KB
11 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/abg_lite.js

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 21:27:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51795
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11551
x-xss-protection: 0
server: cafe
etag: 12710720872123804752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 21:27:58 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2D17 41 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 09:09:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9684
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 09:09:49 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzgyNTA3Mzc1NjE3NAogIHNlcnZlcl9pcDogMTM0MDU1ODY2CiAgcHJvY2Vzc19pZDogMjI2NDkzOTMzMQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjQwODU5...
ad.doubleclick.net/ddm/activity/ Frame 2D17 0
0 74ms
73ms Image
text/html 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzgyNTA3Mzc1NjE3NAogIHNlcnZlcl9pcDogMTM0MDU1ODY2CiAgcHJvY2Vzc19pZDogMjI2NDkzOTMzMQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjQwODU5CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9vYmkuZGUiCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMwpldmVudF9pbXByZXNzaW9uX2lkOiA2OTQ2NTUyNDk4NzE0Njg3NDkyCmRlYnVnX2tleTogMTQ1ODE4NzM3NDQ3MTE0MjkwMQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDItMTMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA5MjQwODU5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzg3ODU5ODk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTY5MTMyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwODc0OTc0MTAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTUxNzQ4NDkzCiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL29iaS5kZSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQKMjE6IDEyMjcxNTgzNwo
Requested by: Host: 22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
URL: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/631/s1.adform.net/ Frame 2D17 37 KB
17 KB 171ms
49ms Script
text/javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Requested by: Host: sandstrike.io
URL: https://sandstrike.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3e172351681175a64b1e409719b4e5275cce06c8620547ce26fe08f6a669198e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:13 GMT
content-encoding: gzip
last-modified: Tue, 19 Dec 2023 10:28:27 GMT
server: nginx
x-cache-status: UPDATING
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 01 Feb 2024 14:25:05 GMT

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame 0D9C 0
35 B 141ms
40ms Image
text/plain 35.157.7.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?supply_id=1UfPRnxS&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1707825072954&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.7.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-7-115.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:13 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EBA2 0
0 81ms
80ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQW0AsVfLZfXeAsCS7_UPxciMoAPJntKxXNWdkfdwwI23ARABIJHi5B9gleKagqwHyAEJqQJc5GOEtRCyPuACAKgDAcgDAqoEpwJP0EVHaPrIduY5qH-xkbR8gnqQKup2By88wKUuiG6DeerFzLu15nApYCvMAAGZhRAhUcRQpiG_W5Pmkszgef_jHBSZNlh50n32KpuQz6DChiSPlaCe_2ovf8lS_1IpjDBSMz3FJjXgIguPhfNARA_LFpU3C0Z4kTJDIlTyi1gsaXg4lwT1SEFsDwce6CF3mjqNxZhdJBxV4P3ftT8RlROLGXYuWjsJGg5BY9Imrrmh3UrX7s66R-ZcxRNC3Sh3RwuLzhhyqvNT_E3BIzW8FeUe3Ta9XS26kudSVYuy_ogfRWk6ew1QwpN6kUoSXXXGG6siK49YhEZwHukNk-aoYikkmXNVieph69K84aGKcYjJvwIBs3YtkkJoo-C8Q6AV8Tc_82SLbbp_4AQBgAaEx8qrrI6yiq8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAhAhIvf3BOliSx8OWoKiEA4AKA_oLAggBgAwB4g0TCNf0w5agqIQDFUDJuwgdRSQDNNAVAYAXAbIXHAoaEhRwdWItMzI4MjU0NzExNDgwMDM0NxiQ_RI&sigh=QnZ7kwC7s5w&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_Fd_dgoONKQJ5bx3hz52Xkb6fE1gSGoMet2I-2T9caZdWHZo0fMJYoYWggOv6TQHPA2LODc81FNhafjyMnGu5AKCUIlrNsNfT8vkYAQ&cbvp=2&vis=1
Requested by: Host: 22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
URL: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame EBA2 0
126 B 160ms
51ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kezRGcLVC_oB-gGdg2ICAgAAANC3CKomKeP4vpLkCRCwV8tljy0ENhADZO1eaAAAEgAACgpBUVVERHdFQkR3&wp=ZctXsQAAr3UIu8lAAAMkRarjzGKLMNeNkTJ0EA&cbvp=2

Requested by

Host: 22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
URL: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:13 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 116689
server: Kestrel
content-length: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B840 38 KB
13 KB 39ms
39ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 09:16:31 GMT
expires: Wed, 12 Feb 2025 09:16:31 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame B840 39 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 10:04:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Feb 2025 10:04:15 GMT

GET
H2 200 server_match
ad2.360yield.com/ Frame 0D9C 43 B
199 B 206ms
60ms Image
image/gif 54.73.193.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1707825072954&bidder=ozone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.73.193.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-193-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Feb 2024 11:51:14 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B840 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BmTOYsVfLZc6TLrqP9u8Pw_aAuAgAAAAAOAHgBAI&bg=!goGlgc7NAAaxkZ3akZE7ADQBe5WfODjEMBWBG0HgcSEoJ4gwguvCyc3OFbsDgMT0GryjoZt8_6jDKRNUETfphqOyoklOAgAAADZSAAAAAWgBB5kDEz776cH-2FHvDIGLcnlG18d7NxVoGBDEvjvElOkeCuKvo8B7ALTSN8gdM4djP6dfY2fL8yTd6CzxZghed2g5TUxNIkv0ASwi10GPEMVcuMhqxTdzUS1Fmbztk6I1BYY4kRtfSw0bVSSyYAOALNqIRQx1NxwGPeEDxReDydOy9-sWDBHe2AyuYVNReVFm50J77inAy2nxfXZX2wSTc4jMrVhz3VDBuFHXFebz0X1kOYou2ZHDRSa0TunnxzjKJAaAHUHkV74-8FUypsw2uH1FgrSByz_UrhdPutp5a6KtMJ8f18XFC45nzaGqatcjMfcTjfTA0ZAFRlOo0kQu4zvW8iYYe_gZUdeUG28iPr_to0tbl82ovcmDNi0_cahNiqP3HSNbL907KuHMymGYYqc5vsvLVi2itothoo5Zb27ajSQjnaz1bNkZt9WQO7gK8ffBGly8ivlv-J_ibp42w_CjnBdpWcpyZTOl_yQvNggACuv2ym2ftzNTz10_4uo1uRlk80HtnmWcdq1wNz9J9JDpvVVZ1-BacHlfgiBrrJQ1PeM7OpsYdNz12DSLPXgsVnEdGQySzMA0oW-jJUX0iVPzGnH8CkISJtG_PQc6qAq-8wOjhLQsCdrL8zSRUNMB05RM1eLoqdbXYl5lc7QO7-4sLhj9COlBAgB6a232XzPfZAOHjrynGMuF6cxtAQXDKYIAA9QM57iubyd7qmVuSt6pLW4QHedKMkHyNXOlkGgYLeJnaDfG5ATW_2sG94cfMOZogkS4ulk6unM2ZPGSx8LumIlupAqAIz8m4NjBO4L6mg26nYdjl6RMEHH44_Gycj7uGSS_kP0slZcH4Be8RC777WqE_5LPRuwOAJnQlqqVFqJHV1EO_F98WlDXdEoi0t95MrfGdduw-r1_Yz5-rPI5AJSE1o0H3zt3t1mN5WGjIpHBDnyVXbryojnAKVCe1ysxI8qJyloEh2cKjgXL3xVC_ViPU4uGe9ZRYxsKqQ5-7G_klhndpvWkqGesPkPY7K6QylFEfsBEOm2PmeaxzUwdP6hsW5Y

Requested by

Host: 22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
URL: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
server.adform.net/adfserve/ Frame 2D17 9 KB
5 KB 41ms
41ms Script
text/javascript 37.157.6.232
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://server.adform.net/adfserve/?CC=1&bn=71339599;gdpr=;gdpr_consent=;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CjiwYsVfLZbvPA_Dj9u8P3-y6gATkrKHcdeDJpfWGEvuF1tDJOBABIJHi5B9gleKagqwHoAHnk6noAsgBCakCXORjhLUQsj6oAwHIA5sEqgSqAk_QC6LXnUtJHFdz9fy5erZwVjUqx4af9CzAwmuuJmL_YLjJ38hxJfYDxgn19FJ160y7liOVF4lhbvPp2HmF6uX31evSHQNTjDJQlljhzjIvtAgUL8fjxPXmlSK8lePmmwt9531cUOwDcZkv44t0_8GaEStQj5-qnfa0Db3C38MRosTLkvAdQOV6M5dZBCYG7DUgkR5bIWqNtVbMF5_SwUmXhmrRBq-3nh0Etmvrv0gJeTP70SSCklVLbMB_pW9K5yeQgCQppETz2eikVrT3djcEGbon7xfSoruO07vW8Jq5VMiaW2_UmMhSUKNn5sRhi2hGAqUyK-wVD2mLbK66WcPYsjRPzmYKbmXq40wEKtpvj6CEYkkdt89sK2_OKCH-qLJNNDWUgzyNa6HABNbVj4nEBOAEA4gFl6f74U2QBgGgBk2AB4Hs1pcBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJgiA4YAQEAEYHTICqgI6CYBAgICEgICECEi9_cE6WKiPxJagqIQDgAoDmAsByAsBgAwBqg0CREXiDRMI9s_ElqCohAMV8LH9Bx1ftg5AsBP1o84W2BMK2BQB0BUB-BYBgBcB6BcB&ae=1&num=1&cid=CAQSTgAvHhf_u6Q8_weZ4Rhe8vtlSxoDc39cZnKzNIRuTUrbHr6rEeUT0LiC_Od2zPojZinEP5O56KSCk0YZ1oqfIYPU731WmpVh0ypSyj-6IBgB&sig=AOD64_0e2SxmUMCLgR_UhEmf2p3sIMz55A&client=ca-pub-3282547114800347&dbm_c=AKAmf-CLx19d-qc85AFlGiIq0tj1JkQI-f7ViytN5lg81eiUeYtIro9njemfJeC4O8SiAfFcp8AT3S3a6wLsy373EmM_q-_jBG6rgamDkE5lo2R8AzDz3Q9U49hzBiLWwQucVKkdNI9wXA1qF6HPcaZ60I3XxoDartGcDPwGHuSKuVJWH9Dv8WA&cry=1&dbm_d=AKAmf-Dz_vnrzI80N0QqIN9OtlVucBjCEdRF5p_aRLLwh8a032frnxY9lfRb_2XK3OjkaDMXV9QbgjotQ3fW8Xr_PLpdQ9H2S0LGjP-vd3-WwKP8LztmiWycXQWokDvYmhrqvsiFw4tRRbp9kWfvohJjzRSlia8xT4m0oKX6wAx_Uo8fqjiAxiLRRZKfaxmdVYFd5m4rwWiVKCfGjWDFbxsXmK7e73vl3rXkulsOyc5ovs3X6J5hm-cbUM2EE5C3AS-wOEjJ10GjTfq8LHJ4Q3SwLvwzS7wp9mA7opB_yLQqTA9JAzViySaGNsBoIcw__jM0CLwXx0if9VjqOBAy5dMoZNDQGYMGPHTK8hoMZRaIZGcvr_c9EgNB40jEgTi-crndg9pjYruuKiVyVSJ52Nh_A6IO9XN5DXJSY-ZspGgkNLmmQDtfzX6k5B5rFTL1_e_JFPXd8PzZuVXhds3q6HIammqAiaaU0syzzwhNAi2jGLr_zp2hE9ppyRF-SyQjdQQhWnxQKM9QPgixMjx9Uzd9A3-eHmd9Ej5WhZg3kyR3D-iXzkXdEU3ky7yNXLxH2th79P8Ix3p5&adurl=;js=1;adfxid=1x;1991;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2Fsandstrike.io

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

666c357c7b9d6ade3e04e62d72bcfa239decfcbf09fa8f1a4bc69d827353ea47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 4941
expires: -1

GET
H2 200 Standard Show response
s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 2D17 91 KB
39 KB 69ms
68ms Script
text/javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: sandstrike.io
URL: https://sandstrike.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 80958b705988fc97f2179c7a83acfc7353d1145e50ffd2680bbe3e08254708c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:14 GMT
content-encoding: gzip
last-modified: Tue, 19 Dec 2023 10:28:27 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 01 Feb 2024 14:25:05 GMT

GET

sync
ads.servenobid.com/ Frame DFBB
Redirect Chain

https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26...
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D1%2526redirect%253Dhttps%25...
https://ads.servenobid.com/sync?pid=312&uid=8551454592764770510&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D1%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%25...
https://ads.servenobid.com/getsync?jp=1&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253...
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsy...
https://ad.turn.com/r/cs?pid=45&rndcb=1309384522
https://sync.1rx.io/usersync/turn/7236770634091550292?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-951e435d-2f5c-49ef-868d-1d7000e2d565-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-951e435d-2f5c-49ef-868d-1d7000e2d565-00...
https://ads.servenobid.com/sync?pid=321&uid=RX-951e435d-2f5c-49ef-868d-1d7000e2d565-003&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D2%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-p...
https://ads.servenobid.com/getsync?jp=2&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%5Bssb_sync_pid%5D%26redire...
https://ads.servenobid.com/sync?pid=317&uid=4791195508558186247&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D3%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%25...
https://ads.servenobid.com/getsync?jp=3&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%...
https://ads.servenobid.com/sync?pid=353&uid=0000EEA&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D4%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253...
https://ads.servenobid.com/getsync?jp=4&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D%26redirect%3Dhttps%253A%25...
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D%26redirect%3Dhttps%253A%252...
https://ads.servenobid.com/sync?pid=310&uid=IJ5HARZHzjr_eOLpRjCVcbn2&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D5%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetu...

0
0

POST
H2 200 /
server.adform.net/csimpr/ Frame 2D17 35 B
625 B 39ms
39ms Ping
image/gif 37.157.6.232
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://server.adform.net/csimpr/?bn=71339599&csi=tF0a4G2G2rWURgfO-RUE1k-mE7vQAc4x0VrCn2yB-wjrygPkIxxfk_5i24c2XMZ1Bgvq4SES0e3H6NtWv9lkaN6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 14308870.js Show response
s1.adform.net/Banners/Elements/Files/2181979/14308870/main/ Frame 0476 172 KB
45 KB 61ms
61ms Script
application/x-javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2181979/14308870/main/14308870.js?ADFassetID=14308870&bv=259
Requested by: Host: sandstrike.io
URL: https://sandstrike.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: eae1d8c9a08f6f1361489fbe7fc68cb28d0b3f3f96d4863bb801f88504163f19

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:14 GMT
content-encoding: gzip
last-modified: Fri, 02 Feb 2024 15:18:19 GMT
server: nginx
x-amz-request-id: tx00000348f4432015005a9-0065c9a5d1-3296b091-default
etag: W/"f3b437bf5324ca6e56178a0b79a0e031"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 2EB9 0
917 B 43ms
43ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:14 GMT
an-x-request-uuid: 91af8a55-8a45-44a6-8cb5-f6c646e0d480
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.103; 80.255.7.103; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 0476 30 KB
14 KB 54ms
54ms Script
application/javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=631
Requested by: Host: sandstrike.io
URL: https://sandstrike.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:51:14 GMT
content-encoding: gzip
last-modified: Tue, 21 Nov 2023 08:14:37 GMT
server: nginx
x-amz-request-id: tx0000058444525f31fd01e-0065ba2322-32959ea8-default
etag: W/"d66b8df08256b7e89279e9f83d1d7c5e"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
server.adform.net/dco/recommendations/ Frame 0476 32 KB
8 KB 2894ms
2893ms Script
application/javascript 37.157.6.232
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://server.adform.net/dco/recommendations/?aid=2181979&tid=34509&tv=1&icid=6561553638381332164&eid=3215525&rotseqno=1&smid=0&dco=4&bnrid=62226803&intid=1015722471136189063&geo=38078,10528,276&bn=71339599&gcnt=100&pgsz=24&format=json&callback=adform_com_21ust4h338

Requested by

Host: sandstrike.io
URL: https://sandstrike.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1869927845335965da21dab8bac79e10799b279ccefa6b5154c465dee67c4942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

correlationid: cbd9cc19-fd10-49ad-8d64-a34cd47b38ee
date: Tue, 13 Feb 2024 11:51:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-origin: dcotar001prpitx
server: nginx
content-type: application/javascript;charset=utf-8
content-length: 7995

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D17 0
20 B 2465ms
2465ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5193974589822&version=m202401290101&ct=77&x=1&cor=3883745720432763000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 1207ms
1207ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HNP6484PF7&gtm=45je4270v9117836560za200&_p=1707825071096&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1786166092.1707825071&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1707825071&sct=1&seg=0&dl=https%3A%2F%2Fsandstrike.io%2F&dt=&en=scroll&epn.percent_scrolled=90&_et=4&tfd=5506
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HNP6484PF7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandstrike.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sandstrike.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
server.adform.net/serving/unload/ Frame 2D17 35 B
616 B 706ms
705ms Ping
image/gif 37.157.6.232
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://server.adform.net/serving/unload/?version=15&unload=6561553638381332164@@71339599,1015722471136189063,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|LuiNbc9bIAFcPlakbYq96Unvwha9djSwigYvlIkEmq8bj-0JxHN2L655XJEIBmke0|||11||0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 all
csm.eu.criteo.net/ Frame 4D1A 0
127 B 47ms
47ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 13 Feb 2024 11:51:20 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

OPTIONS
H2 200 /
config.uca.cloud.unity3d.com/ Frame 0
0 173ms
49ms Preflight
application/json 34.111.113.40

General

Check archive.org

Show headers Download Go to

Full URL: https://config.uca.cloud.unity3d.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.113.40 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.z-SNAPSHOT) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,unity-request-type
Access-Control-Request-Method: POST
Origin: https://sandstrike.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Cookie,Host,X-Forwarded-For,Accept-Charset,If-Modified-Since,Accept-Language,X-Forwarded-Port,Connection,X-Forwarded-Proto,User-Agent,Referer,Accept-Encoding,X-Requested-With,Authorization,Accept,Content-Type,content-type,unity-request-type
access-control-allow-methods: GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
access-control-allow-origin: *
access-control-max-age: 1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: application/json;charset=utf-8
date: Tue, 13 Feb 2024 11:51:21 GMT
server: Jetty(9.4.z-SNAPSHOT)
via: 1.1 google

POST
H2 200 / Show response
config.uca.cloud.unity3d.com/ 293 B
347 B 262ms
262ms Fetch
application/json 34.111.113.40

General

Check archive.org

Show headers Download Go to

Full URL: https://config.uca.cloud.unity3d.com/
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.113.40 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.z-SNAPSHOT) /
Resource Hash: 83b3f90c4edf1f122c8faf9784ca0aee4dd017c65493ac181c1814211703db96

Request headers

Unity-Request-Type: config
Accept: */*
Referer: https://sandstrike.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 13 Feb 2024 11:51:22 GMT
via: 1.1 google
server: Jetty(9.4.z-SNAPSHOT)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 293
content-type: application/json;charset=utf-8

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 0D9C
Redirect Chain

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3584624213607586227794

0
976 B

82ms
82ms

Image
text/plain

104.18.43.178

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3584624213607586227794
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1707825072954&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 11:51:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 854cdbf0386a266d-TXL
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3584624213607586227794
date: Tue, 13 Feb 2024 11:51:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

OPTIONS
H2 204 events
cdp.cloud.unity3d.com/v1/ Frame 0
0 277ms
153ms Preflight 34.107.172.168

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.cloud.unity3d.com/v1/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.172.168 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-continuous-request,x-data-block-id,x-data-retry-count,x-data-size-info,x-dispacher-states,x-event-count,x-expired-session-dropped,x-highest-priority-events,x-request-ts
Access-Control-Request-Method: POST
Origin: https://sandstrike.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, X-Continuous-Request, X-Data-Block-Id, X-Data-Retry-Count, X-Data-Size-Info, X-Dispacher-States, X-Event-Count, X-Expired-Session-Dropped, X-Highest-Priority-Events, X-Request-Ts
access-control-allow-methods: POST
access-control-allow-origin: https://sandstrike.io
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 13 Feb 2024 11:51:23 GMT
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via: 1.1 google

POST events
cdp.cloud.unity3d.com/v1/ 0
0

GET https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ Frame 0D9C 0
0

GET streams
api.twitch.tv/helix/ 0
0

OPTIONS streams
api.twitch.tv/helix/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: country.adinplay-venatus.workers.dev
URL: https://country.adinplay-venatus.workers.dev/

Domain: stats.adinplay.com
URL: https://stats.adinplay.com/collect

Domain: stats.adinplay.com
URL: https://stats.adinplay.com/collect

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/sync?pid=310&uid=IJ5HARZHzjr_eOLpRjCVcbn2&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D5%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID

Domain: cdp.cloud.unity3d.com
URL: https://cdp.cloud.unity3d.com/v1/events

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone

Domain: api.twitch.tv
URL: https://api.twitch.tv/helix/streams?game_id=1218555080

Domain: api.twitch.tv
URL: https://api.twitch.tv/helix/streams?game_id=1218555080

Verdicts & Comments Add Verdict or Comment

309 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sandstrike.io/	1970-01-21 03:59:45	Name: _ga Value: GA1.1.1786166092.1707825071
.sandstrike.io/	1970-01-21 03:59:45	Name: _ga_HNP6484PF7 Value: GS1.1.1707825071.1.0.1707825071.0.0.0
.sandstrike.io/	1970-01-20 18:25:11	Name: StatsSend Value: true
.paypal.com/	1970-01-20 18:28:04	Name: tsrce Value: smartcomponentnodeweb
.paypal.com/	1970-01-20 18:23:46	Name: l7_az Value: dcg16.slc
.paypal.com/	1970-01-21 03:59:45	Name: ts Value: vreXpYrS%3D1802519471%26vteXpYrS%3D1707826871%26vr%3Da24e86e318d0a551b08c4147f94e3bf6%26vt%3Da24e86e318d0a551b08c4147f94e3bf5%26vtyp%3Dnew
.paypal.com/	1970-01-21 03:59:45	Name: ts_c Value: vr%3Da24e86e318d0a551b08c4147f94e3bf6%26vt%3Da24e86e318d0a551b08c4147f94e3bf5
.adnxs.com/	1970-01-21 03:59:45	Name: receive-cookie-deprecation Value: 1
.the-ozone-project.com/	1970-01-20 18:23:46	Name: __cf_bm Value: 8yLcEosOEYrEFDqVuKSdLxfMWWr50RGWh4wikXxvs7Q-1707825072-1-AX64lHcZKZVAx0hucwCBsCaEJTS96ebdKIODLAxBGTB8Oz11Br0DikMVtFohAhS1JPae0ikRGbUvKiBQ3YX9Uqc=
.adnxs.com/	1970-01-20 20:33:21	Name: XANDR_PANID Value: Xdc9RREugGmKwteEbehS5JgVLVE-bQA9IxYuVZ9ISkf_05MtY3UxLx36DhE9YCH2repw2VvA0zgGQ_wgvONOjev_PH2DewPDGmv7cpI5nxo.
.adnxs.com/	1970-01-20 20:33:21	Name: icu Value: ChgIzYVEEAoYASABKAEwsK-trgY4AUABSAEQsK-trgYYAA..
.adnxs.com/	1970-01-20 20:33:21	Name: uuid2 Value: 8551454592764770510
.criteo.com/	1970-01-21 03:45:21	Name: uid Value: 43d44c36-ae21-4c0a-8d6b-f62f8694e455
.criteo.com/	1970-01-21 03:45:21	Name: receive-cookie-deprecation Value: 1
.rubiconproject.com/	1970-01-21 03:09:21	Name: khaos Value: LSKAYBXC-H-GXQ
.rubiconproject.com/	1970-01-21 03:09:21	Name: audit Value: 1\|hLZGFuTafB0HDX21rOIJegNb0fGVcfL/XWaA1sYWTLHiXIXbtn90w84g4KaKi9aMswnotfi803PPoSMs9nnRSCL5hAXvaZVp5BBVZHxJiD++xUA9sgf/4eNEKcfJxgEB
.openx.net/	1970-01-21 03:09:21	Name: i Value: 36ffe42f-a644-4e5a-a567-da6d93a7813b\|1707825073
.sandstrike.io/	1970-01-21 03:45:21	Name: cto_bundle Value: i8cT6F9ZJTJCTE1mYVNKdHJhMCUyRkRkNTRIdkhITUg2SiUyQlI2TEZURmk5RmNvdkNlVmVQSWZ6d3NzUjJoUnQxVlpmS1hsdWtqcFJyMGVLc21lVDAybjZLN0hDVlpiejhUMFZJT01WVExZOUZQTlVIR2wlMkZ3cm5FRWJ6bEViVGZDbXFQalJ3NEdlbHRnd1B3U0Nvb3BQVTB5MyUyQkZaMzlnJTNEJTNE
.the-ozone-project.com/	1970-01-20 20:33:21	Name: ozone_uid Value: 2cJM9AwOo7HilKXnCXTXhzKsJOD
.sandstrike.io/	1970-01-21 03:45:21	Name: __gads Value: ID=032a161c8c618b98:T=1707825073:RT=1707825073:S=ALNI_Mb9pxs_pJsRHqldTocQrugkI16_jg
.sandstrike.io/	1970-01-21 03:45:21	Name: __gpi Value: UID=00000d57b4514e15:T=1707825073:RT=1707825073:S=ALNI_MZRRpmb4oltpdmX1sTXTnr3MncNvQ
.sandstrike.io/	1970-01-20 22:42:57	Name: __eoi Value: ID=39ac98a00996f842:T=1707825073:RT=1707825073:S=AA-AfjauGBDYirzCxb7sibjzFxEt
.omnitagjs.com/	1970-01-20 19:06:57	Name: ayl_visitor Value: 58011ba967f2951ed762e61d31cfe842
.adform.net/	1970-01-20 19:05:30	Name: C Value: 1
.adform.net/	1970-01-20 19:50:05	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 03:45:21	Name: IDE Value: AHWqTUkW0QuUPt4Msrp1ENfwzMMFLOTZAje-vJqZW281GVVahMuDdpHs40yKvLd-
.csync.loopme.me/	1970-01-20 20:33:21	Name: viewer_token Value: 14674941-a5b9-433e-be71-3c1c1777a488
.doubleclick.net/	1970-01-20 22:42:57	Name: APC Value: AfxxVi6S59-JAPFlIT8mIcNRMm0o096TjL3FxEyGmdW64cnOHTWiGQ
.doubleclick.net/	1970-01-20 22:42:57	Name: receive-cookie-deprecation Value: 1
.the-ozone-project.com/	1970-01-20 20:33:21	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZHlvdWxpa2UiOnsidWlkIjoiNTgwMTFiYTk2N2YyOTUxZWQ3NjJlNjFkMzFjZmU4NDIiLCJleHBpcmVzIjoiMjAyNC0wMi0yN1QxMTo1MToxMy41NzI3MzM4MzNaIn0sImxvb3BtZSI6eyJ1aWQiOiIxNDY3NDk0MS1hNWI5LTQzM2UtYmU3MS0zYzFjMTc3N2E0ODgiLCJleHBpcmVzIjoiMjAyNC0wMi0yN1QxMTo1MToxMy43ODQzNTY3NTNaIn19LCJiZGF5IjoiMjAyNC0wMi0xM1QxMTo1MToxMy41NzI3MzA2NDRaIn0=
.casalemedia.com/	1970-01-21 03:09:21	Name: CMID Value: ZctXsVVbLIwAAAZsAD1yDAAA
.casalemedia.com/	1970-01-20 20:33:21	Name: CMPS Value: 3298
.casalemedia.com/	1970-01-20 20:33:21	Name: CMPRO Value: 3298
.adnxs.com/	1970-01-20 20:33:21	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In9mU<p'!]tbPl1M>e)ZlrFUfJ+tGXxpWOol-kANm#'Rf$Eq^A84o9%E)g^NE3RG^/ld3If)y3KL9D3I?+mWjict
.doubleclick.net/	1970-01-20 18:23:48	Name: DSID Value: NO_DATA
.adform.net/	1970-01-20 19:50:05	Name: uid Value: 6561553638381332164
.adform.net/	1970-01-20 18:33:49	Name: TPC Value: 1707825074059
.servenobid.com/	1970-01-20 18:33:49	Name: pid_312 Value: 8551454592764770510
.turn.com/	1970-01-20 22:42:57	Name: uid Value: 7236770634091550292
.1rx.io/	1970-01-21 03:09:21	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-951e435d-2f5c-49ef-868d-1d7000e2d565-003%22%7D
.targeting.unrulymedia.com/	1970-01-21 03:09:21	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-951e435d-2f5c-49ef-868d-1d7000e2d565-003%22%7D
.servenobid.com/	1970-01-20 18:33:49	Name: pid_321 Value: RX-951e435d-2f5c-49ef-868d-1d7000e2d565-003
.smartadserver.com/	1970-01-21 03:53:59	Name: pid Value: 4791195508558186247
.servenobid.com/	1970-01-20 18:33:49	Name: pid_317 Value: 4791195508558186247
.servenobid.com/	1970-01-20 18:33:49	Name: pid_353 Value: 0000EEA
.lijit.com/	1970-01-21 03:09:21	Name: ljt_reader Value: IJ5HARZHzjr_eOLpRjCVcbn2

206 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
rendering	warning	URL: https://sandstrike.io/Build/sandstrikeWeb.framework.js.br(Line 4294) Message: WebGL: this extension has very low support on mobile devices; do not rely on it for rendering effects: WEBGL_polygon_mode
other	warning	URL: https://sandstrike.io/Build/sandstrikeWeb.framework.js.br(Line 4294) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/Build/sandstrikeWeb.framework.js.br(Line 4294) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://sandstrike.io/Build/sandstrikeWeb.framework.js.br(Line 4294) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sandstrike.io/Build/sandstrikeWeb.framework.js.br(Line 4294) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

22ca39c341753da41170cbba4e7f61d7.safeframe.googlesyndication.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad2.360yield.com
ads.eu.criteo.com
ads.servenobid.com
api.adinplay.com
api.btloader.com
api.twitch.tv
bcp.crwdcntrl.net
btloader.com
cadmus.script.ac
cat.nl3.eu.criteo.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdp.cloud.unity3d.com
cm.g.doubleclick.net
code.jquery.com
config.uca.cloud.unity3d.com
country.adinplay-venatus.workers.dev
csm.eu.criteo.net
csync.loopme.me
dsum-sec.casalemedia.com
eb2.3lift.com
elb.the-ozone-project.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
i.clean.gg
ib.adnxs.com
id.twitch.tv
id5-sync.com
imasdk.googleapis.com
invstatic101.creativecdn.com
match.sharethrough.com
maxcdn.bootstrapcdn.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
s1.adform.net
sandstrike.io
script.4dex.io
securepubads.g.doubleclick.net
server.adform.net
static.cloudflareinsights.com
static.criteo.net
stats.adinplay.com
t.paypal.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
visitor.omnitagjs.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
x.bidswitch.net
ads.servenobid.com
api.twitch.tv
cdp.cloud.unity3d.com
country.adinplay-venatus.workers.dev
stats.adinplay.com
x.bidswitch.net
104.18.43.178
13.248.245.213
130.211.23.194
136.244.91.127
142.250.184.194
146.75.122.214
151.101.1.21
151.101.129.108
151.101.193.35
162.19.138.118
172.217.16.134
172.64.151.101
178.250.1.6
185.255.84.153
185.89.210.153
192.229.221.25
2001:4860:4802:34::36
2600:9000:225b:fa00:a:e047:753:eb41
2602:803:c004:200::140
2606:4700:10::6816:3456
2606:4700:10::ac43:293c
2606:4700:20::681a:2e8
2606:4700:20::681a:346
2606:4700:20::681a:9a9
2606:4700::6810:3965
2606:4700::6810:5914
2606:4700::6812:1791
2606:4700::6812:bcf
2a00:1450:4001:806::2001
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:813::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200a
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::c
2a04:4e42:600::649
34.102.146.192
34.107.172.168
34.111.113.40
34.120.107.143
34.95.69.49
34.96.70.87
34.98.64.218
35.157.7.115
35.214.240.36
35.82.244.1
37.157.2.250
37.157.6.232
51.38.120.206
52.30.159.215
54.73.193.1
65.9.66.97
69.173.144.165
95.101.149.233
03ffeb5fe80c55b010183e198bf57795fcebd6098082120338c06f74a225ae39
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
07f6b880cfa8dfe89bf94553045a063a4d0204282b27f793a6b9af1d084881c6
080a5fd4763f64da23867cafa2bd115d613a1fae8b1716b62823619a8dbe2c1f
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a7c5cebbb6d6eff010530c59b73e9e423125219661ff9bc5866c55cd17a5607
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c632093094f358d6061873ed3165adaf08d4efe0700f8ac2dc3f16ad6a27c78
1344f2cf7e2562ce1c954075dda071857f4ff0c6bb6d2022384883f24d3bd1e9
14e5fec87f3faa33091115ac3904a9375fffea7bdd47170309c039e66b4cd427
1869927845335965da21dab8bac79e10799b279ccefa6b5154c465dee67c4942
198ffed7c19328c7cac0314d98810b7aeebc61492c8db6b924d07ad0ef525c56
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
20059e1c2ca06c1c8f000ee561cfca12306d88c6f359290143f41642ab5cb5aa
2125b73ae211f46f82ee27eee87e5aa312c5bbf2aedca1b50b7d80f21fd3d5d2
229a0bbc756880fe1e956c4083206ad7140e276089c24e5ad9e750accf8c76b3
23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a
244f9013ff972cac8f03cdac206e08c733ba70140153ed7607ee424b58272341
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
265c8c4de2f2be094b466f168e9594feaed3af4882a74dce315bc9e32c83de33
26e1b509ca17a756db87864840e31a1a7caa2ce9164aa2fff2c61284c582c0c2
288fd8ba8cb04967d8ffdb274e8828d79fe679e6991ceff828f0f48e04f315db
293b7b977abe069f4647a89e2cf74431aea47a82009df91bd88aeba83294b211
309c794d20c6824c9c401713bc7ba07938e85509e557ddbc944f6fa17e7b7469
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33f7a986b50ecf8cbfaccf7d20f5e467dfc837e166f0417c4dca38a3a7f33384
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e172351681175a64b1e409719b4e5275cce06c8620547ce26fe08f6a669198e
3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
423a124b1aaf743a23e8a74bd3bf1cdaee25dc468cefdc42b9bf603c5bb692af
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4884db81949bb43c17f3d91ab3c8ff64cd0ebd87e1295fe4494d306d4624e392
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5138ca9a9d3fe712e1ecb5bc6c92f6738c615afdaa0e2cf592a4f207a76023cf
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
593206ec463cff494720b2a8f49ad2c6365566a771b4686043d29b6821739c7c
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
64fe912e348369463acc56270a3b8d85657ae5343451ec70f44fbb547069fabe
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
666c357c7b9d6ade3e04e62d72bcfa239decfcbf09fa8f1a4bc69d827353ea47
6b89e8c3bf6640b72625cc47b796bd54b157ca76ae28ae1e656792ede1278749
6ccfa761fdde0aed1c5ca988df26cd7080bf203b8e3b9116718e0b2ab94ae12c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f32f93515380f0f62e804d09cfca36d28d974383d0672ddb7a53ac03b52867a
70651252ddc3ae3cc902b7f374fb9037f0a27192fb31b66acbf5300441b45ad3
719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d
723ff0a73aada4fafaf792b4ff37ccaab12efe8810d9bcb6b58754673320fc9d
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
77ea9d68bc237e9b31a33b86363f03f888e27b8b318365bc44ee1f40b9960e33
7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f
7d0688fd145e7c89d19292c60a45a139e52b8f2294e487e0d5e60276366728e1
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80958b705988fc97f2179c7a83acfc7353d1145e50ffd2680bbe3e08254708c2
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b3f90c4edf1f122c8faf9784ca0aee4dd017c65493ac181c1814211703db96
8536ff71652fda866cd2d5fdf1b5e782f6c99ae3cdd3a21b8132f1dceb58a4a8
862da7a63ed8c7a0ff4fdfe2df7678c4739d6f49dc38eee1067b245553dc9119
8a48ae57338f5f79d7bed7a8a785a241ffc9de5c5b4eefeed82fa387356862f4
8b1976fe80c2d62438ff78bd757560555c15428672d295f4ae75f385e28ab687
8b940dc195538df257591ede3d20bcde53422c66ec9e7ba5e8be70cafbb4deae
8bd72ae140053fd03361a9dd5fc883638cd9b3bf821e979ba50387b10d926882
8c3eaebfc5ee5b77100159e7baa0b77efc9fcf8bbcc81ba475ce4297f2fa9702
8ebac2c15017f64ffd71d0b65ce358db3e1ec1169e884f97b55ee056b6e947d7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9379ab8f9ed37d88d8744c364bbbe2bc886b6f3ebc4a47496e7cc070c6b2b2dd
9ed022a558ba221bee9a5419986231129490cd8045565d54366252b2b42712a3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a17f82e2f40c1b341e663ae3e90679d3ed7c88afdd46738db8b893d9df5a2bb4
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b26460b45ee0a523d92b1236496a9039a8075be122b1bf87d16d21b798c4d473
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b53b852d31d9e53ef897317c5ba27a72bb2abce556fa62b20b0812edf8714253
bfddac8c6a215e01e9bd8a6bbcae49edf6d33029150bbdf52e4e55b32e92dba5
c1995011ccacd68d757799be7d348167e6233cc2a3abf8600ff588ed57f7f11e
c6b61f7d963f8656e91aa200ac35e08f2edd5539b0777068e5a6c050dcf973aa
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3ff84f01ed1bb9d794c2431bfa2398e04c37b386e8ace9b3c4a26f5e888dc40
d511dfbc16ad6350f93632e5490bedd6f7bd7893a5615f61b989ee2f843ebdf3
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da80171367ccb86206235641cfa5efc267725e1870f5cc5c2a777dc57c7d5ebe
dd93497bca2f2d75a9b2f2577d1475feaaa297485d5d3a7203e06f08e8f7683f
dde3adba90bd2ef4873b5adba3925b4f5e1ea982068f71f326e1cef077c9aeea
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47600adb7efdda2088c6e4010517f5742419ec2235bda27b5b92d0cf8aa1e11
e59b479cd72f5be6bd8254d28ad751c9080e3082544f6b614ce231d94429061d
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea5e83246f6639bb89d6ac5e7b5d5597d5d05eee7b5dcb7996fbffaf6297f3e0
eae1d8c9a08f6f1361489fbe7fc68cb28d0b3f3f96d4863bb801f88504163f19
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13234dabd5e0c1168d32682fd179b8e279d1f4a660afd642406d4ffd80bf772
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5d0d42501bc85f5f45f018d747151bba120204247dd1ae8fdd0a50ed78fa859
fa260bc65ec5b6c1b367bae744d1a39179c21726fd69b11c2e2482e3c39bd5c7
fa2e7c826a56d6955cc1e367a044dc0e1e86880cd6c8f38d7622d147cc105a5f
fc255c0307018264ea056bce47bbd901452d16a2c528512435e3c81ce41eb677
fe67ee7ad0d78b3d6de22c3a5f46825c8cc755ffb426995806b2aa48e431288c
ff10b7ed85e0ab8e5a77c795eb9e9a680f2d3d20eb4ca977c867bdf81e71d47e
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

sandstrike.io Open in urlscan Pro 136.244.91.127 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

177 Requests

90 %HTTPS

47 %IPv6

45 Domains

69 Subdomains

61 IPs

8 Countries

35644 kBTransfer

90736 kBSize

46 Cookies

0 Outgoing links

Page URL History

Redirected requests

177 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sandstrike.io Open in urlscan Pro
136.244.91.127 Public Scan

Screenshot
Live screenshot

Full Image

177
Requests

90 %
HTTPS

47 %
IPv6

45
Domains

69
Subdomains

61
IPs

8
Countries

35644 kB
Transfer

90736 kB
Size

46
Cookies

177 HTTP transactions
3 data transactions