gamdom.com Open in urlscan Pro
2606:4700:20::681a:904 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://vandaquad-essing.icu/913cd5d5-30b8-4e3c-82b6-7dbe4bab55e8
Effective URL:
https://gamdom.com/landing?aff=gambonus
Submission: On June 05 via manual (June 5th 2023, 3:01:07 pm UTC) from VN — Scanned from DE

Summary HTTP 166 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 55 IPs in 9 countries across 63 domains to perform 166 HTTP transactions. The main IP is 2606:4700:20::681a:904, located in United States and belongs to CLOUDFLARENET, US. The main domain is gamdom.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 21st 2023. Valid for: a year.

This is the only time gamdom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	18.195.123.247 18.195.123.247	16509 (AMAZON-02) (AMAZON-02)
1 38	2606:4700:20:... 2606:4700:20::681a:904	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:d63b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.51.65 108.138.51.65	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
1	2606:4700:303... 2606:4700:3034::6815:4a0a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
13	172.104.238.149 172.104.238.149	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2 15	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1 2	54.171.9.188 54.171.9.188	16509 (AMAZON-02) (AMAZON-02)
1	23.215.16.120 23.215.16.120	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	18.196.84.192 18.196.84.192	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.151 185.86.138.151	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	2.16.238.158 2.16.238.158	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	18.196.218.213 18.196.218.213	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.39 216.52.2.39	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 3	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
4 5	77.243.51.122 77.243.51.122	42697 (NETIC-AS) (NETIC-AS)
2 2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
5 5	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	52.57.150.20 52.57.150.20	16509 (AMAZON-02) (AMAZON-02)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	52.18.254.139 52.18.254.139	16509 (AMAZON-02) (AMAZON-02)
2	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.254.17.98 34.254.17.98	16509 (AMAZON-02) (AMAZON-02)
1	52.218.53.242 52.218.53.242	16509 (AMAZON-02) (AMAZON-02)
1 1	141.94.171.213 141.94.171.213	16276 (OVH) (OVH)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4 5	193.135.9.135 193.135.9.135	48314 (IP-PROJECTS) (IP-PROJECTS)
1 1	139.162.147.24 139.162.147.24	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	193.135.9.129 193.135.9.129	48314 (IP-PROJECTS) (IP-PROJECTS)
1	54.229.82.2 54.229.82.2	16509 (AMAZON-02) (AMAZON-02)
2 3	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	108.138.51.104 108.138.51.104	16509 (AMAZON-02) (AMAZON-02)
2 3	52.44.244.58 52.44.244.58	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.51.186.199 52.51.186.199	16509 (AMAZON-02) (AMAZON-02)
1 1	18.194.199.66 18.194.199.66	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.192.167 3.126.192.167	16509 (AMAZON-02) (AMAZON-02)
1	216.46.185.182 216.46.185.182	13649 (ASN-VINS) (ASN-VINS)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	2.18.161.51 2.18.161.51	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:26d... 2600:9000:26df:c00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
12	2a02:26f0:310... 2a02:26f0:3100::1735:282a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
11	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
5	139.162.183.107 139.162.183.107	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
166	55

1 18.195.123.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-123-247.eu-central-1.compute.amazonaws.com

vandaquad-essing.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2606:4700:20::681a:904 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gamdom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.51.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-51-65.waw51.r.cloudfront.net

cdn.seon.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:4a0a (United States)

ASN13335 (CLOUDFLARENET, US)

i18n.gamekingdom1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.104.238.149 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1814-149.members.linode.com

gamdom.ladesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 37.157.3.20 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)

server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.9.188 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-9-188.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.215.16.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-16-120.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.84.192 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-84-192.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.238.158 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-158.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.218.213 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-218-213.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 77.243.51.121 (Denmark) 3 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 77.243.51.122 (Denmark) 4 redirects

ASN42697 (NETIC-AS, DK)

se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.180 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.181.226 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Bad Durrheim, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.254.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-254-139.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.17.98 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-17-98.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.53.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.213 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.135.9.135 (Germany) 4 redirects

ASN48314 (IP-PROJECTS, DE)

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.147.24 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: tags2.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.135.9.129 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.82.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-82-2.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.212 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.51.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-51-104.waw51.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.44.244.58 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-244-58.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.186.199 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-186-199.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.199.66 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-199-66.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.192.167 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-192-167.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.46.185.182 (Littleton, United States)

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26df:c00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.161.21 (United States) 1 redirects

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:26f0:3100::1735:282a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

avatars.steamstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

www.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.162.183.107 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1500-107.members.linode.com

1-vbus-de.ladesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	gamdom.com 1 redirects gamdom.com	2 MB
18	ladesk.com gamdom.ladesk.com 1-vbus-de.ladesk.com — Cisco Umbrella Rank: 260461	296 KB
18	adform.net 2 redirects s2.adform.net — Cisco Umbrella Rank: 6353 track.adform.net — Cisco Umbrella Rank: 3574 c1.adform.net — Cisco Umbrella Rank: 598 dmp.adform.net — Cisco Umbrella Rank: 3099	43 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com	951 KB
12	steamstatic.com avatars.steamstatic.com — Cisco Umbrella Rank: 54439	15 KB
8	gravatar.com www.gravatar.com — Cisco Umbrella Rank: 3911	16 KB
8	semasio.net 7 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1259 se.semasio.net — Cisco Umbrella Rank: 22632	5 KB
7	recaptcha.net recaptcha.net — Cisco Umbrella Rank: 1641	60 KB
6	adsafety.net 5 redirects cm.adsafety.net — Cisco Umbrella Rank: 19886 tags.adsafety.net — Cisco Umbrella Rank: 90668	10 KB
6	doubleclick.net 5 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 111 cm.g.doubleclick.net — Cisco Umbrella Rank: 231	1 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 1866	21 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 239 secure.adnxs.com — Cisco Umbrella Rank: 446	4 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2137	2 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1523 load77.exelator.com — Cisco Umbrella Rank: 4037	2 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 485	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 12489	628 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 896	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 216	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 365	529 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 583	647 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1588	928 B
2	mathtag.com 2 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1111	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 340	858 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 315	488 B
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 2900	691 B
2	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 605 pixel.rubiconproject.com — Cisco Umbrella Rank: 362	453 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 648	850 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	239 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	114 KB
2	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3401	71 KB
1	e-volution.ai 1 redirects sync.e-volution.ai — Cisco Umbrella Rank: 3427	464 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 402	140 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 29345	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 764	242 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1314	163 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 429	1 KB
1	ib-ibi.com global.ib-ibi.com — Cisco Umbrella Rank: 2326	72 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 517	490 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 25998	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 690	472 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 634	337 B
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 29390	849 B
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3115	417 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 31753	407 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2329	273 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 844	265 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 419	98 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1123	344 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 978	311 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 611	719 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 595	163 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3956	400 B
1	google.de www.google.de — Cisco Umbrella Rank: 5230	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 3	408 B
1	seadform.net server.seadform.net — Cisco Umbrella Rank: 30801	466 B
1	gamekingdom1.com i18n.gamekingdom1.com	70 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	86 KB
1	seon.io cdn.seon.io — Cisco Umbrella Rank: 179638	26 KB
1	vandaquad-essing.icu vandaquad-essing.icu	960 B
0	1dmp.io Failed sync.1dmp.io Failed
0	cloudflareinsights.com Failed static.cloudflareinsights.com Failed
166	63

	Domain	Requested by
38	gamdom.com	1 redirects vandaquad-essing.icu gamdom.com
13	gamdom.ladesk.com	gamdom.com gamdom.ladesk.com
12	avatars.steamstatic.com	gamdom.com
12	c1.adform.net	2 redirects track.adform.net c1.adform.net
11	www.gstatic.com	recaptcha.net www.gstatic.com
8	www.gravatar.com	gamdom.com
7	recaptcha.net	gamdom.com www.gstatic.com recaptcha.net
5	1-vbus-de.ladesk.com	gamdom.ladesk.com 1-vbus-de.ladesk.com
5	cm.adsafety.net	4 redirects c1.adform.net
5	cm.g.doubleclick.net	5 redirects
5	se.semasio.net	4 redirects c1.adform.net
3	dmp.adform.net	c1.adform.net
3	a.audrte.com	2 redirects c1.adform.net
3	secure.adnxs.com	2 redirects c1.adform.net
3	uipglob.semasio.net	3 redirects
3	www.google-analytics.com	gamdom.com
2	fonts.gstatic.com	recaptcha.net
2	pixel.tapad.com	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	match.adsrvr.org	c1.adform.net
2	tags.bluekai.com	c1.adform.net
2	loadm.exelator.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	pixel.mathtag.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects c1.adform.net
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	track.adform.net	s2.adform.net
2	region1.google-analytics.com	www.googletagmanager.com
2	www.facebook.com	gamdom.com
2	connect.facebook.net	gamdom.com connect.facebook.net
2	cdn.onesignal.com	gamdom.com cdn.onesignal.com
1	pixel.rubiconproject.com	c1.adform.net
1	sync.e-volution.ai	1 redirects
1	eb2.3lift.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	global.ib-ibi.com	c1.adform.net
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	pixel.onaudience.com	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	sync.crwdcntrl.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	ib.adnxs.com	1 redirects
1	ce.lijit.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	www.google.de	gamdom.com
1	www.google.com	gamdom.com
1	server.seadform.net	gamdom.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	i18n.gamekingdom1.com	gamdom.com
1	s2.adform.net	gamdom.com
1	www.googletagmanager.com	gamdom.com
1	cdn.seon.io	gamdom.com
1	vandaquad-essing.icu
0	sync.1dmp.io Failed	c1.adform.net
0	static.cloudflareinsights.com Failed	gamdom.com
166	75

This site contains links to these domains. Also see Links.

Domain
licensing.gaming-curacao.com

Subject Issuer	Validity	Valid
vandaquad-essing.icu R3	`2023-05-12` - `2023-08-10`	3 months	crt.sh
gamdom.com Cloudflare Inc ECC CA-3	`2023-03-21` - `2024-03-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.seon.io Amazon RSA 2048 M01	`2023-02-21` - `2023-08-20`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-14` - `2023-06-12`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
gamekingdom1.com GTS CA 1P5	`2023-05-04` - `2023-08-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.ladesk.com R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-02-22` - `2024-01-18`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ib-ibi.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-21` - `2024-04-02`	a year	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M02	`2023-02-27` - `2023-09-20`	7 months	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
avatars.akamai.steamstatic.com R3	`2023-04-13` - `2023-07-12`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://gamdom.com/landing?aff=gambonus
Frame ID: 6A87B965576098EEF5B00E9F3D1581AE
Requests: 99 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Frame ID: 6D911C8B965E8D1EC7FAC5049422096F
Requests: 46 HTTP requests in this frame

Frame: https://gamdom.ladesk.com/scripts/generateWidget.php?v=5.39.6.36&t=1685976989&cwid=3m6a80pa&cwrt=C&cwt=chat&pt=Gamdom%3A%20The%20best%20casino%20portal%20for%20you%F0%9F%92%B0&ref=https%3A%2F%2Fgamdom.com%2Flanding%3Faff%3Dgambonus
Frame ID: D320ADA4BA751FE2373BF46F30D9282C
Requests: 4 HTTP requests in this frame

Frame: https://gamdom.ladesk.com/scripts/generateWidget.php?v=5.39.6.36&t=1685976989&cwid=3m6a80pa&cwrt=C&cwt=onlineform&pt=Gamdom%3A%20The%20best%20casino%20portal%20for%20you%F0%9F%92%B0&ref=https%3A%2F%2Fgamdom.com%2Flanding%3Faff%3Dgambonus
Frame ID: 5EF78D57BDBCFE151D9A53B8B2A7D9FA
Requests: 5 HTTP requests in this frame

Frame: https://1-vbus-de.ladesk.com/5_39_6_36/scripts/lib/bus.html?v=5.39.6.36
Frame ID: 4FB7E685A8265CE348170264AF96D620
Requests: 5 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfC6gwUAAAAACBACwg1szTLTt-QIoODkMpEEtOC&co=aHR0cHM6Ly9nYW1kb20uY29tOjQ0Mw..&hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&theme=light&size=normal&cb=uxetyeh4cban
Frame ID: E5EA120C76DFDBB245ABF47ACB942ED0
Requests: 8 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfC6gwUAAAAACBACwg1szTLTt-QIoODkMpEEtOC&co=aHR0cHM6Ly9nYW1kb20uY29tOjQ0Mw..&hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&theme=light&size=normal&cb=8u2wk147ln5w
Frame ID: 97818FCCF160C631D604D316C9EEF453
Requests: 8 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LfC6gwUAAAAACBACwg1szTLTt-QIoODkMpEEtOC
Frame ID: 9533FF7473B84F044BB3E98CCFB5AD2E
Requests: 3 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LfC6gwUAAAAACBACwg1szTLTt-QIoODkMpEEtOC
Frame ID: 842E83D1AE80C21AE58B17FEB65A8A15
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gamdom: The best casino portal for you💰

Page URL History Show full URLs

https://vandaquad-essing.icu/913cd5d5-30b8-4e3c-82b6-7dbe4bab55e8 Page URL
https://gamdom.com/r/gambonus HTTP 301
https://gamdom.com/landing?aff=gambonus Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

166
Requests

85 %
HTTPS

25 %
IPv6

63
Domains

75
Subdomains

55
IPs

9
Countries

3501 kB
Transfer

9260 kB
Size

84
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://licensing.gaming-curacao.com/validator/?lh=bb390de0015095aeb8b85462bb9a7480

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://vandaquad-essing.icu/913cd5d5-30b8-4e3c-82b6-7dbe4bab55e8 Page URL
https://gamdom.com/r/gambonus HTTP 301
https://gamdom.com/landing?aff=gambonus Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=4053075202590399395&Expiration=1687186862 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=4053075202590399395&Expiration=1687186862

Request Chain 67

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=4053075202590399395&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=4053075202590399395&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=3da41c7921944e50ba225e420a914228 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=ab6994c0d88a59501fb3ff3af5e5361484d8a959ef7a12d645a8139557382ffc

Request Chain 69

https://ups.analytics.yahoo.com/ups/55944/sync?uid=4053075202590399395&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=4053075202590399395&_origin=1&verify=true

Request Chain 71

https://x.bidswitch.net/sync?dsp_id=70&user_id=4053075202590399395 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=4053075202590399395 HTTP 302
https://ce.lijit.com/merge?pid=26&3pid=cfde37e4-2521-4698-9436-d37f27eca760&gdpr=&gdpr_consent=

Request Chain 72

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4053075202590399395&expiration=1687186862 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4053075202590399395&expiration=1687186862&C=1

Request Chain 73

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=4053075202590399395&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=4053075202590399395&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=4053075202590399395&gdpr=&sInitiator=external HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal HTTP 302
https://se.semasio.net/sync/1/14876172?sExtCookieId=a915647d-f8af-4b00-816d-c156bc2803ae&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=97745794322382554&sInitiator=internal&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=QkUyRERDNkM3NzhDREI2Qg&gdpr= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESELY-IfqJnXhkp1VwSfpgq4o&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESELY-IfqJnXhkp1VwSfpgq4o&sInitiator=internal&google_cver=1&gdpr= HTTP 302
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/647471?sExtCookieId=7241217202109085843&sInitiator=internal&gdpr=

Request Chain 75

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=4053075202590399395 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=4053075202590399395&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 80

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 81

https://pixel.onaudience.com/?mapped=4053075202590399395&partner=68 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

Request Chain 82

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=4053075202590399395 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM12023060515b1d2e50440f74f285e6&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&gdpr=0&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=d451c96dd89e4c2cd1488ce3a67f582d HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12023060515b1d2e50440f74f285e6&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=d451c96dd89e4c2cd1488ce3a67f582d&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzA2MDUxNWIxZDJlNTA0NDBmNzRmMjg1ZTY&gdpr_consent=&gdpr=0 HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEI-GlhAXESyyQDuRg1oZI-M&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12023060515b1d2e50440f74f285e6 HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=4053075202590399395

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NDA1MzA3NTIwMjU5MDM5OTM5NQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=NDA1MzA3NTIwMjU5MDM5OTM5NQ&google_tc= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHeD__v82s12gmey71L2XRc&google_cver=1&google_ula=1641347,0

Request Chain 85

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=97745794322382554&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=4053075202590399395

Request Chain 89

https://a.audrte.com/a?adform_uid=4053075202590399395 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YzU5S1NoWS1VS3dTSFNFVFhZaVhOa3dyUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 90

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=4053075202590399395&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=4053075202590399395&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=31393523061328647890286840279974433523&noredirect=1

Request Chain 91

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=4053075202590399395 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216753104538003684699

Request Chain 92

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7241217202109085843

Request Chain 94

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=2346647d-f8ae-4d00-9800-9fb82dc9abe7

Request Chain 95

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=KlmGDjhY1Q6bHE5

Request Chain 99

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=803680300 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=R.uxdNkncsqc9VmCVCB5de

Request Chain 103

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=4053075202590399395&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=4053075202590399395&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=6f7bb70a-7040-4fa4-9f98-05f9eabfa4ed

Request Chain 106

https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=4053075202590399395 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

166 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 913cd5d5-30b8-4e3c-82b6-7dbe4bab55e8
vandaquad-essing.icu/ 396 B
960 B 490ms
9ms Document
text/html 18.195.123.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vandaquad-essing.icu/913cd5d5-30b8-4e3c-82b6-7dbe4bab55e8?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 396
content-type: text/html;charset=UTF-8
date: Mon, 05 Jun 2023 15:01:00 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx

GET
H2

200

Primary Request landing Show response
gamdom.com/
Redirect Chain

https://gamdom.com/r/gambonus
https://gamdom.com/landing?aff=gambonus

5 KB
3 KB

91ms
91ms

Document
text/html

2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/landing?aff=gambonus

Requested by

Host: vandaquad-essing.icu
URL: https://vandaquad-essing.icu/913cd5d5-30b8-4e3c-82b6-7dbe4bab55e8?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9419c81229c834c1fd5e5b2f1c3f19fa890120087ec9b3553b79afd9d7d94401

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.faucetcrypto.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://cdn.onesignal.com https://onesignal.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googleadservices.com https://recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://hcaptcha.com/ https://newassets.hcaptcha.com/ https://.doubleclick.net https://connect.facebook.net https://cdn.seon.io https://mc.yandex.ru/metrika/ http://bat.bing.com/bat.js https://bat.bing.com/p/ https://mc.yandex.ru/metrika/ https://apis.google.com https://s2.adform.net/ https://track.adform.net/ https://.ladesk.com https://t.gamdom.com https://js-agent.newrelic.com https://.newrelic.com https://.nr-assets.net https://.nr-ext.net https://*.nr-data.net
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://vandaquad-essing.icu/913cd5d5-30b8-4e3c-82b6-7dbe4bab55e8?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=300
cf-cache-status: BYPASS
cf-ray: 7d2949d999621c2e-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self' https://*.faucetcrypto.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://cdn.onesignal.com https://onesignal.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googleadservices.com https://recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://hcaptcha.com/ https://newassets.hcaptcha.com/ https://*.doubleclick.net https://connect.facebook.net https://cdn.seon.io https://mc.yandex.ru/metrika/ http://bat.bing.com/bat.js https://bat.bing.com/p/ https://mc.yandex.ru/metrika/ https://apis.google.com https://s2.adform.net/ https://track.adform.net/ https://*.ladesk.com https://t.gamdom.com https://js-agent.newrelic.com https://*.newrelic.com https://*.nr-assets.net https://*.nr-ext.net https://*.nr-data.net
content-type: text/html; charset=utf-8
date: Mon, 05 Jun 2023 15:01:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmmoWFRK%2BHqlSEZh5Bix0qSX%2BHhbEv%2B96gST%2FIH7CBCzHc%2Fcrq8cepREadDKBPDg14Kupig5SZayEdwaaKqpJiQyWOr1oVa2zgBty0cCAa%2FUEt%2FD0V69%2Ff2g0f6ZGwC7F8stXVTRlAo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000
vary: Accept, Accept-Encoding, Cookie
x-content-type-options: nosniff

Redirect headers

cf-cache-status: EXPIRED
cf-ray: 7d2949d918a91c2e-FRA
content-type: text/html; charset=utf-8
date: Mon, 05 Jun 2023 15:01:01 GMT
location: /landing?aff=gambonus
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FBdMLyQsk709Gf0VKLwImnNeX88AFlW9pNsz%2B1PTuyyHK0sqXIYZ3cyaOd%2BsHrX2p1dT9c2f90PlrWO%2F2oHUYXQlU2%2BtgMLB8N9eucfcCJBPUfaxbgq6CCie26zR3RDjT9tiOQqeZs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000
vary: Accept, Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 61ms
29ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 373
etag: W/"06f50014011c1fcd9e21b6b0481979de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7d2949da6a5e9207-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Thu, 08 Jun 2023 15:01:01 GMT

GET
H2 200 client.b4ee4ee2023076c30af2.css
gamdom.com/build/ 512 KB
109 KB 39ms
39ms Stylesheet
text/css 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/client.b4ee4ee2023076c30af2.css

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f87f3a6288bd7c1114057eaf64eb5dd8038f82c3cfd03370b52a40dc655d9257

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/landing?aff=gambonus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277569
cf-polished: origSize=603610
content-encoding: br
cf-bgj: minify
last-modified: Fri, 19 May 2023 09:54:03 GMT
server: cloudflare
etag: W/"935da-188336e40f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgWkWHepyMR9qPsAl9Fv9VMoDJ44Kufi3KxJ0XmvSXwe9rd%2FPEipZrr9Y20lm63L2%2FvbSwZOh%2BuYMxpFLBhM5zsgi0gTgMy56UMk3V7KGdKwU0jXoHsS%2FlhCSXYifKmoJyeHIJ5rrAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=1209600
cf-ray: 7d2949da3a4d1c2e-FRA

GET
H2 200 agent.js Show response
cdn.seon.io/v3.0/js/ 86 KB
26 KB 420ms
29ms Script
application/javascript 108.138.51.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.seon.io/v3.0/js/agent.js
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.51.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-51-65.waw51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b42bdda4f9a6473258d8f8fc5713b0095642ee1788890f184bb86064a7bd2edd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: AC8JtPfrM_pwR7YbFYn4v7GWEe_KkuyG
content-encoding: gzip
via: 1.1 a8d99ef797d085739f567e661bc20536.cloudfront.net (CloudFront)
date: Sun, 04 Jun 2023 17:08:38 GMT
last-modified: Wed, 11 Dec 2019 08:34:51 GMT
server: AmazonS3
x-amz-cf-pop: WAW51-P2
age: 78744
etag: W/"d4a1cebed2d9e45a5e946af929efcf3f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: H-RWTtv_39yPjY0S0VAqJiexPtCpTrUk0M2_zfLgnl65teyhTcnUGQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Jun 2023 14:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1534
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 05 Jun 2023 16:35:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
86 KB 71ms
40ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RS5ERP3G6V

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98f2a51345d36d523d8d2846323592ce69f6e12b58dbf6799621a38f42508a51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87857
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 05 Jun 2023 15:01:01 GMT

GET
H2 200 client.acb40017a2a8121d05b7.js Show response
gamdom.com/build/ 3 MB
785 KB 31ms
31ms Script
application/javascript 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/client.acb40017a2a8121d05b7.js

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdbb0f64c0c5216e450e15cb878fbe4e25d3432e49756fa8d22c5e37b0118465

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/landing?aff=gambonus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 02 Jun 2023 19:02:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 244626
etag: W/"2aafbe-1887d7d66c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1uPCmVrzNIn8MXG55kxactlxD1IaWHip7CfBms%2FLh3dSh7zsLffzeDPWdJSJuIBiWg%2BwjApeToiBWUAw9SQ4y7dsuJT1k%2B%2Fgw9nvplRmlEOxfG%2Bza%2BFBHrE3phBBspGIIPBQmtepGiI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: public, max-age=1209600
cf-ray: 7d2949da3a4e1c2e-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0caf64bbe8954fe9c2166955ec4e1842b2f0780fb0cbb76ed7d60ea0dc59dddd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 05 Jun 2023 15:01:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27549
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: hRb+PfqXYGdCC/S8uxs6tp+/AL9qZLn09yO1zGmMMwpTjkLTZvWD/5sAMOjLsxc1w057spYZM3NLTKq+QpDpjw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
31 KB 413ms
24ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000007146e0b4837b0e1c-00646c8ee1-3295d04c-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 31ms
29ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 373
etag: W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7d2949dabaa89207-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Thu, 08 Jun 2023 15:01:01 GMT

GET
H2 200 gamdom.mov
gamdom.com/video/ 81 KB
82 KB 20ms
20ms Media
video/quicktime 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/video/gamdom.mov

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c8acf4fc00029b86ace39653251217ba6624b8532d7e4d259307101381ba9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamdom.com/landing?aff=gambonus
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 20:46:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 433897
etag: W/"1446a-187585235e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1HEL6ZCdY7zKVjagNXLbe5VMBzqT7RQC43QugaJkH3qg5ZBvGj8FGYc1%2Fo6w7sqfzlMpRhZwqyDNMRhhMCLZRji94klFPOZLsX0aTMJh3aKnS6MFR28I7EbP8IKmGWQ2bseKpGevt0%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/quicktime
cache-control: public, max-age=1209600
cf-ray: 7d2949dabafc1c2e-FRA

GET
H2 200 1353583058397595 Show response
connect.facebook.net/signals/config/ 301 KB
86 KB 12ms
11ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1353583058397595?v=2.9.106&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

971baba73ac5f1a603656192da830dd079e4709703b3f87112abac56efadb41c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 05 Jun 2023 15:01:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88076
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: tkO89w8P4iY21UjXGG4liCRr8JKyVzMF27XZYrHFMlfAz0kvXtt8v1CHvTeSwNNVoaoOoHhPjnfpNRz7EylWtQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 softblock-details Show response
gamdom.com/user/ 62 B
441 B 39ms
39ms Fetch
application/json 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/user/softblock-details

Requested by

Host: gamdom.com
URL: https://gamdom.com/build/client.acb40017a2a8121d05b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3a7e4e82abb960904e70822100795cc6e096974d2d6fe59852f279c1a7d2c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamdom.com/landing?aff=gambonus
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"3e-Rzfde6kxjWOe515z4dOhwUk4V3Y"
vary: Accept, Accept-Encoding, Cookie
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svF%2FnwiDHsO8QOaMiYlBVGNLJnvodzddZZKTNrDCnsYi%2FyD2VxD29mqOke%2FMqUO4iyGZzfj%2BCmRZsAZtQLTT%2BgkJNJxiAfi6VLYOLlN9lB3tFU2acW6lefp%2FOeMP69QfALE9%2FSdODS4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: public, max-age=60
cf-ray: 7d2949db8bf21c2e-FRA

GET
H2 200 translations Show response
i18n.gamekingdom1.com/orgs/gamdom/projects/main/versions/master-1/ 303 KB
70 KB 254ms
97ms Fetch
application/json 2606:4700:3034::6815:4a0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i18n.gamekingdom1.com/orgs/gamdom/projects/main/versions/master-1/translations?lang=en-us,en

Requested by

Host: gamdom.com
URL: https://gamdom.com/build/client.acb40017a2a8121d05b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4a0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd5b8d3e61bf672372750e4da62ba0d8f761d25a0c3fe845d2d99d1f9ecf7b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-upstream-response-time: -
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSH6Y3MNvIXIo0ZMIqZu2hNcuzHZEyFzFuHEG9n0XtDWLTXv2F0BPKJLcz%2Fu7aegQ4JaNSib7jxMOOJ6Fp27U3nztKHJgVV4%2BImaIVo%2FCOFlWD5cIP0gdkZwgECngi3X%2FXb3ZJNB7145TJmsmtlPahgufw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=100,stale-if-error=2592000,stale-while-revalidate=2592000
cf-ray: 7d2949dd1eec35fc-FRA
alt-svc: h3=":443"; ma=86400
x-upstream-gd-cache-status: STALE

GET
H2 200 MentionSound.fc6b07946b9e928ef2dc.mp3
gamdom.com/build/ 9 KB
10 KB 30ms
30ms Media
audio/mpeg 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/MentionSound.fc6b07946b9e928ef2dc.mp3

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96d3227925387d34e764a4dafc7b464d0ddfef3761c36b36f58653b43fe65154

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamdom.com/landing?aff=gambonus
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 22 Sep 2021 12:12:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 523675
etag: W/"25f8-17c0d6bee58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fs0YEMrZ3SEw68Rf%2BHEVyxZ8%2BpclIvr0UKfMlZS6zZqYCH1Ee5lETGBisnjgpSt5fNxz13aF0Jv%2B%2Fz56X2FwkNOMCx7ej9QcTdlMopda4%2B3xqOElZViwb%2FOeembAqhcjiURc2DBwNPw%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=1209600
cf-ray: 7d2949dc7d3f1c2e-FRA

GET
H2 200 Notification.5e641932af0932532410.mp3
gamdom.com/build/ 11 KB
11 KB 32ms
32ms Media
audio/mpeg 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/Notification.5e641932af0932532410.mp3

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19efed7fb4843ff96f4b08a18838d9ce278061ce905d7ceb1d9a8aea0c50ff57

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamdom.com/landing?aff=gambonus
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 13 Jan 2023 13:15:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 500994
etag: W/"2b68-185ab4515a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Egqoq%2FQIiyoTj2%2FhiybTlZ0dWan7Fm1aD9a8kVFBIMyQSgkizyP5Sil04NKol1QZzzCNZFBL1nqrE%2BvZjaQGMRhQyMee%2BnkJIJoWwCB3nWhBErPnrseB9VlWxWzVFrs7Sii2dvl5Rrc%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=1209600
cf-ray: 7d2949dc7d411c2e-FRA

GET
H2 200 RewardClaim_instant.d161755217b8ed987e3d.mp3
gamdom.com/build/ 24 KB
24 KB 21ms
21ms Media
audio/mpeg 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/RewardClaim_instant.d161755217b8ed987e3d.mp3

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfaf9cf86536eb18a5c251c902a389d83857717973051fd5cbd7821923aacf3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamdom.com/landing?aff=gambonus
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 13 Jan 2023 13:15:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 500994
etag: W/"6060-185ab4515a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fk2iP%2B9gzy%2BD1qU7Kx3ilWjAyQ%2BJj7q9qRDHq62YjN77XOANM7abhNsHFNRISHrEzeJZc2YvYW5U4erQS6kqbsSfIo2IQBfXF9Jjwn9kQXZnJxg%2B%2B0fLTuGw8kT7swdQ202%2FF0mmm8g%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=1209600
cf-ray: 7d2949dc7d431c2e-FRA

GET
H2 200 RewardClaim_weekly.ad428c78cd409f15900a.mp3
gamdom.com/build/ 36 KB
37 KB 19ms
19ms Media
audio/mpeg 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/RewardClaim_weekly.ad428c78cd409f15900a.mp3

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2f14911f89e0bb8051e78d0a1e50ea0d3297f663b7a0b29b52e536b6e062c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamdom.com/landing?aff=gambonus
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 13 Jan 2023 13:15:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 501019
etag: W/"9108-185ab4515a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccqDKWvF9AajVc80xJLU6CYAQsrCexT6%2FMOHco9XMtFK9c699fFlh%2FNVbTnNyV2TN87ENKZ9m%2F6vTAHA1FVowszR2OfgalWOrtw7Nm7irzb94Z6MjaCMsvL6JBB%2BXv9sBaVoudVlrik%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=1209600
cf-ray: 7d2949dc7d441c2e-FRA

GET
H2 200 RewardClaim_monthly.3348e7d046025cfd6d23.mp3
gamdom.com/build/ 53 KB
53 KB 30ms
30ms Media
audio/mpeg 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/RewardClaim_monthly.3348e7d046025cfd6d23.mp3

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ed2654263b00cdd829f25679dd0b8525ee73339ea8957efcea2f17544745f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamdom.com/landing?aff=gambonus
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 13 Jan 2023 13:15:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 500994
etag: W/"d2d8-185ab4515a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJ3zm9D9QtmLljlLaeu72swFrOzh%2BV7aTwkcSI213h%2BnXoN60kcNwwQePf3qCqJC6%2BscGzbSeyFk9u2NttMOAn1k2%2Fh05rzlwIgwyLo5UF1fNY%2F3g5eTVhxXi9Q5RT0Ar7XOXpXQ4lY%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=1209600
cf-ray: 7d2949dc7d461c2e-FRA

GET
H2 200 DailySurprise_Spin.e14fc9a07c2a232f2595.mp3
gamdom.com/build/ 37 KB
38 KB 30ms
29ms Media
audio/mpeg 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/DailySurprise_Spin.e14fc9a07c2a232f2595.mp3

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad3236d5d8cf39e8df758ecf8dc427e28362d37b7ef34ec4b16f68f805d6743e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamdom.com/landing?aff=gambonus
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 13 Jan 2023 13:15:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 500994
etag: W/"94e0-185ab4515a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFjvJNgA6dMMDiOuluJ21YlpgLHFrojaWCiNPrOofaS%2BTGLKMLcEukP3m243qn%2FfaO6A8nEQU5ssgrRGVvBZ3t1VEoP54RcC1jGRXvHRfKCAKog%2BJ3vZsdepBoTszM3JcTUsZ%2FvxMBw%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=1209600
cf-ray: 7d2949dc7d471c2e-FRA

GET
H2 200 DailySurprise_Win.d67ce5224d58f72fd54b.mp3
gamdom.com/build/ 36 KB
37 KB 31ms
31ms Media
audio/mpeg 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/DailySurprise_Win.d67ce5224d58f72fd54b.mp3

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8699c20b7ad19bfbcb8f160d6c89660364e4709f5e7aade572baffee90035749

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamdom.com/landing?aff=gambonus
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 13 Jan 2023 13:15:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 500994
etag: W/"9120-185ab4515a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFq9w6vCf%2BqAyfal%2BEC0YcH93RNy4ch6lS1kYCnAMZNJWXeVc6B5B2hZ3CAW1P1%2BLBFZFxUmOnfybFxaloR%2FpcEEPINz9QQPR2OcEVwXcRDUZcjwjRgI4wAT9U%2BnBs82njua28Fh4UY%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=1209600
cf-ray: 7d2949dc7d4a1c2e-FRA

GET
H2 200 DailySurpise_Result.5432b345343158a7c33a.mp3
gamdom.com/build/ 21 KB
21 KB 22ms
22ms Media
audio/mpeg 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/DailySurpise_Result.5432b345343158a7c33a.mp3

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e722cd82c235daac3e5ebcfb142a12ecfdf0c18a447a57bdbada2b20c36986b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamdom.com/landing?aff=gambonus
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 13 Jan 2023 13:15:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 500994
etag: W/"5430-185ab4515a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brgM0%2F%2Fzo4xw69xZdJXyHAC67Qw%2Fui9JdxeLZR46CuGzBVcrJuVJlRMVrMx%2FXftEyFz0k2qqUlAV%2BqRmASgDCV5HZWlVv%2BTnqqNphQkGKVXO%2BGafqJcjzjl9EOyYNXQg0IMEr4IMVs8%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=1209600
cf-ray: 7d2949dc7d4b1c2e-FRA

GET
H2 200 trade_found_tick.a991d44ed9cebb3083ab.mp3
gamdom.com/build/ 20 KB
21 KB 21ms
21ms Media
audio/mpeg 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/trade_found_tick.a991d44ed9cebb3083ab.mp3

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea8091f1b4d78f9f776df4d465c763a4a8ca335c398c13125cd062fb53f42afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamdom.com/landing?aff=gambonus
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 22 Sep 2021 12:12:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 35131
etag: W/"50b8-17c0d6bee5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBTjkM2jvlIlossgw6paZSapmX5G%2FtcXqbP2%2BEnNvMDykVFyRDhVjmU%2B%2F1l5itEHqv1c77RAY11TfhS9HIXQqDyNlHLq%2F%2BXMuMO4acBSn49m%2BFAPg4OJxrw%2By2r0VZHkbovG9ehisqU%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=1209600
cf-ray: 7d2949dc7d4c1c2e-FRA

GET
H2 200 trade_found.134bb5abb6f47c8dabc9.mp3
gamdom.com/build/ 9 KB
10 KB 31ms
31ms Media
audio/mpeg 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/trade_found.134bb5abb6f47c8dabc9.mp3

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21c1a9743d7290fe17ac1abf7dc8b5892c6e3e18f8856971d6780787bad23356

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamdom.com/landing?aff=gambonus
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 22 Sep 2021 12:12:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1142612
etag: W/"25d8-17c0d6bee5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaXqIf52d%2F%2Bj8FKMKveor8jWnwucywbG6Y3hoNTw8LBsz%2FoVjp7ouVv0NM1VOKAhgY4P95i95jPWY7IvqZTg1Cs0Bs6WrtS1MjugT7A7aQcvjGtC%2FHG5fxHDQDBb34Wv0bgWdCJDT9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=1209600
cf-ray: 7d2949dc8d4d1c2e-FRA

GET v52afc6f149f6479b8c77fa569edb01181681764108816
static.cloudflareinsights.com/beacon.min.js/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 71ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1353583058397595&ev=PageView&dl=https%3A%2F%2Fgamdom.com%2Flanding%3Faff%3Dgambonus&rl=&if=false&ts=1685977261550&sw=1600&sh=1200&v=2.9.106&r=stable&ec=0&o=30&fbp=fb.1.1685977261549.2137978100&it=1685977261264&coo=false&rqm=GET

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 05 Jun 2023 15:01:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 48ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RS5ERP3G6V&gtm=45je35v0&_p=2062854858&cid=238029606.1685977261&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685977261&sct=1&seg=0&dl=https%3A%2F%2Fgamdom.com%2Flanding%3Faff%3Dgambonus&dt=Gamdom%3A%20The%20best%20casino%20portal%20for%20you%F0%9F%92%B0&en=page_view&_fv=2&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RS5ERP3G6V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gamdom.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 684 B
973 B 108ms
24ms Script
text/javascript 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=2868116&ADFPageName=Gamdom_All_Pages&ADFdivider=%7C&ord=616131343416&ADFtpmode=2&loc=https%3A%2F%2Fgamdom.com%2Flanding%3Faff%3Dgambonus&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

de5e3543671db290f8fecc89bbdd7642151749d9023bec42c95d4b65ea0f74fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 457
expires: -1

GET
H2 200 7482.0d355129ab21f8eb7a4b.js Show response
gamdom.com/build/ 312 KB
82 KB 29ms
28ms Script
application/javascript 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/7482.0d355129ab21f8eb7a4b.js

Requested by

Host: gamdom.com
URL: https://gamdom.com/build/client.acb40017a2a8121d05b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a4cbee85386ff502c3c74da86651786678b71421ca9ce839bcbba2b746e9363

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/landing?aff=gambonus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 09:54:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 277569
etag: W/"4e1aa-188336e40ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0TRADbYT1Cnfu3%2B2glC9IFXqN1JTr%2BL0f2g5iqOqqvn2qzPOM8rP%2B3cH1%2Fckhsvcj9eq5im5GLpdCyuO6YLmOjBrqXJuhk6lLDQXPJNgDD%2BOS4biY324l8Ir3tF3d0kz9khYQYQ3ag%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: public, max-age=1209600
cf-ray: 7d2949de2f641c2e-FRA

GET
H2 200 bundle-landing.818d6aa3def32658826d.js Show response
gamdom.com/build/ 41 KB
14 KB 22ms
22ms Script
application/javascript 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/bundle-landing.818d6aa3def32658826d.js

Requested by

Host: gamdom.com
URL: https://gamdom.com/build/client.acb40017a2a8121d05b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6073bcaefa43a81b6d7a832d480b7673ba0f38dd5c80eddd1278416df8da4937

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/landing?aff=gambonus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 25 May 2023 09:28:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 969751
etag: W/"a3ce-188523cdcc4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OO7RpyqJd%2F0QhaP6PxKPw4tEnvn4ay2JxLBWH28zYV2cW3a77GxkJKYkp2nlc4MkkeSrBbD%2F3m1Ze176ssvrGPLclM3jDuT697zdsGMgMnARyl8M4MqmT3QsrCFGHT86Uk520C9RIxU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: public, max-age=1209600
cf-ray: 7d2949de2f661c2e-FRA

GET
H2 200 3290.0c5c67bf9e3b64f89609.js Show response
gamdom.com/build/ 23 KB
7 KB 18ms
18ms Script
application/javascript 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/3290.0c5c67bf9e3b64f89609.js

Requested by

Host: gamdom.com
URL: https://gamdom.com/build/client.acb40017a2a8121d05b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05cbe53ba88d5cef4a6f68b019773af1e55ce6ac10673ee1bc130491348bbe41

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/landing?aff=gambonus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 09:54:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 277569
etag: W/"5c45-188336e40e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXLbgvjJfpMxxK37%2F86Vn0Vpl7ddTKA%2F8kYeMF%2FRWEEos806W2mYe3JAF6GIyD2Ps8%2BrX9sXcgYRIIDsKlYWgxwzvCZcm8PFtSfouJB5u1lnFVdJKT0KBENT6oTNDmNr12WyMe%2F5kCo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: public, max-age=1209600
cf-ray: 7d2949de2f681c2e-FRA

GET
H2 200 bundle-chat.b9170410e18f350ddcd0.css
gamdom.com/build/ 7 KB
2 KB 19ms
19ms Stylesheet
text/css 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/bundle-chat.b9170410e18f350ddcd0.css

Requested by

Host: gamdom.com
URL: https://gamdom.com/build/client.acb40017a2a8121d05b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f1ae647bff124aa7c070eb8e5df1ce89e23eb8ce75d7e4d09f91468735e85fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/landing?aff=gambonus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 519848
cf-polished: origSize=9275
content-encoding: br
cf-bgj: minify
last-modified: Wed, 22 Sep 2021 12:12:29 GMT
server: cloudflare
etag: W/"243b-17c0d6bee70"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BJjCXu4Sfl7r1Lu5ZeHR7G6iCNh9qyhP7ACuEhRsHugUn8wtt5mdWzN%2FT%2FR1RQsWDNcGYPpKt8zPZsNqzAUhEHauaKbTrXH0bQKVx8%2FQfKb7AXwcTWLGewA3DjBXUs9S5GBhwh6QZU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=1209600
cf-ray: 7d2949de4f8a1c2e-FRA

GET
H2 200 bundle-chat.62b7d8821191da872e3a.js Show response
gamdom.com/build/ 129 KB
43 KB 26ms
25ms Script
application/javascript 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/bundle-chat.62b7d8821191da872e3a.js

Requested by

Host: gamdom.com
URL: https://gamdom.com/build/client.acb40017a2a8121d05b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2a6a76f8179bacb5039a315f686aeeca6076d863723c794524e8f08d1028e08

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/landing?aff=gambonus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 02 Jun 2023 14:57:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 259399
etag: W/"2049f-1887c9cf18d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NiA%2BzsYbKwaS79KXQlsoVxG9a1ICAoydUNFVj3g7DA9zUtZR1gLFha25t%2BG2K8wAwNAROU9Nt8LRnAWu1VTDMmdVIo5aI6ycbO3fcjk1zwlOyqfdSX2qTys5TtMxge4%2FtCaXnmyo3T4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: public, max-age=1209600
cf-ray: 7d2949de4f8b1c2e-FRA

GET
H2 200 icomoon.c90b18d345bcdd79b72e.woff2
gamdom.com/build/ 73 KB
73 KB 26ms
26ms Font
font/woff2 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/icomoon.c90b18d345bcdd79b72e.woff2?s9e66w

Requested by

Host: gamdom.com
URL: https://gamdom.com/build/client.b4ee4ee2023076c30af2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dfe026897c931e343476be605ac893879ff8fb8a026ec500449fc8f35f3229f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamdom.com/build/client.b4ee4ee2023076c30af2.css
Origin: https://gamdom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sun, 26 Feb 2023 20:30:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 500854
etag: W/"122f0-1868f6b70a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPgVZUfzcKeCfbmgZ1Xnviwrf21HzM6DC%2B47kN0m9kT%2FAU5Ii0Rm3NV1vGavOrwTd1DTaJTllGuFfzoSl%2FIdDuygmLaH09pdSPb%2BPqoT4Dvf%2Fgb%2FyL8qEz4KMB7qu%2FSsm5mKphL6GUE%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=1209600
cf-ray: 7d2949de4f901c2e-FRA

GET
H2 200 Gilroy-Regular.bf0d9106d71b3bdb6749.woff2
gamdom.com/build/ 24 KB
24 KB 19ms
19ms Font
font/woff2 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/Gilroy-Regular.bf0d9106d71b3bdb6749.woff2

Requested by

Host: gamdom.com
URL: https://gamdom.com/build/client.b4ee4ee2023076c30af2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13e4891ce8d9adc84f40b8d404627062ba7ddbfd83c9e829f573460b2ea4ed0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamdom.com/build/client.b4ee4ee2023076c30af2.css
Origin: https://gamdom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 22 Sep 2021 12:12:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 433787
etag: W/"6090-17c0d6bee30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFom8nd2TqiPh%2BsZLoLfjTEpfxKEbTG28DzFSE82xCZRzXZL2%2B%2Fg1vAOZNEwlkghaxEH%2BM1ZuoC%2Bqayxyl9NZWKXNAGbvEbjNXH4ee8mLPn5eOdPPEvtIeQoCJZ%2BYJEq2vYVidWYBQU%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=1209600
cf-ray: 7d2949de4f921c2e-FRA

GET
H2 200 Gilroy-Bold.6704371c24c9a7be553b.woff2
gamdom.com/build/ 25 KB
26 KB 17ms
17ms Font
font/woff2 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/Gilroy-Bold.6704371c24c9a7be553b.woff2

Requested by

Host: gamdom.com
URL: https://gamdom.com/build/client.b4ee4ee2023076c30af2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

078bf9ddac25291533d23802af3a3b4563617ed2fc4cb4a7f0cc652460cf4b16

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamdom.com/build/client.b4ee4ee2023076c30af2.css
Origin: https://gamdom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 22 Sep 2021 12:12:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 500854
etag: W/"65d0-17c0d6bee30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKrHUL%2Fudx257vf%2FkcoEOb9TJ5dxGNg1eDeRrjF3EFWZ3kx%2FQK97nstvD%2F8dgSCdwFMDxuLGW2%2BROXJyLtHC0ltpo5Sx%2BimzJTWbcrG0LA3m65kXKH9pb0n%2FxUgEQni1Vzb6ElBX%2Bwg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=1209600
cf-ray: 7d2949de4f941c2e-FRA

GET
H2 200 gamdom_logo_white.df7a8711ee5d020ca0dd.svg
gamdom.com/build/ 4 KB
2 KB 17ms
16ms Image
image/svg+xml 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamdom.com/build/gamdom_logo_white.df7a8711ee5d020ca0dd.svg

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c8e5dde45892e9b1c19bf402421c6c5c9e1192deedd1a818cef03292eee5e19

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/landing?aff=gambonus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 25 Mar 2022 18:18:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 772351
etag: W/"eab-17fc24d36b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bzhBWjzoqImRz72LNnGCmGUq%2FeZOfJS%2Fuhf73G0FbiwQrCd1FEgduYUZZOpN4GxazmqOtbkY164ARFKlZwdT8%2BCmmqT2pAtmOgQX76B8wEtScxriZtFgG8J5rxA%2F6mvPI819HgYfuM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
content-encoding: br
cache-control: public, max-age=1209600
cf-ray: 7d2949de5fae1c2e-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
345 B 120ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-86468713-1&cid=238029606.1685977261&jid=1928365407&gjid=913984276&_gid=297152265.1685977261&_u=aGBAgEABAAAAAEAAI~&z=1286217488

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamdom.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 05 Jun 2023 15:01:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gamdom.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track.js Show response
gamdom.ladesk.com/scripts/ 49 KB
13 KB 107ms
12ms Script
application/javascript 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.ladesk.com/scripts/track.js

Requested by

Host: gamdom.com
URL: https://gamdom.com/build/client.acb40017a2a8121d05b7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

f25d6a97aa8ec7190c3d06cddbc23757324a675adf762cbce82e2c37a4b592b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 4
age: 101
content-length: 13035
last-modified: Wed, 10 May 2023 11:42:06 GMT
server: nginx
etag: "c469-5fb555c7c5f80"
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 605859997 604285434
cache-control: max-age=300, public
accept-ranges: bytes
expires: Mon, 05 Jun 2023 20:59:20 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 7ms
6ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=2062854858&t=event&_s=1&dl=https%3A%2F%2Fgamdom.com%2Flanding%3Faff%3Dgambonus&ul=en-us&de=UTF-8&dt=Gamdom%3A%20The%20best%20casino%20portal%20for%20you%F0%9F%92%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Design&ea=normal-design&_u=aGBAgEABAAAAAAAAI~&jid=1928365407&gjid=913984276&cid=238029606.1685977261&tid=UA-86468713-1&_gid=297152265.1685977261&cm1=0&cd2=false&cd3=false&cm2=0&z=1867709036

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:05:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35741
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 8ms
8ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=2062854858&t=pageview&_s=2&dl=https%3A%2F%2Fgamdom.com%2Flanding%3Faff%3Dgambonus&ul=en-us&de=UTF-8&dt=Gamdom%3A%20The%20best%20casino%20portal%20for%20you%F0%9F%92%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEABAAAAAEAAI~&jid=&gjid=&cid=238029606.1685977261&tid=UA-86468713-1&_gid=297152265.1685977261&cm1=0&cd2=false&cd3=false&cm2=0&z=589798754

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:05:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35741
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 843 B
1 KB 33ms
33ms Script
text/javascript 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2868116&ADFPageName=Gamdom_All_Pages&ADFdivider=%7C&ord=616131343416&ADFtpmode=2&loc=https%3A%2F%2Fgamdom.com%2Flanding%3Faff%3Dgambonus&Set1=en-US%7Cen-US%7C1600x1200%7C24&frpid=7195505661094981104

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c2f25a7bf800eb10552df2f5656296a0e97775604e69a65e5a0c21d0919b653c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 684
expires: -1

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 6D91 5 KB
2 KB 81ms
25ms Document
text/html 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292

Requested by

Host: track.adform.net
URL: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2868116&ADFPageName=Gamdom_All_Pages&ADFdivider=%7C&ord=616131343416&ADFtpmode=2&loc=https%3A%2F%2Fgamdom.com%2Flanding%3Faff%3Dgambonus&Set1=en-US%7Cen-US%7C1600x1200%7C24&frpid=7195505661094981104

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

444a364a84d00d67705ae0712a6a3a7649e1d8ae9c162dc131b94f0d00745a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://gamdom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 05 Jun 2023 15:01:02 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
466 B 83ms
24ms Image
image/gif 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=4053075202590399395&stamp=HxG6QkTY_5oDvP-67D9Y4w2

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
DATA 200
OK truncated
/ 956 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d85f0f149b4390bed6624bc30ca2cbfa37d394f14474fcf81d63363ad363e284

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Gilroy-Medium.3f9965673b822a39abe9.woff2
gamdom.com/build/ 25 KB
26 KB 19ms
18ms Font
font/woff2 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/Gilroy-Medium.3f9965673b822a39abe9.woff2

Requested by

Host: gamdom.com
URL: https://gamdom.com/build/client.b4ee4ee2023076c30af2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7a5cd0f55f3a161625b68dd42b680869dfbdc376206950a6b41816a087c93d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamdom.com/build/client.b4ee4ee2023076c30af2.css
Origin: https://gamdom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 22 Sep 2021 12:12:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 500854
etag: W/"65e4-17c0d6bee30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfykcUjqaz%2Fursviz4wzsLFfYPS%2BNUp%2BvY3R9wDyiElXIEa%2FQyTa8aWSTUTt8ZavW6TzQxIMLevTC84SLxot%2B%2B%2FCqXPw7CxoPAKIJLYTtM7AQTb7W%2B22FFXACt9CjjWzLevobzsELyY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=1209600
cf-ray: 7d2949df38da1c2e-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 65ms
43ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-86468713-1&cid=238029606.1685977261&jid=1928365407&_u=aGBAgEABAAAAAEAAI~&z=1271886434

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 66ms
44ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-86468713-1&cid=238029606.1685977261&jid=1928365407&_u=aGBAgEABAAAAAEAAI~&z=1271886434

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.js Show response
recaptcha.net/recaptcha/ 851 B
878 B 85ms
19ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api.js?render=explicit

Requested by

Host: gamdom.com
URL: https://gamdom.com/build/bundle-chat.62b7d8821191da872e3a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b144222dc5424c318a7eff2071a7563fd2874ef11c3a78a58c38cf91f79331f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 558
x-xss-protection: 1; mode=block
expires: Mon, 05 Jun 2023 15:01:02 GMT

GET
H2 200 logo.82c2a125d94e7679f409.svg
gamdom.com/build/ 4 KB
2 KB 17ms
16ms Image
image/svg+xml 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamdom.com/build/logo.82c2a125d94e7679f409.svg

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

529f590d096697db37caaba18a93ef5993b31c3015c05601ff0a5f8255042017

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/landing?aff=gambonus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 00:17:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 896206
etag: W/"117a-184ac25c7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZX1tRwSEMm5XGXRkDJ%2F3BDbd7k%2FU4aKkXXlojtotA%2B3Lc8wq0uJmRjIZ2GKWAlju0fwvwGBwip%2FqF1UD6Dw%2BOKzJXDxg6pRjyYsnweRyhtKP8NntBhaoCinwMuNIzTUwOtn2%2BSz8j7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
content-encoding: br
cache-control: public, max-age=1209600
cf-ray: 7d2949df894b1c2e-FRA

GET
H2 200 google_logo.138d2d88e6c51d194dd01ba715395b72.400.png
gamdom.com/build/ 4 KB
4 KB 18ms
18ms Image
image/png 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamdom.com/build/google_logo.138d2d88e6c51d194dd01ba715395b72.400.png

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f34c694b10f5939b382d594c98846b5a2cdf34b185ea846a359fe8e7aa247aff

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/landing?aff=gambonus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 895111
cf-polished: origSize=4243
cf-bgj: imgq:100,h2pri
last-modified: Wed, 22 Sep 2021 12:12:29 GMT
server: cloudflare
etag: W/"1093-17c0d6bee44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tS9hz18W2bYCq%2BAIi2g0wrwnPYOiRElMIz51ZADYqkqMXCae1NCAEUqI%2BT%2FqP7OaMZhMWidE7Molcutvnezj57%2BDzIfpBFx3OwXraEb89ijyZBzP1cu5myc3ckYSpJ89R9o5m6omHRo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=1209600
cf-ray: 7d2949df994e1c2e-FRA

GET
H2 200 GC.4ed59543680fc957c5134de3b4b94564.54.png
gamdom.com/build/ 3 KB
4 KB 18ms
17ms Image
image/png 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamdom.com/build/GC.4ed59543680fc957c5134de3b4b94564.54.png

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7ef4f8ae8b30038bf0a62295af2d1c28cb3116abefa865da8c2fd807319dc7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/landing?aff=gambonus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500606
cf-polished: origSize=3414
cf-bgj: imgq:100,h2pri
last-modified: Tue, 20 Dec 2022 12:20:09 GMT
server: cloudflare
etag: W/"d56-1852f7a1b20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBxiPGGpbPDa%2Fp20oi1X6U%2B860kvQpplGgtQWLDLmKVcfJpQRjVke8ms9Xfw5moQTCZyXzhj5WY6nNw7Blsv9dGaijJ0CH%2BAzQcRKUiZjsiE1aOKTxMqsqULVu3gj9TuzygM6tYjpqk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=1209600
cf-ray: 7d2949df99501c2e-FRA

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ff02bf75ec57a1b5aec924c8c94af3ccbeaca5a90de55130c4c1f91bab209c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 569 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3dfb95eaeb18086473a41120e4111c3f2b8b3011fb3e2433e783944570f12eee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 425 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: febedcd765d78b7df0d24ee0e42961c808119f67ab78e0117004f8fc8faf360b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 830 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2035ef8e72e0a66b659bed334802ec9e302804131ad5798b154dae6c956cc35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 917 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e74beacebb644eae0c6173c992cf663df7540d249ae77d7c7b8689a281eed5cf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92ae53013ef7847944fab3be1bda211fc26e5fbf00d3571e4e3218fb98e661e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18b8e639e8cb8181661fe075c7920130c6d336a3ae7e184a392dabf26d57f3e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5cc8506f51c4638627e8a1a89b1350a2de99d8f6f25b3e57b6a147e8764dc3c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 promo_decoration.6fdd126f6330b55f2163.svg
gamdom.com/build/ 11 KB
5 KB 22ms
21ms Image
image/svg+xml 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamdom.com/build/promo_decoration.6fdd126f6330b55f2163.svg

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2460e7d971913f38b2c6d743938b519c930b305105661a5f6dbcac33b149a626

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/landing?aff=gambonus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 00:17:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 428981
etag: W/"2a64-184ac25c7d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhCD2APqHAOhHdMozDFhmgsFOg%2FE5PbZhkUg2dpaAlaE7mcku2Jjxq6mXKx9Muqydz6CHi4rcIye8f3wVplh8HQFQ0l0KD4pgo%2FKQ1G85akEzQKsp82bxSWejiUp2QKDchgZGCobbiU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
content-encoding: br
cache-control: public, max-age=1209600
cf-ray: 7d2949df99651c2e-FRA

GET
H2 200 Gilroy-ExtraBold.bdd05760e1be1a242c22.woff2
gamdom.com/build/ 24 KB
25 KB 16ms
16ms Font
font/woff2 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.com/build/Gilroy-ExtraBold.bdd05760e1be1a242c22.woff2

Requested by

Host: gamdom.com
URL: https://gamdom.com/build/client.b4ee4ee2023076c30af2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d7141b7ff760ed10747535340f4a8b7014453ac7244289d4822b9fc6f106164

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamdom.com/build/client.b4ee4ee2023076c30af2.css
Origin: https://gamdom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 22 Sep 2021 12:12:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 354069
etag: W/"6138-17c0d6bee30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpCUIr2btWL%2F7A9TxuKewLNFPBuk%2F30hQ84K5mfhZQB0hSFTCp3lo11hX%2BvBt0RtH2QTJbOLadTpqm5EelQS5XwKujzN14VXgL4DnVSSzD5oZ3DlIKI%2FOsU3Dp0lC5GMEj5LxgN34Rk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=1209600
cf-ray: 7d2949dfa96a1c2e-FRA

GET
H2 200 button.php Show response
gamdom.ladesk.com/scripts/ 1 KB
1016 B 7ms
6ms Script
application/javascript 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.ladesk.com/scripts/button.php?ChS=UTF-8&C=Widget&i=3m6a80pa&p=__S__gamdom.com%2Flanding%3Faff%3Dgambonus

Requested by

Host: gamdom.ladesk.com
URL: https://gamdom.ladesk.com/scripts/track.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

6f7e429db10238f79f058009b8c72be7cab684d12c06a65334c13188e28c11a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 2
age: 10
content-length: 634
pragma
last-modified: Mon, 05 Jun 2023 15:00:51 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-varnish: 607488323 605828754
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 6D91 0
384 B 25ms
25ms Image
text/plain 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 6D91
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=4053075202590399395&Expiration=1687186862
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=4053075202590399395&Expiration=1687186862

43 B
423 B

35ms
33ms

Image
image/gif

54.171.9.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=4053075202590399395&Expiration=1687186862
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: H2
Server: 54.171.9.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-9-188.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 05 Jun 2023 15:01:02 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=4053075202590399395&Expiration=1687186862
access-control-allow-origin: *
date: Mon, 05 Jun 2023 15:01:02 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 6D91 0
400 B 54ms
21ms Image
text/plain 23.215.16.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=4053075202590399395
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.215.16.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-16-120.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:01:02 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sun, 04 Jun 2023 15:01:02 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 6D91 0
214 B 59ms
10ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=4053075202590399395
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 6D91
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=4053075202590399395&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=4053075202590399395&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=3da41c7921944e50b...
https://c1.adform.net/serving/cookie/match?party=9&uid=ab6994c0d88a59501fb3ff3af5e5361484d8a959ef7a12d645a8139557382ffc

35 B
590 B

25ms
24ms

Image
image/gif

37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=ab6994c0d88a59501fb3ff3af5e5361484d8a959ef7a12d645a8139557382ffc

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292

Protocol

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=ab6994c0d88a59501fb3ff3af5e5361484d8a959ef7a12d645a8139557382ffc
date: Mon, 05 Jun 2023 15:01:02 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 6D91 43 B
163 B 90ms
20ms Image
image/gif 185.86.138.151
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=4053075202590399395&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:01 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame 6D91
Redirect Chain

https://ups.analytics.yahoo.com/ups/55944/sync?uid=4053075202590399395&_origin=1
https://ups.analytics.yahoo.com/ups/55944/sync?uid=4053075202590399395&_origin=1&verify=true

0
120 B

9ms
9ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=4053075202590399395&_origin=1&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=4053075202590399395&_origin=1&verify=true
date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 6D91 43 B
719 B 80ms
25ms Image
image/gif 2.16.238.158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=4053075202590399395
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-158.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:01:02 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Server-Timing: ak_p; desc="1685977262103_34663838_57203789_1854_360_5_9_-";dur=1
Content-Length: 43
x-sticky-vk: 1685977262119007-425
Expires: Mon, 05 Jun 2023 15:01:02 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 6D91
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=4053075202590399395
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=4053075202590399395
https://ce.lijit.com/merge?pid=26&3pid=cfde37e4-2521-4698-9436-d37f27eca760&gdpr=&gdpr_consent=

0
311 B

57ms
14ms

Image
text/plain

216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=26&3pid=cfde37e4-2521-4698-9436-d37f27eca760&gdpr=&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: HTTP/1.1
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Mon, 05 Jun 2023 15:01:02 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

location: //ce.lijit.com/merge?pid=26&3pid=cfde37e4-2521-4698-9436-d37f27eca760&gdpr=&gdpr_consent=
date: Mon, 05 Jun 2023 15:01:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6D91
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4053075202590399395&expiration=1687186862
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4053075202590399395&expiration=1687186862&C=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4053075202590399395&expiration=1687186862&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:01:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:01:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=111&external_user_id=4053075202590399395&expiration=1687186862&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

647471
se.semasio.net/sync/1/ Frame 6D91
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=4053075202590399395&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=4053075202590399395&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=4053075202590399395&gdpr=&sInitiator=external
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal
https://se.semasio.net/sync/1/14876172?sExtCookieId=a915647d-f8af-4b00-816d-c156bc2803ae&sInitiator=internal&gdpr=&gdpr_consent=
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/4354957?sExtCookieId=97745794322382554&sInitiator=internal&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=QkUyRERDNkM3NzhDREI2Qg&gdpr=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESELY-IfqJnXhkp1VwSfpgq4o&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESELY-IfqJnXhkp1VwSfpgq4o&sInitiator=internal&google_cver=1&gdpr=
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/647471?sExtCookieId=7241217202109085843&sInitiator=internal&gdpr=

0
415 B

28ms
26ms

Image
text/plain

77.243.51.122
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se.semasio.net/sync/1/647471?sExtCookieId=7241217202109085843&sInitiator=internal&gdpr=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: HTTP/1.1
Server: 77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:14 GMT
uip-status: Ok
frontend-id: 05
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Location: https://se.semasio.net/sync/1/647471?sExtCookieId=7241217202109085843&sInitiator=internal&gdpr=
Date: Mon, 05 Jun 2023 15:01:02 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 6D91 0
344 B 39ms
8ms Image
text/plain 52.57.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=4053075202590399395&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 15:01:02 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 6D91
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=4053075202590399395
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=4053075202590399395&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
366 B

231ms
13ms

Image
image/gif

2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: H2
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:01:02 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 610434
x-accel-date: 1685366828
content-length: 43
x-77-nzt: AZySIYtnGJn/glAJAA
x-accel-expires: @1686403628
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: cf8787271bf1e982aef87d641a9b9b1f
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

date: Mon, 05 Jun 2023 15:01:02 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame 6D91 0
98 B 78ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=4053075202590399395
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 404 gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=4053075202590399395/gdpr=/ Frame 6D91 49 B
265 B 101ms
29ms Image
image/gif 52.18.254.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=4053075202590399395/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.254.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-254-139.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.3.25
content-length: 49
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame 6D91 62 B
218 B 297ms
252ms Image
image/gif 2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=4053075202590399395
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 05 Jun 2023 15:01:02 GMT
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 6D91 43 B
273 B 56ms
25ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4053075202590399395
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:02 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 6D91
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

196ms
39ms

Image
image/gif

52.218.53.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: HTTP/1.1
Server: 52.218.53.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 15:01:03 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: ZZ0ME8MGR8ENVXC0
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: ShqQwTjjSL4d823lBVlvG4kDJsfqaYQMgOeVXv45Bf6gdpIFmk7N16jxjbMNRB/MzSH6fIzyUcQ=

Redirect headers

X-Error-Reason: Missing UserId
Date: Mon, 05 Jun 2023 15:01:02 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 6D91
Redirect Chain

https://pixel.onaudience.com/?mapped=4053075202590399395&partner=68
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

70 B
265 B

94ms
29ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: H2
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 05 Jun 2023 15:01:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length: 0

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame 6D91
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=4053075202590399395
https://tags.adsafety.net/v1/cm?cm_uid=CM12023060515b1d2e50440f74f285e6&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&...
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=d451c96dd89e4c2cd1488ce3a67f582d
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12023060515b1d2e50440f74f285e6&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=d451c96dd89e4c2cd1488ce3a67f582d&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzA2MDUxNWIxZDJlNTA0NDBmNzRmMjg1ZTY&gdpr_consent=&gdpr=0
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEI-GlhAXESyyQDuRg1oZI-M&gdpr_consent=&gdpr=0&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12023060515b1d2e50440f74f285e6
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=4053075202590399395

43 B
2 KB

9ms
8ms

Image
image/gif

193.135.9.135
IP-PROJECTS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=4053075202590399395
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: HTTP/1.1
Server: 193.135.9.135 , Germany, ASN48314 (IP-PROJECTS, DE),
Reverse DNS
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:01:02 GMT
Last-Modified: Mon, 05 Jun 2023 15:01:02 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=4053075202590399395
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 6D91 0
337 B 99ms
29ms Image
text/plain 54.229.82.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=4053075202590399395
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.82.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-82-2.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-served-by: beacon-n023-dub-prod.krxd.net
date: Mon, 05 Jun 2023 15:01:02 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1685977262
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 6D91
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NDA1MzA3NTIwMjU5MDM5OTM5NQ
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=NDA1MzA3NTIwMjU5MDM5OTM5NQ&google_tc=
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHeD__v82s12gmey71L2XRc&google_cver=1&google_ula=1641347,0

35 B
590 B

25ms
25ms

Image
image/gif

37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHeD__v82s12gmey71L2XRc&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292

Protocol

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHeD__v82s12gmey71L2XRc&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame 6D91
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=97745794322382554&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=4053075202590399395

43 B
1 KB

13ms
13ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=4053075202590399395

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292

Protocol

HTTP/1.1

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:01:02 GMT
AN-X-Request-Uuid: 71e30a97-b5dc-4ab6-9923-c30b966a8ddc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 146.70.117.119; 146.70.117.119; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=4053075202590399395
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame 6D91 0
384 B 27ms
24ms Image
text/plain 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 6D91 42 B
472 B 60ms
18ms Image
image/gif 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4053075202590399395
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 05 Jun 2023 15:01:02 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 6D91 43 B
444 B 234ms
49ms Image
image/gif 108.138.51.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.51.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-51-104.waw51.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 05:44:42 GMT
Via: 1.1 e2e3dae7f2788e1004ae700ec5488a04.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: WAW51-P2
Age: 33380
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: 8fO7dkuF2eO2t2O0pCuSBHiMbjOvgApiu2JCGtnuNHZQ7O3_MzxUyQ==

GET
H/1.1

200

p
a.audrte.com/ Frame 6D91
Redirect Chain

https://a.audrte.com/a?adform_uid=4053075202590399395
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YzU5S1NoWS1VS3dTSFNFVFhZaVhOa3dyUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

98ms
98ms

Image
image/png

52.44.244.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: HTTP/1.1
Server: 52.44.244.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-244-58.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 15:01:02 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Mon, 05 Jun 2023 15:01:02 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 6D91
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=4053075202590399395&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=4053075202590399395&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=31393523061328647890286840279974433523&noredirect=1

35 B
590 B

25ms
24ms

Image
image/gif

37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=31393523061328647890286840279974433523&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292

Protocol

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-1-v048-06c261c56.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: HuBgche8Rwo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=31393523061328647890286840279974433523&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 6D91
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=4053075202590399395
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216753104538003684699

35 B
599 B

32ms
24ms

Image
image/gif

37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216753104538003684699

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292

Protocol

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:02 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216753104538003684699
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 6D91
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7241217202109085843

35 B
590 B

32ms
25ms

Image
image/gif

37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7241217202109085843

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292

Protocol

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7241217202109085843
Date: Mon, 05 Jun 2023 15:01:02 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 6D91 62 B
429 B 165ms
165ms Image
image/gif 2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=4053075202590399395
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 05 Jun 2023 15:01:02 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 6D91
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=2346647d-f8ae-4d00-9800-9fb82dc9abe7

35 B
590 B

25ms
24ms

Image
image/gif

37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=2346647d-f8ae-4d00-9800-9fb82dc9abe7

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292

Protocol

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Mon, 05 Jun 2023 15:01:02 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x25 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=2346647d-f8ae-4d00-9800-9fb82dc9abe7
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Mon, 05 Jun 2023 15:01:01 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 6D91
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=KlmGDjhY1Q6bHE5

35 B
590 B

25ms
25ms

Image
image/gif

37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=KlmGDjhY1Q6bHE5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292

Protocol

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:01:01 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-03b3f67f69a828fdc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=KlmGDjhY1Q6bHE5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6D91 70 B
264 B 29ms
29ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 05 Jun 2023 15:01:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame 6D91 0
72 B 528ms
129ms Image
text/plain 216.46.185.182
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=4053075202590399395
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 216.46.185.182 Littleton, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H/1.1 200 0.gif
id5-sync.com/s/10/ Frame 6D91 43 B
1 KB 32ms
8ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=4053075202590399395

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 6D91
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=803680300
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=R.uxdNkncsqc9VmCVCB5de

35 B
590 B

25ms
25ms

Image
image/gif

37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=R.uxdNkncsqc9VmCVCB5de

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292

Protocol

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:02 GMT
via: 1.1 google
last-modified: Mon, 05 Jun 2023 15:01:02 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=R.uxdNkncsqc9VmCVCB5de
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 6D91 23 B
163 B 669ms
181ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=4053075202590399395
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 05 Jun 2023 15:01:03 GMT
pragma: no-cache
date: Mon, 05 Jun 2023 15:01:03 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET pixel.gif
sync.1dmp.io/ Frame 6D91 0
0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 6D91 0
242 B 88ms
23ms Image
text/plain 2600:9000:26df:c00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=4053075202590399395
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26df:c00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
cache-control: no-cache, must-revalidate
via: 1.1 1e2266b5c1097c042d2a0c2f96135db2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: WAW51-P3
x-amz-cf-id: Ikp3B3GTMFZv-kXL52UOlqwHFFOybVHHDP7GyRHSSG8uiZ7PUx5jmQ==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 6D91
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=4053075202590399395&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=4053075202590399395&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=6f7bb70a-7040-4fa4-9f98-05f9eabfa4ed

35 B
599 B

25ms
25ms

Image
image/gif

37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=6f7bb70a-7040-4fa4-9f98-05f9eabfa4ed

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292

Protocol

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://c1.adform.net/serving/cookie/match?party=2007&cid=6f7bb70a-7040-4fa4-9f98-05f9eabfa4ed
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 4053075202590399395
match.contentexchange.me/adform/ Frame 6D91 0
49 B 177ms
55ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/4053075202590399395?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame 6D91 37 B
140 B 39ms
7ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=4053075202590399395&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1

204
No Content

sync.php
pixel.rubiconproject.com/exchange/ Frame 6D91
Redirect Chain

https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=4053075202590399395
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

0
239 B

33ms
9ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:01:02 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 plf
c1.adform.net/imatch/ Frame 6D91 0
384 B 26ms
25ms Image
text/plain 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=4053075202590399395&agencyId=8296&advertiserId=2140639&src=tp&rnd=688292
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 12ms
11ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1353583058397595&ev=Microdata&dl=https%3A%2F%2Fgamdom.com%2Flanding%3Faff%3Dgambonus&rl=&if=false&ts=1685977262065&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Gamdom%3A%20The%20best%20casino%20portal%20for%20you%F0%9F%92%B0%22%2C%22meta%3Adescription%22%3A%22%F0%9F%A4%A9%F0%9F%A4%A9Have%20an%20exciting%20casino%20betting%20experience%20with%20Gamdom%20Slot%20Games%20%E2%9C%85%20Table%20Games%20%E2%9C%85%20esports%20%E2%9C%85%22%2C%22meta%3Akeywords%22%3A%22Gambling%2C%20free%2C%20profit%2C%20crash%2C%20bust%2C%20Casino%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Gamdom%3A%20The%20best%20casino%20portal%20for%20you%F0%9F%92%B0%22%2C%22og%3Atype%22%3A%22Website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fgamdom.com%2Flanding%3Faff%3Dgambonus%22%2C%22og%3Adescription%22%3A%22%F0%9F%A4%A9%F0%9F%A4%A9Have%20an%20exciting%20casino%20betting%20experience%20with%20Gamdom%20Slot%20Games%20%E2%9C%85%20Table%20Games%20%E2%9C%85%20esports%20%E2%9C%85%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fgamdom.com%2Fimg%2Fog_gamdom.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.106&r=stable&ec=1&o=30&fbp=fb.1.1685977261549.2137978100&it=1685977261264&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 05 Jun 2023 15:01:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 generateWidget.php Show response
gamdom.ladesk.com/scripts/ Frame D320 69 KB
14 KB 72ms
71ms Document
text/html 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.ladesk.com/scripts/generateWidget.php?v=5.39.6.36&t=1685976989&cwid=3m6a80pa&cwrt=C&cwt=chat&pt=Gamdom%3A%20The%20best%20casino%20portal%20for%20you%F0%9F%92%B0&ref=https%3A%2F%2Fgamdom.com%2Flanding%3Faff%3Dgambonus

Requested by

Host: gamdom.ladesk.com
URL: https://gamdom.ladesk.com/scripts/track.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

fab183fba3de6f1ca5d7fd23bbf5789956e447495912bf68cb1ed1bc0dc506bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamdom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=31536000, public
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 05 Jun 2023 15:01:02 GMT
expires: Mon, 01 Jan 2024 08:00:00 GMT
last-modified: Tue, 01 Jan 2008 08:00:00 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish (1.lb-app.la.linode-de)
x-content-type-options: nosniff
x-srv: 4
x-varnish: 607716345

GET
H2 200 generateWidget.php Show response
gamdom.ladesk.com/scripts/ Frame 5EF7 40 KB
10 KB 33ms
32ms Document
text/html 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.ladesk.com/scripts/generateWidget.php?v=5.39.6.36&t=1685976989&cwid=3m6a80pa&cwrt=C&cwt=onlineform&pt=Gamdom%3A%20The%20best%20casino%20portal%20for%20you%F0%9F%92%B0&ref=https%3A%2F%2Fgamdom.com%2Flanding%3Faff%3Dgambonus

Requested by

Host: gamdom.ladesk.com
URL: https://gamdom.ladesk.com/scripts/track.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

ca0a364b96c65386b92971068158b1cacce00d0e3a5df58307785435860d8fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://gamdom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=31536000, public
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 05 Jun 2023 15:01:02 GMT
expires: Mon, 01 Jan 2024 08:00:00 GMT
last-modified: Tue, 01 Jan 2008 08:00:00 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish (1.lb-app.la.linode-de)
x-content-type-options: nosniff
x-srv: 1
x-varnish: 605828813

GET
H2 200 file.php
gamdom.ladesk.com/scripts/ 3 KB
3 KB 7ms
6ms Image
image/png 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamdom.ladesk.com/scripts/file.php?view=Y&file=mv1awx5oo55afcf47lhivqi0d9t2qlm9

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

be74907a6839278790020a02cd6ac6f87a6a924bd63b1b96b3dcab60bb18be86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
via: 1.1 varnish (1.lb-app.la.linode-de)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-srv: 3
age: 292
vary: Accept-Encoding
content-type: image/png
x-varnish: 606603994 604580369
cache-control: max-age=36000
content-disposition: filename="gam_support_icon_smaller.png"
accept-ranges: bytes
content-length: 2731
expires: Tue, 06 Jun 23 00:56:10 +0000

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52a75caa35647e0df631d66ee87e546cc6d74f686011379a4e7f5b2b64d40c6f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c55af55a567fe84ee897f827f6f2d30a04fb7d9b660f1b7df3656f817388a07d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d4bf7278a96ffeabacf4807d88579f46ff4f35b60b69fc7f4e0928a4320f14e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 crown_new.6836fb9cf58ec8e2d370.gif
gamdom.com/build/ 85 KB
85 KB 21ms
20ms Image
image/gif 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamdom.com/build/crown_new.6836fb9cf58ec8e2d370.gif

Requested by

Host: gamdom.com
URL: https://gamdom.com/build/client.b4ee4ee2023076c30af2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c06c1adce0b0c9511fce2b632ff5fd46dbf07e4d6660afd32978af959c13030a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/build/client.b4ee4ee2023076c30af2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 433806
cf-polished: origSize=96527
cf-bgj: imgq:100,h2pri
last-modified: Fri, 25 Nov 2022 00:17:47 GMT
server: cloudflare
etag: W/"1790f-184ac25c7c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAqiPrZev7aSI9i6IaSbBzKvQwGN8og9u3s%2FbIVSWJd4mEUf1SdFYWsDH9hbuDwsBqEd9ZQhGsyNDGpfPSpdUHt%2BvSGUyiNhuU6uTHDBq6FfNPEYXJg1i8ClqN8SHWY38aENbaIA1E8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=1209600
cf-ray: 7d2949e05a371c2e-FRA

GET
H2 200 vip.b61ebb624c5dbbe196f5.gif
gamdom.com/build/ 35 KB
36 KB 17ms
16ms Image
image/gif 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamdom.com/build/vip.b61ebb624c5dbbe196f5.gif

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5658aac794f03ecc79cd9ae0672397575a1c73fde72cd0e770ef6f2476cac581

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/landing?aff=gambonus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 674620
cf-polished: origSize=46236
cf-bgj: imgq:100,h2pri
last-modified: Sun, 14 May 2023 19:30:25 GMT
server: cloudflare
etag: W/"b49c-1881bbe2279"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdOW0NekzFXngn2H2vRYfo7c86wpcqIvrtK1kgzz3lukKyovP%2BEV2%2BKtRwenK5upGPPhH6W63xIgXj7%2Be7BclKb4FDk1bwWrTS0v6VO%2BhnjGTj7hIOiMzZoPrHnpc7LBjjoaM8BY1MY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=1209600
cf-ray: 7d2949e05a391c2e-FRA

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7582342d6f92a98eee0f689116560a64a5061af4a250aa78e5d89e395b2aaab5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 8aaf0056f93bc1c372a6134156ce54a4d83734bc.jpg
avatars.steamstatic.com/ 887 B
1 KB 68ms
7ms Image
image/jpeg 2a02:26f0:3100::1735:282a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/8aaf0056f93bc1c372a6134156ce54a4d83734bc.jpg
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:282a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 58ceb5847ce5c64dcba0053cad4cd1c9265835ff7dcf1065062465fc45ecf012

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Fri, 05 May 2023 14:33:03 GMT
server: nginx
content-md5: tS1m5qSx+lk47mJ3ElSYMQ==
etag: "0x8DB4D75A2B5B00E"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=314280364
server-timing: ak_p; desc="1685977262212_389359654_285043380_56_425_6_0_146";dur=1
accept-ranges: bytes
content-length: 887
expires: Sat, 21 May 2033 03:07:06 GMT

GET
H2 200 14933755-profile.jpg
gamdom.com/profile-img/ 3 KB
3 KB 19ms
15ms Image
image/jpeg 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamdom.com/profile-img/14933755-profile.jpg?0.6027664952504856

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16132d1387c36a8233dc36c504aa0ae58f00b2e62b421aea86321904a008b434

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/landing?aff=gambonus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1531222
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
last-modified: Sun, 19 Dec 2021 15:53:04 GMT
server: cloudflare
etag: W/"b4f-17dd365802d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQim08syEt2DhIZc31bmTMDirmbctWw2F4VaqL7iiqVKrS0K9LX1gwEVVLErtRoQHtHnnUzyfhBeE5%2Fibpx1eeC6%2BUOPxbMymOE5ncl%2FuWXiwIbywovoMmolGP%2Ff%2BGh2Ya3pzKNInsU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2419200
cf-ray: 7d2949e07a5f1c2e-FRA

GET
H2 200 a98d36c759242d4ab86bc317fbb84ee4361d773b.jpg
avatars.steamstatic.com/ 757 B
1 KB 67ms
7ms Image
image/jpeg 2a02:26f0:3100::1735:282a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/a98d36c759242d4ab86bc317fbb84ee4361d773b.jpg
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:282a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 365971a7a80fd9573f5fb6d0b630e1ae9ff28014158aa4db26bbc28d73427fb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Fri, 18 Mar 2022 12:35:04 GMT
server: nginx
etag: "0ceb911e6ef18b96c74cb9ba0402d9ae"
x-guploader-uploadid: ADPycdt6pG5jMj0-r5Qm2OqKZ8DOEMyIqY9MojCPbUHAiqkVm_4mAWZKryqvFbwqSMfpop6u0zGQoYOH9H27-ncfKRlb
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=313224887
server-timing: ak_p; desc="1685977262212_389359654_285043381_55_455_6_0_146";dur=1
accept-ranges: bytes
content-length: 757
expires: Sun, 08 May 2033 21:55:49 GMT

GET
H2 200 b77af43b9aafaae42f06bc5cbee64c7bb80bbf63.jpg
avatars.steamstatic.com/ 781 B
1 KB 71ms
12ms Image
image/jpeg 2a02:26f0:3100::1735:282a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/b77af43b9aafaae42f06bc5cbee64c7bb80bbf63.jpg
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:282a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8748f760613f67b4cd757e8968881fb7144ccd66899440cd1e3c4f56dfb81465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Wed, 14 Sep 2022 17:49:31 GMT
server: nginx
content-md5: 7aXXQ8pf/hAQ6kFabcUx4A==
etag: "0x8DA96797A960A0C"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=314571993
server-timing: ak_p; desc="1685977262212_389359654_285043382_319_501_6_0_146";dur=1
accept-ranges: bytes
content-length: 781
expires: Tue, 24 May 2033 12:07:35 GMT

GET
H2 200 cf63f2a4ae5d08d435fc6ff55ecc5416.jpg
www.gravatar.com/avatar/ 2 KB
2 KB 32ms
6ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gravatar.com/avatar/cf63f2a4ae5d08d435fc6ff55ecc5416.jpg?d=identicon
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f1c260bd1e05c979654ae89c36a8c3d48c6a0e0ca210d10973acf29a66a91c09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/cf63f2a4ae5d08d435fc6ff55ecc5416.jpg?d=identicon>; rel="canonical"
content-length: 2054
expires: Mon, 05 Jun 2023 15:06:02 GMT

GET
H2 200 b09246c6a070c666f6b49c51353bdc12f9f0f0c0.jpg
avatars.steamstatic.com/ 1 KB
1 KB 75ms
16ms Image
image/jpeg 2a02:26f0:3100::1735:282a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/b09246c6a070c666f6b49c51353bdc12f9f0f0c0.jpg
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:282a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3452960aa7cee81c4f1fe8b79cb95709d89948341d46835cb6ca2dcb35198ddb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Fri, 18 Mar 2022 21:35:43 GMT
server: nginx
etag: "639f41d6f04438e700bf860a5df87799"
x-guploader-uploadid: ADPycdsspY-xgSYZASSyFnnpZD_Z-LWqi-1nCaqdgl3d3MZMJbyRdWu4hscZmccEtKT0qyyVEQAUJz5_BWO0cihCJZKn
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=314424052
server-timing: ak_p; desc="1685977262218_389359654_285043392_347_705_6_0_146";dur=1
accept-ranges: bytes
content-length: 1044
expires: Sun, 22 May 2033 19:01:54 GMT

GET
H2 200 dfca586db29044384c00c6aef623da5d.jpg
www.gravatar.com/avatar/ 1 KB
1 KB 33ms
7ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gravatar.com/avatar/dfca586db29044384c00c6aef623da5d.jpg?d=identicon
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 40da8a90ff4ff719ebae6fdb87e79d736f9d69da5cd9536ee8d79587200959ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/dfca586db29044384c00c6aef623da5d.jpg?d=identicon>; rel="canonical"
content-length: 1066
expires: Mon, 05 Jun 2023 15:06:02 GMT

GET
H2 200 4f66bda68d214529b1d2cfc079232a00641980ee.jpg
avatars.steamstatic.com/ 825 B
1 KB 75ms
16ms Image
image/jpeg 2a02:26f0:3100::1735:282a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/4f66bda68d214529b1d2cfc079232a00641980ee.jpg
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:282a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 913e492733c51f0675d3fc0c310f94d0bd0797b65b14247d24ce3c61a98a0fc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Sun, 13 Mar 2022 18:50:09 GMT
server: nginx
content-md5: tHz7FF/kGeCsZKzhYYHyQg==
etag: "0x8DA05224CAC4000"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=314504487
server-timing: ak_p; desc="1685977262218_389359654_285043391_332_874_6_0_146";dur=1
accept-ranges: bytes
content-length: 825
expires: Mon, 23 May 2033 17:22:29 GMT

GET
H2 200 895d7aad57812b3d12cbb1ba06074d787605ec4e.jpg
avatars.steamstatic.com/ 648 B
915 B 78ms
19ms Image
image/jpeg 2a02:26f0:3100::1735:282a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/895d7aad57812b3d12cbb1ba06074d787605ec4e.jpg
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:282a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9808af48cdc6e93052b683e5e26c95200d030262dd38e0eaa4db1bc3a297047e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Sun, 12 Mar 2023 15:51:27 GMT
server: nginx
content-md5: IlZ6pzAf1vnBKoQozNnpsw==
etag: "0x8DB2311A3DC36FA"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=313377282
server-timing: ak_p; desc="1685977262221_389359654_285043393_675_524_6_0_146";dur=1
accept-ranges: bytes
content-length: 648
expires: Tue, 10 May 2033 16:15:44 GMT

GET
H2 200 12135914-profile.jpg
gamdom.com/profile-img/ 2 KB
3 KB 22ms
19ms Image
image/jpeg 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamdom.com/profile-img/12135914-profile.jpg?0.4857210249028223

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

044b569f725b0d2ae58176e9c2cec99ca2c3440754eda67c1cb827561ef8c940

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/landing?aff=gambonus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 762951
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jan 2023 16:01:40 GMT
server: cloudflare
etag: W/"987-185e4837c67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYwgaTJI%2B%2B6ifl4Ve539Nn07wgHLTDNBkq5FpFZkOfeqYDU1z1g5b5ek1Y8QaejUyKOt18NduyfFcr9oNug0FIY%2BrN71Ge3BS37F%2B6%2BkGq2%2FKJfQ0YjlzNBhc4BRbe7ZOXzxhcas%2BMk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2419200
cf-ray: 7d2949e07a611c2e-FRA

GET
H2 200 bd1f4cba4741288d3556f03cd46d15bc95a2666d.jpg
avatars.steamstatic.com/ 1 KB
1 KB 60ms
7ms Image
image/jpeg 2a02:26f0:3100::1735:282a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/bd1f4cba4741288d3556f03cd46d15bc95a2666d.jpg
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:282a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4fb2280ede9113429eeb96e346ca57d1590f7bb7104cf26a0e9800b6ce631ec8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Wed, 20 Jul 2022 17:13:58 GMT
server: nginx
content-md5: oMFhgusn7g9Sc1FAp8+F0A==
etag: "0x8DA6A733BB4DC55"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315294986
server-timing: ak_p; desc="1685977262212_389359654_285043377_47_516_6_0_219";dur=1
accept-ranges: bytes
content-length: 1034
expires: Wed, 01 Jun 2033 20:57:28 GMT

GET
H2 200 173e8a824f82f0667a72fb7e798668d3.jpg
www.gravatar.com/avatar/ 1 KB
1 KB 30ms
6ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gravatar.com/avatar/173e8a824f82f0667a72fb7e798668d3.jpg?d=identicon
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 20d2d086aa1ae4d8c5ab5ca29a7d12c87e1d77130ad7477f327b3434bf823cfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/173e8a824f82f0667a72fb7e798668d3.jpg?d=identicon>; rel="canonical"
content-length: 1172
expires: Mon, 05 Jun 2023 15:06:02 GMT

GET
H2 200 ac83f1fdee3d3b6d39e1bbfbdfe3d35849dc4766.jpg
avatars.steamstatic.com/ 1011 B
1 KB 9ms
9ms Image
image/jpeg 2a02:26f0:3100::1735:282a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/ac83f1fdee3d3b6d39e1bbfbdfe3d35849dc4766.jpg
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:282a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b1e46b0dffb06a3eba25b21823f0445a2a941f47ecf0637c728dc04380fed0e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Wed, 05 Apr 2023 14:56:08 GMT
server: nginx
etag: "a8fb68745263458aa96efc1867ed5297"
x-guploader-uploadid: ADPycdtZgCeB-B6Gm5k7Jl-YakoANANo1r0solW5Q42mKKYuFyMDaXCvnblXTksiW9IBx8jaB2KmwAStl1gs_WYbPcxU
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=313975696
server-timing: ak_p; desc="1685977262223_389359654_285043403_91_622_6_0_146";dur=1
accept-ranges: bytes
content-length: 1011
expires: Tue, 17 May 2033 14:29:18 GMT

GET
H2 200 d6793a62adc7b503dc20fa71e31fde3f.jpg
www.gravatar.com/avatar/ 4 KB
4 KB 30ms
6ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gravatar.com/avatar/d6793a62adc7b503dc20fa71e31fde3f.jpg?d=identicon
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9af717df07f942d150dee3693ed93e859a7d6b31f53b6ac5b20d189e7dfa7363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/d6793a62adc7b503dc20fa71e31fde3f.jpg?d=identicon>; rel="canonical"
content-length: 3819
expires: Mon, 05 Jun 2023 15:06:02 GMT

GET
H2 200 d758f6ec3b8f141234601934003e1fa2.jpg
www.gravatar.com/avatar/ 3 KB
3 KB 27ms
8ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gravatar.com/avatar/d758f6ec3b8f141234601934003e1fa2.jpg?d=identicon
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 03b95b741cdcf7b3511ee06c0179eb6952b05ffb28da5227550c9d8666f0ebe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/d758f6ec3b8f141234601934003e1fa2.jpg?d=identicon>; rel="canonical"
content-length: 2793
expires: Mon, 05 Jun 2023 15:06:02 GMT

GET
H2 200 15633871-profile.jpg
gamdom.com/profile-img/ 5 KB
5 KB 22ms
19ms Image
image/jpeg 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamdom.com/profile-img/15633871-profile.jpg?0.42357694865702067

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0911ac012c38789081203a5c384516edd107413aa11187cf52f5013dc662f668

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/landing?aff=gambonus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2198960
cf-polished: origSize=4900
cf-bgj: imgq:100,h2pri
last-modified: Thu, 11 May 2023 04:11:11 GMT
server: cloudflare
etag: W/"1324-18809017ad4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvEi%2FMW68s8Gzn4gnI3hf0OfsJvO%2F8dZT8SZwH3MI4fV%2BiJHj42g7DeMNZMSGRq0p8LPuPRJyzuBot6cglYzrN45%2BbF8i55m5W3iJUXndKi7PASdB4IPD0W9xDTT63crnyKpay1VlUk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2419200
cf-ray: 7d2949e07a621c2e-FRA

GET
H2 200 98969bf738d11e379dca73079ef244c9fc8197c0.jpg
avatars.steamstatic.com/ 1 KB
2 KB 68ms
14ms Image
image/jpeg 2a02:26f0:3100::1735:282a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/98969bf738d11e379dca73079ef244c9fc8197c0.jpg
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:282a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 622791d98030522c9125de05c07280e5adf7201f98613a892ddb0e5ae55b1e7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Thu, 17 Mar 2022 15:04:01 GMT
server: nginx
etag: "0e3ee6c1125e4335f81bc8bbfc473503"
x-guploader-uploadid: ADPycdtrXFBvmQimBS027f_XvxwG6dQWc0PTzgRthYFOLPdRezaan6wWVJr8kVi5UAJD0BDkHhqqFopCuJ5U63_Ga-C5
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=313539256
server-timing: ak_p; desc="1685977262194_389359654_285043375_717_634_6_0_219";dur=1
accept-ranges: bytes
content-length: 1265
expires: Thu, 12 May 2033 13:15:18 GMT

GET
H2 200 729a3277618fbfd82d79c0a95fdc768c.jpg
www.gravatar.com/avatar/ 2 KB
2 KB 8ms
7ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gravatar.com/avatar/729a3277618fbfd82d79c0a95fdc768c.jpg?d=identicon
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: b04852a10d8572ee970ad182fdfae79570e2637496cb05b23f77f99dacf4ac4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/729a3277618fbfd82d79c0a95fdc768c.jpg?d=identicon>; rel="canonical"
content-length: 1963
expires: Mon, 05 Jun 2023 15:06:02 GMT

GET
H2 200 98d8bb08a2937d6378eeec8dc1532049.jpg
www.gravatar.com/avatar/ 2 KB
2 KB 9ms
8ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gravatar.com/avatar/98d8bb08a2937d6378eeec8dc1532049.jpg?d=identicon
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9bf9ae937702eada624369938c6c472a17fb7fb464414c6c371013d6b993338a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/98d8bb08a2937d6378eeec8dc1532049.jpg?d=identicon>; rel="canonical"
content-length: 1839
expires: Mon, 05 Jun 2023 15:06:02 GMT

GET
H2 200 63528698bc014faec47b1771cebde24973701b38.jpg
avatars.steamstatic.com/ 1 KB
2 KB 65ms
12ms Image
image/jpeg 2a02:26f0:3100::1735:282a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/63528698bc014faec47b1771cebde24973701b38.jpg
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:282a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7d4a9328f1890ba135568eac01324dd98dd07b65c7269309cc4f99b639559f25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Mon, 14 Mar 2022 20:11:40 GMT
server: nginx
content-md5: /oP6bArfN1EPejCRUeODQA==
etag: "0x8DA05F6D9E3C123"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=313903884
server-timing: ak_p; desc="1685977262212_389359654_285043376_442_520_6_17_219";dur=1
accept-ranges: bytes
content-length: 1421
expires: Mon, 16 May 2033 18:32:26 GMT

GET
H2 200 3525537-profile.jpg
gamdom.com/profile-img/ 883 B
1 KB 22ms
20ms Image
image/jpeg 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamdom.com/profile-img/3525537-profile.jpg?0.8526047243339032

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eca645137755374a37afa99a00442a8ae6093f2a06cb607ce435710246ab7508

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/landing?aff=gambonus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 373738
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
last-modified: Sun, 18 Sep 2022 17:45:21 GMT
server: cloudflare
etag: W/"373-18351b469f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oI%2FoqRoCV89LilZd9cVnFe54y4x5Z5VUKoK0p37buBrn1BQzN7YYcE%2BrnOkgkzNiv6pdlkf9G5hYF1Il9EB9rAPlIyMx%2BKfs7EG%2FVTZcBZEHibIuGIzQR6piK4%2FsIUFiIRQ1RvjkKIU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2419200
cf-ray: 7d2949e07a631c2e-FRA

GET
H2 200 fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb.jpg
avatars.steamstatic.com/ 1 KB
1 KB 61ms
7ms Image
image/jpeg 2a02:26f0:3100::1735:282a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb.jpg
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:282a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e62f61c9e156da89322f319399bcee0d2ac0b648ee6e2d9f439a0c6eed1dbf31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Wed, 23 Mar 2022 00:48:05 GMT
server: nginx
content-md5: PyQqUF196Pgxft+sCOONXQ==
etag: "0x8DA0C66CA9591A6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=313475737
server-timing: ak_p; desc="1685977262212_389359654_285043379_47_642_6_0_219";dur=1
accept-ranges: bytes
content-length: 1055
expires: Wed, 11 May 2033 19:36:39 GMT

GET
H2 200 61ecadde82e0cb8609393bf846d85c7a.jpg
www.gravatar.com/avatar/ 1 KB
1 KB 25ms
6ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gravatar.com/avatar/61ecadde82e0cb8609393bf846d85c7a.jpg?d=identicon
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 85ca605c8c930f9881b6ce5e80c499d9003c192514a7bc62fc450ca69f5ee5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/61ecadde82e0cb8609393bf846d85c7a.jpg?d=identicon>; rel="canonical"
content-length: 1129
expires: Mon, 05 Jun 2023 15:06:02 GMT

GET
H2 200 15561254-profile.jpg
gamdom.com/profile-img/ 2 KB
2 KB 20ms
18ms Image
image/jpeg 2606:4700:20::681a:904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamdom.com/profile-img/15561254-profile.jpg?0.7022235934029455

Requested by

Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11a96d20369ce8aff0c5ba9e099a85c2455c8fafa4a8b0a25bbbb157e065c20e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/landing?aff=gambonus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 768979
cf-polished: origSize=1593
cf-bgj: imgq:100,h2pri
last-modified: Sun, 19 Feb 2023 07:58:58 GMT
server: cloudflare
etag: W/"639-18668aee71b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHqD782U%2FDLzGb%2BwqPEAietqtSzwC%2FNISpt1AFIYxShUPiTeB67EULMpcD%2BjhHL58nZYzUVjlfQh0Svw8vxn3u6g6fxwzvpv5MY9BmDyF7vn1vwEcgjUTn8YlgGwNalR7lyL7p60XOA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2419200
cf-ray: 7d2949e07a641c2e-FRA

GET
H2 200 877cf8c383b8a6971a189cb75e9408d1b0e105e3.jpg
avatars.steamstatic.com/ 1 KB
1 KB 65ms
12ms Image
image/jpeg 2a02:26f0:3100::1735:282a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/877cf8c383b8a6971a189cb75e9408d1b0e105e3.jpg
Requested by: Host: gamdom.com
URL: https://gamdom.com/landing?aff=gambonus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:282a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c53c356e22ea2b18b5e471c6289c313f922972977574940a0c8e4cc79b87a69e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Fri, 11 Feb 2022 13:25:46 GMT
server: nginx
content-md5: whAHUyVshriJZJZ0BTIVIA==
etag: "0x8D9ED620337B972"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=314263516
server-timing: ak_p; desc="1685977262212_389359654_285043378_389_494_6_0_219";dur=1
accept-ranges: bytes
content-length: 1109
expires: Fri, 20 May 2033 22:26:18 GMT

GET
H2 200 contact.css
gamdom.ladesk.com/themes/contact/ascent/ Frame 5EF7 118 KB
38 KB 8ms
8ms Stylesheet
text/css 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.ladesk.com/themes/contact/ascent/contact.css?v=5.39.6.36

Requested by

Host: gamdom.ladesk.com
URL: https://gamdom.ladesk.com/scripts/generateWidget.php?v=5.39.6.36&t=1685976989&cwid=3m6a80pa&cwrt=C&cwt=onlineform&pt=Gamdom%3A%20The%20best%20casino%20portal%20for%20you%F0%9F%92%B0&ref=https%3A%2F%2Fgamdom.com%2Flanding%3Faff%3Dgambonus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

5d977d7905958e4bc06247f9584d0bb6d262d68d72d4e1b882775d6eddff004a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 1
age: 764
content-length: 38228
last-modified: Wed, 10 May 2023 11:42:14 GMT
server: nginx
etag: "1d97d-5fb555cf67180"
vary: Accept-Encoding
content-type: text/css
x-varnish: 605828819 596663136
cache-control: max-age=604800
accept-ranges: bytes
expires: Mon, 12 Jun 2023 14:48:18 GMT

GET
H2 200 bundle-61846fd0e1256e7e1bad.esm.js Show response
gamdom.ladesk.com/scripts/static/webpack/liveagent-common-bundle/ Frame 5EF7 4 KB
2 KB 7ms
7ms Script
application/javascript 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.ladesk.com/scripts/static/webpack/liveagent-common-bundle/bundle-61846fd0e1256e7e1bad.esm.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

cd7281b54cd2462d123f9d0c89c2c2003baf5ea5689ec1c8b325bb2264117c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 3
age: 1745
content-length: 1736
last-modified: Wed, 10 May 2023 11:42:06 GMT
server: nginx
etag: "ea7-5fb555c7c5f80"
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 605568980 602801715
cache-control: max-age=21600
accept-ranges: bytes
expires: Mon, 05 Jun 2023 20:31:56 GMT

GET
H2 200 stringutils-0d8c9d39169dd3fd17cd.esm.js Show response
gamdom.ladesk.com/scripts/static/webpack/liveagent-common-bundle/ Frame 5EF7 203 KB
79 KB 14ms
13ms Script
application/javascript 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.ladesk.com/scripts/static/webpack/liveagent-common-bundle/stringutils-0d8c9d39169dd3fd17cd.esm.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

067e6c8e18eca58b6ca10bd9d37127420b1ea544f2d2ccc7095f8288030d9953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 2
age: 1745
content-length: 80445
last-modified: Wed, 10 May 2023 11:42:06 GMT
server: nginx
etag: "32c32-5fb555c7c5f80"
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 605535202 602506215
cache-control: max-age=21600
accept-ranges: bytes
expires: Mon, 05 Jun 2023 20:31:56 GMT

GET
H2 200 default-contactwidget-logo.png
gamdom.ladesk.com/themes/install/_common_templates/img/ Frame 5EF7 5 KB
6 KB 10ms
8ms Image
image/png 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamdom.ladesk.com/themes/install/_common_templates/img/default-contactwidget-logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

79751345f970ff2b3b5e916ba4523b96879a6a35579448da500bcdb6fa77e690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
via: 1.1 varnish (1.lb-app.la.linode-de)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-srv: 1
age: 1423
content-length: 5388
last-modified: Wed, 10 May 2023 11:42:14 GMT
server: nginx
etag: "150c-5fb555cf67180"
vary: Accept-Encoding
content-type: image/png
x-varnish: 606768062 602934962
cache-control: max-age=604800
accept-ranges: bytes
expires: Mon, 12 Jun 2023 14:37:19 GMT

GET
H2 200 chat.css
gamdom.ladesk.com/themes/embedded_chat/ascent/ Frame D320 123 KB
23 KB 14ms
13ms Stylesheet
text/css 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.ladesk.com/themes/embedded_chat/ascent/chat.css?v=5.39.6.36

Requested by

Host: gamdom.ladesk.com
URL: https://gamdom.ladesk.com/scripts/generateWidget.php?v=5.39.6.36&t=1685976989&cwid=3m6a80pa&cwrt=C&cwt=chat&pt=Gamdom%3A%20The%20best%20casino%20portal%20for%20you%F0%9F%92%B0&ref=https%3A%2F%2Fgamdom.com%2Flanding%3Faff%3Dgambonus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

5232142368f65bcf0eb759b7a81b9337b5f169d11eaf6c7b16846ad0f3d12ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 3
age: 30
content-length: 23364
last-modified: Wed, 10 May 2023 11:42:14 GMT
server: nginx
etag: "1ed9d-5fb555cf67180"
vary: Accept-Encoding
content-type: text/css
x-varnish: 607716357 601975982
cache-control: max-age=604800
accept-ranges: bytes
expires: Mon, 12 Jun 2023 15:00:31 GMT

GET
H2 200 bundle-61846fd0e1256e7e1bad.esm.js Show response
gamdom.ladesk.com/scripts/static/webpack/liveagent-common-bundle/ Frame D320 4 KB
2 KB 14ms
14ms Script
application/javascript 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.ladesk.com/scripts/static/webpack/liveagent-common-bundle/bundle-61846fd0e1256e7e1bad.esm.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

cd7281b54cd2462d123f9d0c89c2c2003baf5ea5689ec1c8b325bb2264117c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 3
age: 1745
content-length: 1736
last-modified: Wed, 10 May 2023 11:42:06 GMT
server: nginx
etag: "ea7-5fb555c7c5f80"
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 605535207 602801715
cache-control: max-age=21600
accept-ranges: bytes
expires: Mon, 05 Jun 2023 20:31:56 GMT

GET
H2 200 stringutils-0d8c9d39169dd3fd17cd.esm.js Show response
gamdom.ladesk.com/scripts/static/webpack/liveagent-common-bundle/ Frame D320 203 KB
79 KB 15ms
15ms Script
application/javascript 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.ladesk.com/scripts/static/webpack/liveagent-common-bundle/stringutils-0d8c9d39169dd3fd17cd.esm.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

067e6c8e18eca58b6ca10bd9d37127420b1ea544f2d2ccc7095f8288030d9953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 2
age: 1745
content-length: 80445
last-modified: Wed, 10 May 2023 11:42:06 GMT
server: nginx
etag: "32c32-5fb555c7c5f80"
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 605956286 602506215
cache-control: max-age=21600
accept-ranges: bytes
expires: Mon, 05 Jun 2023 20:31:56 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ 410 KB
164 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73fcbeac0f15bb0d757c476b3f620154ac6ba5152ea55cc4c89e43cd9db55c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gamdom.com/
Origin: https://gamdom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 12:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167800
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 12:19:27 GMT

GET
H2 200 track_visit.php Show response
gamdom.ladesk.com/scripts/ 265 B
578 B 7ms
7ms Script
application/javascript 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gamdom.ladesk.com/scripts/track_visit.php?t=Y&C=Track&B=dxzcbnpqkjkgep2bf2b97z0mtb4qf&S=qemzxiv7sf5rzefrlwln0peqdnxcf&pt=Gamdom%3A%20The%20best%20casino%20portal%20for%20you%F0%9F%92%B0&url=__S__gamdom.com%2Flanding%3Faff%3Dgambonus&ref=&sr=1600x1200&ud=%7B%7D&vn=Y&ci=&jstk=Y

Requested by

Host: gamdom.ladesk.com
URL: https://gamdom.ladesk.com/scripts/track.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

3225f92afa0bec3efdad9621b27d04dce1855442a512c47605562766b794a89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 3
age: 15
content-length: 207
pragma
last-modified: Mon, 05 Jun 2023 15:00:47 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 600758209 602554673
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bus.html Show response
1-vbus-de.ladesk.com/5_39_6_36/scripts/lib/ Frame 4FB7 315 B
263 B 59ms
13ms Document
text/html 139.162.183.107
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://1-vbus-de.ladesk.com/5_39_6_36/scripts/lib/bus.html?v=5.39.6.36
Requested by: Host: gamdom.ladesk.com
URL: https://gamdom.ladesk.com/scripts/track.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.183.107 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1500-107.members.linode.com
Software: nginx /
Resource Hash: 5a4164cdbb38651f2f2d28e25101780515ff8c1072ba99d0a5761500cf306ee3

Request headers

Referer: https://gamdom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 05 Jun 2023 15:01:02 GMT
etag: W/"645b830e-13b"
last-modified: Wed, 10 May 2023 11:42:06 GMT
server: nginx

GET
H2 200 postmessage_bundle.js Show response
1-vbus-de.ladesk.com/5_39_6_36/static/webpack/js_bundle/ Frame 4FB7 2 KB
2 KB 9ms
8ms Script
application/javascript 139.162.183.107
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://1-vbus-de.ladesk.com/5_39_6_36/static/webpack/js_bundle/postmessage_bundle.js
Requested by: Host: 1-vbus-de.ladesk.com
URL: https://1-vbus-de.ladesk.com/5_39_6_36/scripts/lib/bus.html?v=5.39.6.36
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.183.107 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1500-107.members.linode.com
Software: nginx /
Resource Hash: fd217f54257ddc2df28c0866613b5e7b1cf450610240f5bf651d1c2c5267dd3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1-vbus-de.ladesk.com/5_39_6_36/scripts/lib/bus.html?v=5.39.6.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Wed, 10 May 2023 11:42:06 GMT
server: nginx
accept-ranges: bytes
etag: "645b830e-812"
content-length: 2066
content-type: application/javascript

GET
H2 200 pushstream_bundle.js Show response
1-vbus-de.ladesk.com/5_39_6_36/static/webpack/js_bundle/ Frame 4FB7 20 KB
20 KB 20ms
20ms Script
application/javascript 139.162.183.107
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://1-vbus-de.ladesk.com/5_39_6_36/static/webpack/js_bundle/pushstream_bundle.js
Requested by: Host: 1-vbus-de.ladesk.com
URL: https://1-vbus-de.ladesk.com/5_39_6_36/scripts/lib/bus.html?v=5.39.6.36
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.183.107 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1500-107.members.linode.com
Software: nginx /
Resource Hash: ab1f85d6560124d8d3d99ab7fd875a5c2ff35da42f7d9c8c138e08dd198298f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1-vbus-de.ladesk.com/5_39_6_36/scripts/lib/bus.html?v=5.39.6.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Wed, 10 May 2023 11:42:06 GMT
server: nginx
accept-ranges: bytes
etag: "645b830e-50d0"
content-length: 20688
content-type: application/javascript

GET
H2 200 bus_bundle.js Show response
1-vbus-de.ladesk.com/5_39_6_36/static/webpack/js_bundle/ Frame 4FB7 2 KB
2 KB 20ms
20ms Script
application/javascript 139.162.183.107
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://1-vbus-de.ladesk.com/5_39_6_36/static/webpack/js_bundle/bus_bundle.js
Requested by: Host: 1-vbus-de.ladesk.com
URL: https://1-vbus-de.ladesk.com/5_39_6_36/scripts/lib/bus.html?v=5.39.6.36
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.183.107 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1500-107.members.linode.com
Software: nginx /
Resource Hash: 2df69b6b5eabdfc3a041b51249904b1f2355bd5a3635be0ff03750df349fab24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1-vbus-de.ladesk.com/5_39_6_36/scripts/lib/bus.html?v=5.39.6.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Wed, 10 May 2023 11:42:06 GMT
server: nginx
accept-ranges: bytes
etag: "645b830e-8ca"
content-length: 2250
content-type: application/javascript

GET
H2 304 v2 Show response
1-vbus-de.ladesk.com/5_39_6_36/u307083_a1bb/dxzcbnpqkjkgep2bf2b97z0mtb4qf/event/lp/ Frame 4FB7 0
161 B 11ms
10ms XHR 139.162.183.107
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://1-vbus-de.ladesk.com/5_39_6_36/u307083_a1bb/dxzcbnpqkjkgep2bf2b97z0mtb4qf/event/lp/v2?channels=06bcd52773_vb_qemzxiv7sf5rzefrlwln0peqdnxcf&tag=0&time=Mon%2C%2005%20Jun%202023%2010%3A51%3A02%20GMT&eventid=&_=1685977262385
Requested by: Host: 1-vbus-de.ladesk.com
URL: https://1-vbus-de.ladesk.com/5_39_6_36/static/webpack/js_bundle/pushstream_bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.183.107 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1500-107.members.linode.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1-vbus-de.ladesk.com/5_39_6_36/scripts/lib/bus.html?v=5.39.6.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
last-modified: Mon, 05 Jun 2023 10:51:02 GMT
server: nginx
etag: W/0
content-type: application/octet-stream
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 anchor Show response
recaptcha.net/recaptcha/api2/ Frame E5EA 51 KB
29 KB 37ms
34ms Document
text/html 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfC6gwUAAAAACBACwg1szTLTt-QIoODkMpEEtOC&co=aHR0cHM6Ly9nYW1kb20uY29tOjQ0Mw..&hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&theme=light&size=normal&cb=uxetyeh4cban

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ca474daaf5a6510c65934f56cea0cd2822cacd60b73b2d1c8f693a6b690590fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jIQs-k6niZ38UzI0SwNeWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gamdom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28771
content-security-policy: script-src 'report-sample' 'nonce-jIQs-k6niZ38UzI0SwNeWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:01:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
recaptcha.net/recaptcha/api2/ Frame 9781 51 KB
28 KB 44ms
41ms Document
text/html 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c25e50ec9ceca463cf97fd0cb02ad7d7bb309f38c998d479c3388a89a458ceb1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BcyiqjniQ_F8MLFzm5Zjiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gamdom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28672
content-security-policy: script-src 'report-sample' 'nonce-BcyiqjniQ_F8MLFzm5Zjiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:01:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame E5EA 55 KB
24 KB 23ms
8ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfC6gwUAAAAACBACwg1szTLTt-QIoODkMpEEtOC&co=aHR0cHM6Ly9nYW1kb20uY29tOjQ0Mw..&hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&theme=light&size=normal&cb=uxetyeh4cban

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 13:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 13:02:11 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame E5EA 410 KB
164 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73fcbeac0f15bb0d757c476b3f620154ac6ba5152ea55cc4c89e43cd9db55c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 12:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167800
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 12:19:27 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame 9781 55 KB
24 KB 21ms
12ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 13:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 13:02:11 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame 9781 410 KB
164 KB 28ms
19ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73fcbeac0f15bb0d757c476b3f620154ac6ba5152ea55cc4c89e43cd9db55c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 12:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167800
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 12:19:27 GMT

GET
DATA 200
OK truncated
/ Frame E5EA 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E5EA 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E5EA 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 22:52:35 GMT
x-content-type-options: nosniff
age: 144507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 10 Jun 2023 22:52:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E5EA 15 KB
16 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://recaptcha.net/
Origin: https://recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 00:54:58 GMT
x-content-type-options: nosniff
age: 223564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 00:54:58 GMT

GET
DATA 200
OK truncated
/ Frame 9781 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9781 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9781 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 22:52:35 GMT
x-content-type-options: nosniff
age: 144507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 10 Jun 2023 22:52:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9781 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://recaptcha.net/
Origin: https://recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 00:54:58 GMT
x-content-type-options: nosniff
age: 223564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 00:54:58 GMT

GET
H3 200 webworker.js
recaptcha.net/recaptcha/api2/ Frame E5EA 102 B
134 B 17ms
17ms Other
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1daa7d28de3f07e56e24af825644bef76478ce3c720de872e4e1dd5b386107c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfC6gwUAAAAACBACwg1szTLTt-QIoODkMpEEtOC&co=aHR0cHM6Ly9nYW1kb20uY29tOjQ0Mw..&hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&theme=light&size=normal&cb=uxetyeh4cban
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 05 Jun 2023 15:01:02 GMT

GET
H3 200 webworker.js
recaptcha.net/recaptcha/api2/ Frame 9781 102 B
134 B 16ms
15ms Other
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1daa7d28de3f07e56e24af825644bef76478ce3c720de872e4e1dd5b386107c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfC6gwUAAAAACBACwg1szTLTt-QIoODkMpEEtOC&co=aHR0cHM6Ly9nYW1kb20uY29tOjQ0Mw..&hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&theme=light&size=normal&cb=8u2wk147ln5w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 05 Jun 2023 15:01:02 GMT

GET
H3 200 bframe Show response
recaptcha.net/recaptcha/api2/ Frame 9533 7 KB
1 KB 17ms
16ms Document
text/html 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LfC6gwUAAAAACBACwg1szTLTt-QIoODkMpEEtOC

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2962a9bb848303cd91a40a7a20ffc0629b4f25b1811bf36abc07dbbe419f9491

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-i2DuWq0bnUz4s3-G8O9flw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gamdom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1153
content-security-policy: script-src 'report-sample' 'nonce-i2DuWq0bnUz4s3-G8O9flw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:01:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
recaptcha.net/recaptcha/api2/ Frame 842E 7 KB
1 KB 22ms
21ms Document
text/html 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LfC6gwUAAAAACBACwg1szTLTt-QIoODkMpEEtOC

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

69d2e884b4aca988ee3d9ddcc428b502810d52ef0cb1751f1c39b11e22746d42

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2BbPV6p_MIvfJGwpkmu3Xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gamdom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1157
content-security-policy: script-src 'report-sample' 'nonce-2BbPV6p_MIvfJGwpkmu3Xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:01:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame 9533 55 KB
24 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LfC6gwUAAAAACBACwg1szTLTt-QIoODkMpEEtOC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 13:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 13:02:11 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame 9533 410 KB
164 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LfC6gwUAAAAACBACwg1szTLTt-QIoODkMpEEtOC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73fcbeac0f15bb0d757c476b3f620154ac6ba5152ea55cc4c89e43cd9db55c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 12:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167800
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 12:19:27 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame 842E 55 KB
24 KB 8ms
6ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LfC6gwUAAAAACBACwg1szTLTt-QIoODkMpEEtOC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 13:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 13:02:11 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame 842E 410 KB
164 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LfC6gwUAAAAACBACwg1szTLTt-QIoODkMpEEtOC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73fcbeac0f15bb0d757c476b3f620154ac6ba5152ea55cc4c89e43cd9db55c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 12:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167800
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 12:19:27 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RS5ERP3G6V&gtm=45je35v0&_p=2062854858&cid=238029606.1685977261&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1685977261&sct=1&seg=0&dl=https%3A%2F%2Fgamdom.com%2Flanding%3Faff%3Dgambonus&dt=Gamdom%3A%20The%20best%20casino%20portal%20for%20you%F0%9F%92%B0&en=scroll&epn.percent_scrolled=90&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RS5ERP3G6V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gamdom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:01:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gamdom.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Domain: sync.1dmp.io
URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=4053075202590399395

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

84 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vandaquad-essing.icu/	1970-01-20 12:21:03	Name: 913cd5d5-30b8-4e3c-82b6-7dbe4bab55e8-v4 Value: nUl-Il7ui5g6ywfRVGcofvlw78GdwNOdSFwhS6N6fJ0
.vandaquad-essing.icu/	1970-01-20 21:05:13	Name: cc-v4 Value: VIesNkA918Qo04kV1pPI%2BADqVP5pjdW%2BVhBPlH1nJdDQQNknPJXqh81wQpeqWOd2seT7ltP0D7MdoqRBK0ZFLQ4NPAMtsBecbbMoOm6bwtIU5Qfvom24X3Gqehzfvc7uh0qENw44liJFFlmyMJw99A%3D%3D
gamdom.com/	1970-01-20 13:02:49	Name: aff Value: gambonus
.onesignal.com/	1970-01-20 12:19:39	Name: __cf_bm Value: u1qPmzVpqpnY7hMJ3QnQBq2AAyyIdnLNwYulh5TgcIQ-1685977261-0-AQFJJoF+fJbfVXccVqPBxTKEWKWtFS6GapPS6kCB0sDiqHlmkS840L93lr/1LuqaN1Cy8D6WLaIVEfHBOBrJXe8=
.gamdom.com/	1970-01-20 12:21:03	Name: _gid Value: GA1.2.297152265.1685977261
.gamdom.com/	1970-01-20 14:29:13	Name: _fbp Value: fb.1.1685977261549.2137978100
.gamdom.com/	1970-01-20 21:55:37	Name: _ga Value: GA1.1.238029606.1685977261
.gamdom.com/	1970-01-20 21:55:37	Name: _ga_RS5ERP3G6V Value: GS1.1.1685977261.1.0.1685977261.0.0.0
.adform.net/	1970-01-20 13:02:49	Name: C Value: 1
.gamdom.com/	1970-01-20 12:19:37	Name: _gat Value: 1
gamdom.com/	1970-01-20 13:02:49	Name: adformfrpid Value: 7195505661094981104
.adform.net/	1970-01-20 13:46:01	Name: uid Value: 4053075202590399395
.adform.net/	1970-01-20 12:21:03	Name: CM Value: 1\|1
.adform.net/	1970-01-20 12:39:46	Name: CM14 Value: 1686063662_1685977262_1_Hu7u4e4e4R7u7u4REREeERERERHhEQ
.seadform.net/	1970-01-20 13:46:01	Name: uid Value: 4053075202590399395
gamdom.com/	1970-01-20 12:21:03	Name: LaVisitorNew Value: Y
.gamdom.com/	1969-12-31 23:59:59	Name: LaVisitorId_Z2FtZG9tLmxhZGVzay5jb20v Value: dxzcbnpqkjkgep2bf2b97z0mtb4qf
gamdom.com/	1969-12-31 23:59:59	Name: LaSID Value: qemzxiv7sf5rzefrlwln0peqdnxcf
.adscale.de/	1970-01-20 21:01:53	Name: uu Value: 3da41c7921944e50ba225e420a914228
.adscale.de/	1970-01-20 21:01:53	Name: cct Value: 1685977262091
.yahoo.com/	1970-01-20 21:05:34	Name: A3 Value: d=AQABBK74fWQCEKiAcKMXmA9TRGWrxtmkzUgFEgEBAQFKf2SHZOANyiMA_eMAAA&S=AQAAAoYgQWdEKT_clu6NN7VSphs
.eyeota.net/	1970-01-20 12:19:37	Name: SERVERID Value: 18244~DM
.semasio.net/	1970-01-20 21:05:13	Name: SEUNCY Value: BE2DDC6C778CDB6B
.casalemedia.com/	1970-01-20 21:05:13	Name: CMID Value: ZH34rvT7sHw-T8zD3pWySgAA
.casalemedia.com/	1970-01-20 14:29:13	Name: CMPS Value: 5128
.casalemedia.com/	1970-01-20 14:29:13	Name: CMPRO Value: 5128
.analytics.yahoo.com/	1970-01-20 21:05:13	Name: IDSYNC Value: 1760~2c1r
.ih.adscale.de/	1970-01-20 21:01:53	Name: tu Value: 4#1032998311#42~4053075202590399395~468327~0~0
.360yield.com/	1970-01-20 14:29:13	Name: tuuid Value: 970203bd-4940-4699-8b55-1c086d5442d1
.360yield.com/	1970-01-20 14:29:13	Name: tuuid_lu Value: 1685977262
.bidswitch.net/	1970-01-20 21:05:13	Name: tuuid Value: cfde37e4-2521-4698-9436-d37f27eca760
.bidswitch.net/	1970-01-20 21:05:13	Name: c Value: 1685977262
.bidswitch.net/	1970-01-20 21:05:13	Name: tuuid_lu Value: 1685977262
.exelator.com/	1970-01-20 15:12:25	Name: EE Value: "fa4da568e1a33a143a0d6642ee8fff03"
.360yield.com/	1970-01-20 14:29:13	Name: um Value: !42,ndKN7sCGSsfueu7RMOdDTI.Q4YTMrDC1suJyewDcxivA,1687186862
.360yield.com/	1970-01-20 14:29:13	Name: umeh Value: !42,0,1748185262,-1
cm.adsafety.net/	1970-01-20 21:05:13	Name: UID Value: CM12023060515b1d2e50440f74f285e6
.adsafety.net/	1970-01-20 21:05:13	Name: cm_uid Value: CM12023060515b1d2e50440f74f285e6
.onaudience.com/	1970-01-20 21:05:13	Name: cookie Value: 5e9ccac5ec0786de
.onaudience.com/	1970-01-20 12:21:03	Name: done_redirects147 Value: 1
.exelator.com/	1970-01-20 15:12:25	Name: ud Value: "eJxrXxzq6XKLQSEt0SQl0dTMItUw0dg40dDEONEgxczMxCg11SItLc3AeHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQZEl%252BUWb6IhfXxUUpaQyLSopPBR9x4wIAv%252BUp%252Fg%253D%253D"
tags.adsafety.net/	1970-01-20 21:05:13	Name: UID Value: d451c96dd89e4c2cd1488ce3a67f582d
tags.adsafety.net/	1970-01-20 21:05:13	Name: DID Value: d451c96dd89e4c2cd1488ce3a67f582d
tags.adsafety.net/	1970-01-20 21:05:13	Name: IDT Value: 100
tags.adsafety.net/	1970-01-20 21:05:13	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 13:02:49	Name: block_reset Value: 1
.adsafety.net/	1970-01-20 21:05:13	Name: ct_uid Value: d451c96dd89e4c2cd1488ce3a67f582d
.adsafety.net/	1970-01-20 21:05:13	Name: ct_did Value: d451c96dd89e4c2cd1488ce3a67f582d
.adsafety.net/	1970-01-20 21:05:13	Name: ct_idt Value: 100
cm.adsafety.net/	1970-01-20 21:05:13	Name: permanent Value: 1
.doubleclick.net/	1970-01-20 21:41:13	Name: IDE Value: AHWqTUkr4cTd1GX8GoHBHPVwHIkoRMB_F0S44Fje1c1JD6QGJs3Ybt5uU4NjEDqMG0c
.adnxs.com/	1970-01-20 14:29:13	Name: uuid2 Value: 97745794322382554
.krxd.net/	1970-01-20 16:38:49	Name: _kuid_ Value: PmOnGr4_
ads.smartstream.tv/	1970-01-20 21:05:13	Name: DID Value: d451c96dd89e4c2cd1488ce3a67f582d
ads.smartstream.tv/	1970-01-20 21:05:13	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 21:05:13	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 13:02:49	Name: cm_uid Value: CM12023060515b1d2e50440f74f285e6
.adnxs.com/	1970-01-20 14:29:13	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2E?diNQwi!]tbPl1M66+q([OUez@y[Rm$g[OHft[QT3RZ8>Ks[TL-.ma[Yo3If)y3KL9D3I?-40pdG?
.pubmatic.com/	1970-01-20 13:02:49	Name: KRTBCOOKIE_391 Value: 22924-4053075202590399395&KRTB&23263-4053075202590399395&KRTB&23481-4053075202590399395
.pubmatic.com/	1970-01-20 13:02:49	Name: PugT Value: 1685977262
cm.adsafety.net/	1970-01-20 21:05:13	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlad3dMUVN1VkdsNEZrb0tPVVd3dW8wb2R4ZWtUemtCRUUxbytTektvTHZGaVpld0M1YW80azZvVzNNNU14SGFtZ0J1OURaUFpTd1Brc2JKSmNrendxRFhDQ1NKMUV6NXFqaE1rektCb3F0ZzQ3dmpaWk03ZGpBZ0w3Sk15dU9oQ29icUNWcjR5QXFhcVVTRXYxbmFwMTRBMWZjVktGejUyVFZVdk8wWnp0TEgrYTI2M0dsS3UxMm1scHd0MU1LNVJ1ejd3bFFkajdicmxwYW9Kbm9Ea1JIQit6cHhGak40WXEwSDhITFI5ZWxZd3lBLzZVTjdNVTFxY3hleTRoWVg2Mndaem5XejFwMkppK1htWkFQT01KcDMrWW53Z0JONlVUMlZIaFRwN1RybTV1QjhQUkVhV1ZnakIzZlZEMGR0Z3BlZy9ZcU1uNGZPM3pwSFhOQnlzNEREVGtyaFdYV3BoWTF6alU1dFpBV0hybDhEUTBRempvNE1YY2xkY1kzaHp3ekhqS2FZVGFoS0pzNkdpd01SUGxDdUZGU3pDVCtadWFhRWpDUzZBc0l0bzNvViswQllzS1NFOGpXSlloY0tQZDRHc0hIMzdpRmpsUXMrdk1UdURHTmtGbTlhblNmT0Jsai93WTdBbWY5ejZyNHF3d3B5TTFBWkFrSDNXZGVMeCtBNGtDTytodjVJWEUvVUFuL3g3L1Iyd2JJZWFaSE8wendxZHFNNm05Z0ZVdVNNMU9ueEI5eHdDVks4SjJrNWw1WG5NTCswZVhtNjh1Ri9VOVFXdytVV0REQ3FhRWtYcUtacUc1Nm8wL0tNaEh0NXhlRlBTTm56eW5iUS81R0JHVzhCOW5DbGpuVDJGT21hUEt4MGVCRHhvMGZSRFBFZ2lnSWVMUEorOXRjeDhGTnZ4TGFEK1h0N1RVOHNWa1E0Y3doa1JCMGRpbndqL0ZFZkpaajRyTnBtRjlXalkwanJVRGxpS0s3aDF1NzRrSnlLWE91K2hFamJwRzVOVGZhV3RPVzhXOTVXbnRQd3d5SWlCVG9FKzRjY3hUVTh4cFN2Z2hCdjYrMHh6SGN4S1ZHcjlvd1pUVEgvNWJPR2ptSTFqWlE9PQ%3D%3D
.agkn.com/	1970-01-20 21:05:13	Name: ab Value: 0001%3AO3tCHXAJMNNyuFE8nkAEsP4czqvYah2n
.adfarm1.adition.com/	1970-01-20 14:29:13	Name: UserID1 Value: 7241217202109085843
.w55c.net/	1970-01-20 21:49:51	Name: wfivefivec Value: KlmGDjhY1Q6bHE5
.w55c.net/	1970-01-20 13:02:49	Name: matchadform Value: 5
.mathtag.com/	1970-01-20 21:45:32	Name: uuid Value: 2346647d-f8ae-4d00-9800-9fb82dc9abe7
.bluekai.com/	1970-01-20 16:43:08	Name: bku Value: aG/99vfT4VxhICLv
.bluekai.com/	1970-01-20 16:43:08	Name: bkpa Value: KJy9/Qe5d02pSUHknp1p1p90wtkAwExyBE1yBpD01e/NmE9pmEApmEDe9Jp3YeQ=
.demdex.net/	1970-01-20 16:38:49	Name: demdex Value: 31393523061328647890286840279974433523
.id5-sync.com/	1970-01-20 12:19:37	Name: cf Value:
.id5-sync.com/	1970-01-20 12:19:37	Name: cip Value:
.id5-sync.com/	1970-01-20 12:19:37	Name: cnac Value:
.id5-sync.com/	1970-01-20 12:19:37	Name: car Value:
.id5-sync.com/	1970-01-20 12:19:37	Name: gdpr Value:
.id5-sync.com/	1970-01-20 12:19:37	Name: callback Value:
.dpm.demdex.net/	1970-01-20 16:38:49	Name: dpm Value: 31393523061328647890286840279974433523
.weborama.fr/	1970-01-20 21:45:32	Name: AFFICHE_W Value: 4hdnVrgvHr7i10
.tapad.com/	1970-01-20 13:46:01	Name: TapAd_TS Value: 1685977262622
.tapad.com/	1970-01-20 13:46:01	Name: TapAd_DID Value: 6f7bb70a-7040-4fa4-9f98-05f9eabfa4ed
.tapad.com/	1970-01-20 13:46:01	Name: TapAd_3WAY_SYNCS Value:
.e-volution.ai/	1970-01-20 12:39:46	Name: v_usr Value: b0fe6c88-37ab-4c26-8662-a8f8457092da
.audrte.com/	1970-01-20 12:41:13	Name: arcki2 Value: c59KShY-UKwSHSETXYiXNkwrQ!20220908!1685977262716!ip#146.70.117.119
.audrte.com/	1970-01-20 12:41:13	Name: arcki2_adform Value: 4053075202590399395!20220908!1685977262719
.audrte.com/	1970-01-20 12:41:13	Name: arcki2_ddp2 Value: c59KShY-UKwSHSETXYiXNkwrQ!20220908!1685977262855

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://gamdom.com/landing?aff=gambonus Message: Refused to load the script 'https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' https://cdn.onesignal.com https://onesignal.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googleadservices.com https://recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://hcaptcha.com/ https://newassets.hcaptcha.com/ https://.doubleclick.net https://connect.facebook.net https://cdn.seon.io https://mc.yandex.ru/metrika/ http://bat.bing.com/bat.js https://bat.bing.com/p/ https://mc.yandex.ru/metrika/ https://apis.google.com https://s2.adform.net/ https://track.adform.net/ https://.ladesk.com https://t.gamdom.com https://js-agent.newrelic.com https://.newrelic.com https://.nr-assets.net https://.nr-ext.net https://.nr-data.net". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=4053075202590399395 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=4053075202590399395/gdpr=/gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1-vbus-de.ladesk.com
a.audrte.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
api.adrtx.net
avatars.steamstatic.com
beacon.krxd.net
c1.adform.net
cdn.onesignal.com
cdn.seon.io
ce.lijit.com
cm.adsafety.net
cm.g.doubleclick.net
connect.facebook.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
fonts.gstatic.com
gamdom.com
gamdom.ladesk.com
global.ib-ibi.com
i18n.gamekingdom1.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
pdw-adf.userreport.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
recaptcha.net
redirect.frontend.weborama.fr
region1.google-analytics.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
server.seadform.net
simage2.pubmatic.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.1dmp.io
sync.crwdcntrl.net
sync.e-volution.ai
sync.teads.tv
tags.adsafety.net
tags.bluekai.com
token.rubiconproject.com
track.adform.net
uipglob.semasio.net
ups.analytics.yahoo.com
vandaquad-essing.icu
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gravatar.com
www.gstatic.com
x.bidswitch.net
static.cloudflareinsights.com
sync.1dmp.io
108.138.51.104
108.138.51.65
109.206.161.21
139.162.147.24
139.162.183.107
141.94.171.213
141.95.98.64
142.250.181.226
15.197.193.217
172.104.238.149
18.194.199.66
18.195.123.247
18.196.218.213
18.196.84.192
185.64.191.210
185.80.39.216
185.86.138.151
185.89.210.180
185.89.210.212
193.135.9.129
193.135.9.135
2.16.238.158
2.18.161.51
2.18.233.201
2.23.197.190
2001:4860:4802:34::36
216.46.185.182
216.52.2.39
23.215.16.120
2600:9000:26df:c00:1b:5138:8a40:93a1
2606:4700:20::681a:904
2606:4700:3034::6815:4a0a
2606:4700::6812:d63b
2a00:1450:4001:802::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:811::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c0c::9a
2a02:26f0:3100::1735:282a
2a02:6ea0:c700::18
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:fa87:fffe::c000:4902
3.126.192.167
3.75.62.37
34.111.113.62
34.254.17.98
34.98.64.218
35.190.24.218
35.244.174.68
37.157.3.20
37.157.6.235
37.157.6.243
37.157.6.254
46.19.11.36
52.18.254.139
52.218.53.242
52.44.244.58
52.51.186.199
52.57.150.20
54.171.9.188
54.229.82.2
54.78.254.47
69.173.144.138
69.173.144.165
76.223.111.18
77.243.51.121
77.243.51.122
85.114.159.118
03b95b741cdcf7b3511ee06c0179eb6952b05ffb28da5227550c9d8666f0ebe8
044b569f725b0d2ae58176e9c2cec99ca2c3440754eda67c1cb827561ef8c940
05cbe53ba88d5cef4a6f68b019773af1e55ce6ac10673ee1bc130491348bbe41
067e6c8e18eca58b6ca10bd9d37127420b1ea544f2d2ccc7095f8288030d9953
078bf9ddac25291533d23802af3a3b4563617ed2fc4cb4a7f0cc652460cf4b16
0911ac012c38789081203a5c384516edd107413aa11187cf52f5013dc662f668
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0caf64bbe8954fe9c2166955ec4e1842b2f0780fb0cbb76ed7d60ea0dc59dddd
0d7141b7ff760ed10747535340f4a8b7014453ac7244289d4822b9fc6f106164
11a96d20369ce8aff0c5ba9e099a85c2455c8fafa4a8b0a25bbbb157e065c20e
13e4891ce8d9adc84f40b8d404627062ba7ddbfd83c9e829f573460b2ea4ed0d
16132d1387c36a8233dc36c504aa0ae58f00b2e62b421aea86321904a008b434
18b8e639e8cb8181661fe075c7920130c6d336a3ae7e184a392dabf26d57f3e5
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
19efed7fb4843ff96f4b08a18838d9ce278061ce905d7ceb1d9a8aea0c50ff57
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c8e5dde45892e9b1c19bf402421c6c5c9e1192deedd1a818cef03292eee5e19
1daa7d28de3f07e56e24af825644bef76478ce3c720de872e4e1dd5b386107c6
20d2d086aa1ae4d8c5ab5ca29a7d12c87e1d77130ad7477f327b3434bf823cfc
21c1a9743d7290fe17ac1abf7dc8b5892c6e3e18f8856971d6780787bad23356
2460e7d971913f38b2c6d743938b519c930b305105661a5f6dbcac33b149a626
2962a9bb848303cd91a40a7a20ffc0629b4f25b1811bf36abc07dbbe419f9491
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2df69b6b5eabdfc3a041b51249904b1f2355bd5a3635be0ff03750df349fab24
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3225f92afa0bec3efdad9621b27d04dce1855442a512c47605562766b794a89d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3452960aa7cee81c4f1fe8b79cb95709d89948341d46835cb6ca2dcb35198ddb
365971a7a80fd9573f5fb6d0b630e1ae9ff28014158aa4db26bbc28d73427fb5
39ed2654263b00cdd829f25679dd0b8525ee73339ea8957efcea2f17544745f6
3dfb95eaeb18086473a41120e4111c3f2b8b3011fb3e2433e783944570f12eee
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40da8a90ff4ff719ebae6fdb87e79d736f9d69da5cd9536ee8d79587200959ba
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
444a364a84d00d67705ae0712a6a3a7649e1d8ae9c162dc131b94f0d00745a9b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d4bf7278a96ffeabacf4807d88579f46ff4f35b60b69fc7f4e0928a4320f14e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb2280ede9113429eeb96e346ca57d1590f7bb7104cf26a0e9800b6ce631ec8
4ff02bf75ec57a1b5aec924c8c94af3ccbeaca5a90de55130c4c1f91bab209c8
5232142368f65bcf0eb759b7a81b9337b5f169d11eaf6c7b16846ad0f3d12ca1
529f590d096697db37caaba18a93ef5993b31c3015c05601ff0a5f8255042017
52a75caa35647e0df631d66ee87e546cc6d74f686011379a4e7f5b2b64d40c6f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5658aac794f03ecc79cd9ae0672397575a1c73fde72cd0e770ef6f2476cac581
58ceb5847ce5c64dcba0053cad4cd1c9265835ff7dcf1065062465fc45ecf012
5a4164cdbb38651f2f2d28e25101780515ff8c1072ba99d0a5761500cf306ee3
5d977d7905958e4bc06247f9584d0bb6d262d68d72d4e1b882775d6eddff004a
6073bcaefa43a81b6d7a832d480b7673ba0f38dd5c80eddd1278416df8da4937
622791d98030522c9125de05c07280e5adf7201f98613a892ddb0e5ae55b1e7d
69d2e884b4aca988ee3d9ddcc428b502810d52ef0cb1751f1c39b11e22746d42
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f7e429db10238f79f058009b8c72be7cab684d12c06a65334c13188e28c11a1
73fcbeac0f15bb0d757c476b3f620154ac6ba5152ea55cc4c89e43cd9db55c46
7582342d6f92a98eee0f689116560a64a5061af4a250aa78e5d89e395b2aaab5
79751345f970ff2b3b5e916ba4523b96879a6a35579448da500bcdb6fa77e690
7d4a9328f1890ba135568eac01324dd98dd07b65c7269309cc4f99b639559f25
7f1ae647bff124aa7c070eb8e5df1ce89e23eb8ce75d7e4d09f91468735e85fd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85ca605c8c930f9881b6ce5e80c499d9003c192514a7bc62fc450ca69f5ee5aa
8699c20b7ad19bfbcb8f160d6c89660364e4709f5e7aade572baffee90035749
8748f760613f67b4cd757e8968881fb7144ccd66899440cd1e3c4f56dfb81465
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a4cbee85386ff502c3c74da86651786678b71421ca9ce839bcbba2b746e9363
8c8acf4fc00029b86ace39653251217ba6624b8532d7e4d259307101381ba9b6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dfe026897c931e343476be605ac893879ff8fb8a026ec500449fc8f35f3229f
913e492733c51f0675d3fc0c310f94d0bd0797b65b14247d24ce3c61a98a0fc8
92ae53013ef7847944fab3be1bda211fc26e5fbf00d3571e4e3218fb98e661e1
9419c81229c834c1fd5e5b2f1c3f19fa890120087ec9b3553b79afd9d7d94401
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
96d3227925387d34e764a4dafc7b464d0ddfef3761c36b36f58653b43fe65154
971baba73ac5f1a603656192da830dd079e4709703b3f87112abac56efadb41c
9808af48cdc6e93052b683e5e26c95200d030262dd38e0eaa4db1bc3a297047e
98f2a51345d36d523d8d2846323592ce69f6e12b58dbf6799621a38f42508a51
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9af717df07f942d150dee3693ed93e859a7d6b31f53b6ac5b20d189e7dfa7363
9bf9ae937702eada624369938c6c472a17fb7fb464414c6c371013d6b993338a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2f14911f89e0bb8051e78d0a1e50ea0d3297f663b7a0b29b52e536b6e062c37
a7ef4f8ae8b30038bf0a62295af2d1c28cb3116abefa865da8c2fd807319dc7f
ab1f85d6560124d8d3d99ab7fd875a5c2ff35da42f7d9c8c138e08dd198298f2
ad3236d5d8cf39e8df758ecf8dc427e28362d37b7ef34ec4b16f68f805d6743e
b04852a10d8572ee970ad182fdfae79570e2637496cb05b23f77f99dacf4ac4b
b144222dc5424c318a7eff2071a7563fd2874ef11c3a78a58c38cf91f79331f5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e46b0dffb06a3eba25b21823f0445a2a941f47ecf0637c728dc04380fed0e6
b42bdda4f9a6473258d8f8fc5713b0095642ee1788890f184bb86064a7bd2edd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be74907a6839278790020a02cd6ac6f87a6a924bd63b1b96b3dcab60bb18be86
c06c1adce0b0c9511fce2b632ff5fd46dbf07e4d6660afd32978af959c13030a
c25e50ec9ceca463cf97fd0cb02ad7d7bb309f38c998d479c3388a89a458ceb1
c2a6a76f8179bacb5039a315f686aeeca6076d863723c794524e8f08d1028e08
c2f25a7bf800eb10552df2f5656296a0e97775604e69a65e5a0c21d0919b653c
c53c356e22ea2b18b5e471c6289c313f922972977574940a0c8e4cc79b87a69e
c55af55a567fe84ee897f827f6f2d30a04fb7d9b660f1b7df3656f817388a07d
c5cc8506f51c4638627e8a1a89b1350a2de99d8f6f25b3e57b6a147e8764dc3c
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
ca0a364b96c65386b92971068158b1cacce00d0e3a5df58307785435860d8fb5
ca474daaf5a6510c65934f56cea0cd2822cacd60b73b2d1c8f693a6b690590fa
cd7281b54cd2462d123f9d0c89c2c2003baf5ea5689ec1c8b325bb2264117c36
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfaf9cf86536eb18a5c251c902a389d83857717973051fd5cbd7821923aacf3a
d85f0f149b4390bed6624bc30ca2cbfa37d394f14474fcf81d63363ad363e284
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de5e3543671db290f8fecc89bbdd7642151749d9023bec42c95d4b65ea0f74fe
e3a7e4e82abb960904e70822100795cc6e096974d2d6fe59852f279c1a7d2c3d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62f61c9e156da89322f319399bcee0d2ac0b648ee6e2d9f439a0c6eed1dbf31
e722cd82c235daac3e5ebcfb142a12ecfdf0c18a447a57bdbada2b20c36986b2
e74beacebb644eae0c6173c992cf663df7540d249ae77d7c7b8689a281eed5cf
e7a5cd0f55f3a161625b68dd42b680869dfbdc376206950a6b41816a087c93d8
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ea8091f1b4d78f9f776df4d465c763a4a8ca335c398c13125cd062fb53f42afd
eca645137755374a37afa99a00442a8ae6093f2a06cb607ce435710246ab7508
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c260bd1e05c979654ae89c36a8c3d48c6a0e0ca210d10973acf29a66a91c09
f2035ef8e72e0a66b659bed334802ec9e302804131ad5798b154dae6c956cc35
f25d6a97aa8ec7190c3d06cddbc23757324a675adf762cbce82e2c37a4b592b8
f34c694b10f5939b382d594c98846b5a2cdf34b185ea846a359fe8e7aa247aff
f87f3a6288bd7c1114057eaf64eb5dd8038f82c3cfd03370b52a40dc655d9257
fab183fba3de6f1ca5d7fd23bbf5789956e447495912bf68cb1ed1bc0dc506bc
fd217f54257ddc2df28c0866613b5e7b1cf450610240f5bf651d1c2c5267dd3c
fd5b8d3e61bf672372750e4da62ba0d8f761d25a0c3fe845d2d99d1f9ecf7b8f
fdbb0f64c0c5216e450e15cb878fbe4e25d3432e49756fa8d22c5e37b0118465
febedcd765d78b7df0d24ee0e42961c808119f67ab78e0117004f8fc8faf360b

gamdom.com Open in urlscan Pro 2606:4700:20::681a:904 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

166 Requests

85 %HTTPS

25 %IPv6

63 Domains

75 Subdomains

55 IPs

9 Countries

3501 kBTransfer

9260 kBSize

84 Cookies

1 Outgoing links

Page URL History

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gamdom.com Open in urlscan Pro
2606:4700:20::681a:904 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

85 %
HTTPS

25 %
IPv6

63
Domains

75
Subdomains

55
IPs

9
Countries

3501 kB
Transfer

9260 kB
Size

84
Cookies

166 HTTP transactions
15 data transactions