www.merlininkazani.com Open in urlscan Pro
192.124.249.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.merlininkazani.com/
Effective URL:
https://www.merlininkazani.com/
Submission: On October 21 via api (October 21st 2023, 12:46:54 am UTC) from US — Scanned from DE

Summary HTTP 115 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 28 domains to perform 115 HTTP transactions. The main IP is 192.124.249.27, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is www.merlininkazani.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on April 8th 2023. Valid for: a year.

This is the only time www.merlininkazani.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	192.124.249.27 192.124.249.27	30148 (SUCURI-SEC) (SUCURI-SEC)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:68e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1	184.30.21.51 184.30.21.51	16625 (AKAMAI-AS) (AKAMAI-AS)
23	104.22.69.131 104.22.69.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	162.55.101.208 162.55.101.208	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 3	168.119.72.236 168.119.72.236	24940 (HETZNER-AS) (HETZNER-AS)
1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
4 4	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	188.42.34.64 188.42.34.64	7979 (SERVERS-COM) (SERVERS-COM)
1	8.2.110.114 8.2.110.114	46636 (NATCOWEB) (NATCOWEB)
1	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
2 2	2a02:2638:3::6 2a02:2638:3::6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	3.126.125.13 3.126.125.13	() ()
2 2	3.122.23.32 3.122.23.32	() ()
1 1	95.101.54.217 95.101.54.217	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.120.99.213 3.120.99.213	16509 (AMAZON-02) (AMAZON-02)
4 8	2a02:6b8::1:119 2a02:6b8::1:119	() ()
115	28

27 192.124.249.27 (Menifee, United States) 1 redirects

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10027.sucuri.net

www.merlininkazani.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.publisher-network.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:68e (United States)

ASN13335 (CLOUDFLARENET, US)

protagcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adx.protagcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)

prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csync.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 162.55.101.208 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.208.101.55.162.clients.your-server.de

shb.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 168.119.72.236 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.236.72.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.48 (New York, United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.174.117 (United Kingdom) 4 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.34.64 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)

us.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::6 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

ssp-sync.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.125.13 (None, ) 2 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.23.32 (None, ) 2 redirects

ASN- ()

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.54.217 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-217.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.99.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-99-213.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (None, ) 4 redirects

ASN- ()

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	merlininkazani.com 1 redirects www.merlininkazani.com	592 KB
23	smilewanted.com prebid.smilewanted.com — Cisco Umbrella Rank: 6260 csync.smilewanted.com — Cisco Umbrella Rank: 2991 static.smilewanted.com — Cisco Umbrella Rank: 10113	17 KB
20	richaudience.com 1 redirects shb.richaudience.com — Cisco Umbrella Rank: 4325 sync.richaudience.com — Cisco Umbrella Rank: 2114	5 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 85	1 MB
7	gstatic.com fonts.gstatic.com www.gstatic.com	232 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 405 jnn-pa.googleapis.com — Cisco Umbrella Rank: 237 fonts.googleapis.com — Cisco Umbrella Rank: 49	66 KB
5	yandex.com 3 redirects mc.yandex.com	3 KB
5	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 static.doubleclick.net — Cisco Umbrella Rank: 304	163 KB
4	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1474 www.google.com — Cisco Umbrella Rank: 2	117 KB
3	yandex.ru 1 redirects mc.yandex.ru	70 KB
3	bidswitch.net 2 redirects x.bidswitch.net	2 KB
3	criteo.com 3 redirects ssp-sync.criteo.com — Cisco Umbrella Rank: 1344 dis.criteo.com — Cisco Umbrella Rank: 648	2 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 649	2 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1822	1 KB
2	adform.net adx.adform.net — Cisco Umbrella Rank: 4617 cm.adform.net — Cisco Umbrella Rank: 1279	643 B
2	protagcdn.com protagcdn.com — Cisco Umbrella Rank: 98038 adx.protagcdn.com — Cisco Umbrella Rank: 253761	188 KB
2	publisher-network.com www.publisher-network.com	2 KB
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 621
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 620	616 B
1	ck-ie.com us.ck-ie.com — Cisco Umbrella Rank: 3356
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	481 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1024	434 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 754
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 913
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 224	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 104	4 KB
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1558	386 B
115	28

	Domain	Requested by
27	www.merlininkazani.com	1 redirects www.merlininkazani.com
17	shb.richaudience.com	protagcdn.com
17	prebid.smilewanted.com	protagcdn.com
8	www.youtube.com	www.merlininkazani.com www.youtube.com
5	mc.yandex.com	3 redirects
5	csync.smilewanted.com	protagcdn.com csync.smilewanted.com
5	fonts.gstatic.com	www.youtube.com fonts.googleapis.com www.merlininkazani.com
4	jnn-pa.googleapis.com	www.youtube.com
3	mc.yandex.ru	1 redirects www.merlininkazani.com
3	x.bidswitch.net	2 redirects csync.smilewanted.com
3	sync.1rx.io	3 redirects
3	sync.richaudience.com	1 redirects protagcdn.com csync.smilewanted.com
3	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
2	rtb.mfadsrvr.com	2 redirects
2	ssp-sync.criteo.com	2 redirects
2	ads.betweendigital.com	2 redirects
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	securepubads.g.doubleclick.net	protagcdn.com securepubads.g.doubleclick.net
2	www.publisher-network.com	www.merlininkazani.com protagcdn.com
1	match.sharethrough.com	csync.smilewanted.com
1	ads.stickyadstv.com	1 redirects
1	dis.criteo.com	1 redirects
1	cm.adform.net	csync.smilewanted.com
1	us.ck-ie.com	csync.smilewanted.com
1	sync.targeting.unrulymedia.com	1 redirects
1	ad.turn.com	1 redirects
1	ap.lijit.com	csync.smilewanted.com
1	onetag-sys.com	csync.smilewanted.com
1	static.smilewanted.com	csync.smilewanted.com
1	fonts.googleapis.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	a.teads.tv	protagcdn.com
1	adx.adform.net	protagcdn.com
1	static.doubleclick.net	www.youtube.com
1	adx.protagcdn.com	protagcdn.com
1	protagcdn.com	www.publisher-network.com
1	ajax.googleapis.com	www.merlininkazani.com
115	40

This site contains links to these domains. Also see Links.

Domain
en.merlininkazani.com
www.facebook.com
www.youtube.com
www.twitch.tv
twitter.com
leadergamer.com.tr
frpnet.net
bigcore.net

Subject Issuer	Validity	Valid
merlininkazani.com Starfield Secure Certificate Authority - G2	`2023-04-08` - `2024-04-08`	a year	crt.sh
publisher-network.com GTS CA 1P5	`2023-10-02` - `2023-12-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
protagcdn.com E1	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
teads.tv R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
ck-ie.com Go Daddy Secure Certificate Authority - G2	`2022-11-12` - `2023-12-14`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.merlininkazani.com/
Frame ID: F49BBD98053001F4177AE12886B4FBB8
Requests: 80 HTTP requests in this frame

Frame: https://www.youtube.com/embed/1u_YClCXiRs
Frame ID: 66AF71B9991FC09F8791DAE2AC887022
Requests: 21 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1244865222
Frame ID: 014FD7F7C74B4C6ACE016DF7A16AD729
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 78068078F0F5EDD1B0499416D3D4D660
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: D2CE0357FB374C149F46195073B5C83D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: B7D0F4706D5A8E009C689F1A8AA3A04E
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 50A1834859FD0D0DB73131A1FB72F49C
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: 03C57E31182F0849567B369C3A9CB950
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-26f3fd36-3fff-441a-8b02-c3812e2a9dfa-003
Frame ID: EECBDB30730063519D05CB1D01E1A3E4
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/c27d0194-3296-5226-9828-42a5fd1b5dd9
Frame ID: 722E438230443BC7D53712CCF27E3DCF
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: BFA4823D11B930FE0CC23EFF6ACE09E4
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: D53C118ADCCEE50245FB869DDD0C01EA
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=ff65b09b-15ff-46b0-a1cc-a5104b59154e&ssp=criteo
Frame ID: 4261898941ED092325BAFCAE32A19886
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/cd10f041c3cd7fabfc9b5b994a13f093?gdpr_consent=&gdpr=0
Frame ID: 92815A7F944E81587451E4FEA8472D29
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 6389C55AA86BDA0C508EF522908C42C6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Merlin'in Kazanı - Oyun İnceleme ve Oyun Haberleri

Page URL History Show full URLs

http://www.merlininkazani.com/ HTTP 301
https://www.merlininkazani.com/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+ionicons(?:\.min)?\.css

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

115
Requests

97 %
HTTPS

50 %
IPv6

28
Domains

40
Subdomains

28
IPs

7
Countries

2496 kB
Transfer

6807 kB
Size

16
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://en.merlininkazani.com/
Title: EN

Search URL Search Domain Scan URL

URL: https://www.facebook.com/merlininkazanitr

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/MerlinPlus

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/merlinin_kazani

Search URL Search Domain Scan URL

URL: https://twitter.com/merlininkazani

Search URL Search Domain Scan URL

URL: https://leadergamer.com.tr/
Title: Leadergamer

Search URL Search Domain Scan URL

URL: https://frpnet.net/
Title: FrpNet

Search URL Search Domain Scan URL

URL: https://bigcore.net/
Title: Bigcore Sunucularında

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.merlininkazani.com/ HTTP 301
https://www.merlininkazani.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 104

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F

Request Chain 105

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1697849212590 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=7956067026 HTTP 302
https://sync.1rx.io/usersync/turn/9086847863266335042?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-26f3fd36-3fff-441a-8b02-c3812e2a9dfa-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-26f3fd36-3fff-441a-8b02-c3812e2a9dfa-003 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-26f3fd36-3fff-441a-8b02-c3812e2a9dfa-003

Request Chain 106

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=8988362782739925800 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/betweenx/c27d0194-3296-5226-9828-42a5fd1b5dd9

Request Chain 109

https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230 HTTP 302
https://dis.criteo.com/dis/usersync.aspx?r=73&p=230&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fgdprapplies%3d0%26gdpr%3d%26redir%3dhttps%253A%252F%252Fcsync.smilewanted.com%252Fset_partner_userid_get%252Fcriteo%252F%2524%257BCRITEO_USER_ID%257D%26profile%3d230%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=&gpp= HTTP 302
https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24{CRITEO_USER_ID}&profile=230&uid=45b4a13b-803a-489e-8af6-710a30dc17cd&dised=true&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?ssp=criteo&custom_data=nxwGPV9NRDQyTkZnTmhzc29PelpWSGtsR1puRUFLY1JrUGtUOSUyRm5DcVpKdVBaJTJGVTM1T1huZVdIT2pqcVkxUzVlbFklMkIxcTJabFhISDk4ODZ2biUyQllacEl2WTF0R3k1dkt0bkVaWnZFWiUyRjBYWlJxak5ubGloa3FuRjNMYVczZGp6c3psczBBY245ZG15cXd3dWx2WENHYkFNcmRwYklNZWJvYlJFWll0bEZPYSUyQiUyQlBtTDJOSGxCNlBRJTJCJTJCMmloR20lMkIlMkZvSVNJ&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-e9m5OasriVToNfG_sE0vWomTskZDKqtl_bmMKA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=nxwGPV9NRDQyTkZnTmhzc29PelpWSGtsR1puRUFLY1JrUGtUOSUyRm5DcVpKdVBaJTJGVTM1T1huZVdIT2pqcVkxUzVlbFklMkIxcTJabFhISDk4ODZ2biUyQllacEl2WTF0R3k1dkt0bkVaWnZFWiUyRjBYWlJxak5ubGloa3FuRjNMYVczZGp6c3psczBBY245ZG15cXd3dWx2WENHYkFNcmRwYklNZWJvYlJFWll0bEZPYSUyQiUyQlBtTDJOSGxCNlBRJTJCJTJCMmloR20lMkIlMkZvSVNJ&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-e9m5OasriVToNfG_sE0vWomTskZDKqtl_bmMKA HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=1a90fbb4-56d0-4c3d-b055-ed456eeb2e39&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=1a90fbb4-56d0-4c3d-b055-ed456eeb2e39&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=ff65b09b-15ff-46b0-a1cc-a5104b59154e&ssp=criteo

Request Chain 110

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/cd10f041c3cd7fabfc9b5b994a13f093?gdpr_consent=&gdpr=0

Request Chain 113

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10162.2nY95qfZ1y8XrWIIecPRqjYbq_H-lFWcX4R4WRkLEmVaP-mDMOgtJw1d98GdZh6c.q4gVunz301JBZgLSmlqCOQM-4r0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10162.WvIQy__uMTlB81hqnVIFOXPjPxTGX_WGhEL38DQsIeTCS4n1UFkVIVp1kVDU16Aoo4Adx204j1T_fXKmbGHK_diEKAl_VCKhy7J1CqGcR__iRyDPJh__k7zi1ZaD2RLmNJGxYxEkzg6Oxto30ItNkDtiFWM2j-2rUbFhijKpBsRyaOBwA70EFr2TQxu0DI5q-uA3bk57e-ihA5GLSmcR2OKwP-2YCYDjXaVBxUxyfCk%2C.mJD0qH24RIk8SVbXQ12nkGv4YDU%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10162.MTs3A3hN8wWM0u_ebocQRNVIIhzM4wrUn6Fd0_Q16Trqmwa3iaEguRFKLqdEVD75c2pjVUp2bZ_266L4M4M71MIbyBN4ZSMwWsPg4wqysQk6YttsKnspJrtKznVl3kIrc795nwIhIzfM9Swj7yTlF1y1u8PjnJFvkCqGZOeKbq8ba7X-9oy3Lp0v-GP2JQDI98qRgQlqMsfMVibe3tBWVQ%2C%2C.R88ORX7Y8gy_Am1U4NnLa2xWKLg%2C

Request Chain 115

https://mc.yandex.com/watch/93441843?wmode=7&page-url=https%3A%2F%2Fwww.merlininkazani.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A947%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1141%3Acn%3A1%3Adp%3A0%3Als%3A1586847504474%3Ahid%3A465572487%3Az%3A120%3Ai%3A20231021024653%3Aet%3A1697849214%3Ac%3A1%3Arn%3A340914289%3Arqn%3A1%3Au%3A1697849214611037760%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C48%2C694%2C28%2C72%2C0%2C%2C238%2C0%2C2300%2C2300%2C1%2C1083%3Aco%3A0%3Acpf%3A1%3Ans%3A1697849207208%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697849214%3At%3AMerlin%27in%20Kazan%C4%B1%20-%20Oyun%20%C4%B0nceleme%20ve%20Oyun%20Haberleri&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/93441843/1?wmode=7&page-url=https%3A%2F%2Fwww.merlininkazani.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A947%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1141%3Acn%3A1%3Adp%3A0%3Als%3A1586847504474%3Ahid%3A465572487%3Az%3A120%3Ai%3A20231021024653%3Aet%3A1697849214%3Ac%3A1%3Arn%3A340914289%3Arqn%3A1%3Au%3A1697849214611037760%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C48%2C694%2C28%2C72%2C0%2C%2C238%2C0%2C2300%2C2300%2C1%2C1083%3Aco%3A0%3Acpf%3A1%3Ans%3A1697849207208%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697849214%3At%3AMerlin%27in%20Kazan%C4%B1%20-%20Oyun%20%C4%B0nceleme%20ve%20Oyun%20Haberleri&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

115 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.merlininkazani.com/
Redirect Chain

http://www.merlininkazani.com/
https://www.merlininkazani.com/

109 KB
20 KB

745ms
695ms

Document
text/html

192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.merlininkazani.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

1b766b48c5f0eb5878e5719b08722518a8135fe371378d41627eed3e238198bc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-length: 20475
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Sat, 21 Oct 2023 00:46:47 GMT
server: nginx
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-sucuri-cache: MISS
x-sucuri-id: 15027
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sat, 21 Oct 2023 00:46:46 GMT
Location: https://www.merlininkazani.com/
Server: Sucuri/Cloudproxy
X-Sucuri-ID: 15027

GET
H2 200 script.js Show response
www.publisher-network.com/publisher/merlininkazani/ 783 B
1 KB 114ms
28ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publisher-network.com/publisher/merlininkazani/script.js

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

055d465eb4e1ad962c5cb135315b3156000345fab645bfe080e59bb8d0d14567

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish (Varnish/6.1)
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3357
cf-polished: origSize=852
content-encoding: br
x-cache: MISS
x-ua-device
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 18 Oct 2023 00:14:15 GMT
server: cloudflare
etag: W/"652f2357-354"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbZE%2FubYXlOM6AWfR8hGK0aCLffRbkrnVFXuNnyZKeVem%2Bshz4D3ZOAZFuiYmoCY7T6MJgQso7XWxv4KTuuFIvPnunxBFhqJ9erZVqxZ7PJTDeBuaRus3ochd3ypcP%2FZ89hKWGvpdKxwD%2B0amrbmN%2BsqBUvePGWz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 106448
cache-control: max-age=3600
cf-ray: 81957c4ee9b43644-FRA
x-storage: static
x-cache-hits: 0

GET
H2 200 main.min.css
www.merlininkazani.com/content/css/ 82 KB
12 KB 27ms
20ms Stylesheet
text/css 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.merlininkazani.com/content/css/main.min.css

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

8111c7108a96d733858585c11105896911bf6aa4f113e56905aa39a425f134f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 11947
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Oct 2023 14:28:03 GMT
server: nginx
etag: "80db6079e1fdd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ionicons.min.css
www.merlininkazani.com/content/css/ 20 KB
4 KB 28ms
23ms Stylesheet
text/css 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.merlininkazani.com/content/css/ionicons.min.css

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

383b405288db900880f67f30c434be6d9096b14d3008ba8c09eb1abf9c22b0f5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 3249
x-xss-protection: 1; mode=block
last-modified: Sat, 09 Sep 2023 20:05:58 GMT
server: nginx
etag: "0d72cc59e3d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 119 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf2ffbcf4269eac339246b6ef2e37f3abb33a2905decffba0e1cf198190342e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo.svg
www.merlininkazani.com/content/images/main/ 24 KB
24 KB 22ms
22ms Image
image/svg+xml 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.merlininkazani.com/content/images/main/logo.svg

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/content/css/main.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

96e0082f1fe85dfa8f77b4355c84df8b41eded0d97a657806b063807f5558c31

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/content/css/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sat, 12 Aug 2017 09:23:48 GMT
server: nginx
etag: "116efbb34c13d31:0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 24298
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 search.png
www.merlininkazani.com/content/images/main/ 247 B
577 B 22ms
22ms Image
image/png 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.merlininkazani.com/content/images/main/search.png

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/content/css/main.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

16776146986abe16ecf4ecf828855012f5c50da7a7d699d7d5143b21b8ae8adf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/content/css/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sat, 12 Aug 2017 09:23:48 GMT
server: nginx
etag: "eab3ffb34c13d31:0"
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 247
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 iJWKBXyIfDnIV7nBrXyw023e.woff2
www.merlininkazani.com/content/fonts/ 34 KB
35 KB 41ms
40ms Font
application/font-woff2 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.merlininkazani.com/content/fonts/iJWKBXyIfDnIV7nBrXyw023e.woff2

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/content/css/ionicons.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

add2474dc337e3ccd718e7052da920b3aa81a274c599131ce65e376d9ba36623

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.merlininkazani.com/content/css/ionicons.min.css
Origin: https://www.merlininkazani.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sat, 09 Sep 2023 14:23:58 GMT
server: nginx
etag: "c6e614529e3d91:0"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 35320
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ionicons.ttf
www.merlininkazani.com/content/fonts/ 184 KB
185 KB 41ms
41ms Font
application/octet-stream 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.merlininkazani.com/content/fonts/ionicons.ttf?v=2.0.0

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/content/css/ionicons.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.merlininkazani.com/content/css/ionicons.min.css
Origin: https://www.merlininkazani.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 27 Jul 2017 21:38:15 GMT
server: nginx
etag: "d27868a7207d31:0"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 188508
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 iJWKBXyIfDnIV7nPrXyw023e1Ik.woff2
www.merlininkazani.com/content/fonts/ 19 KB
19 KB 40ms
40ms Font
application/font-woff2 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.merlininkazani.com/content/fonts/iJWKBXyIfDnIV7nPrXyw023e1Ik.woff2

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/content/css/ionicons.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

0ea51cf9f6a026af6aed5bcc5fd0e9ec981fe6ca4f33baae315aaaac87cbfcb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.merlininkazani.com/content/css/ionicons.min.css
Origin: https://www.merlininkazani.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sat, 09 Sep 2023 14:23:58 GMT
server: nginx
etag: "6b1e724529e3d91:0"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 19088
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.7.0/ 85 KB
30 KB 74ms
21ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 20:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30433
x-xss-protection: 0
last-modified: Wed, 17 May 2023 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 20:18:24 GMT

GET
H2 200 lazysizes.min.js Show response
www.merlininkazani.com/content/js/ 8 KB
8 KB 50ms
49ms Script
application/javascript 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.merlininkazani.com/content/js/lazysizes.min.js

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2023 23:17:38 GMT
server: nginx
etag: "239e1f49192da1:0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 7889
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 theia-sticky-sidebar.min.js Show response
www.merlininkazani.com/content/js/ 5 KB
6 KB 50ms
49ms Script
application/javascript 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.merlininkazani.com/content/js/theia-sticky-sidebar.min.js

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

17831697d0fa783764813af590e05afe21f36cbde5eeaed445cc55960930e69f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2023 23:17:38 GMT
server: nginx
etag: "239e1f49192da1:0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 5482
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.min.js Show response
www.merlininkazani.com/content/js/ 27 KB
28 KB 50ms
49ms Script
application/javascript 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.merlininkazani.com/content/js/all.min.js

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

b9d9640ea52c10cf46cd3ed4f151054f94f0e056f4f8832653930028f53b97b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 12 Oct 2023 12:11:01 GMT
server: nginx
etag: "125b602a5fdd91:0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 28038
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 site.js Show response
protagcdn.com/s/merlininkazani.com/ 679 KB
188 KB 134ms
67ms Script
application/javascript 2606:4700:20::681a:68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://protagcdn.com/s/merlininkazani.com/site.js
Requested by: Host: www.publisher-network.com
URL: https://www.publisher-network.com/publisher/merlininkazani/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:68e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6d5c2426a9e21107a71e1ac87e3411fd6b9b228e63f1c3b389859660e1d31fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=696297
alt-svc: h3=":443"; ma=86400
pragma: no-cache
cf-bgj: minify
last-modified: Tue, 17 Oct 2023 15:55:35 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gH2fwc%2B2UvNuMl4HkkKfZftG6WIiJloBUu2gxUs7S%2FIqKsv%2FLGeUup5CvT6iza5j4AjwXQ171OAPi%2FIHvYPvl9JeFdh03fLiIjIBbhyg9KWC43GK6n0eeX4KMOF4fa%2FjDGPJlkkhq7gqDy8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 81957c500a7e4dca-FRA
expires: Sat, 21 Oct 2023 01:16:48 GMT

GET
H2 200 1u_YClCXiRs Show response
www.youtube.com/embed/ Frame 66AF 91 KB
41 KB 152ms
91ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/1u_YClCXiRs

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/content/js/lazysizes.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff4146d5b185d73ee60a39ff346662b6a39cfb0ccff34810d83b72b3f0b2f389

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.merlininkazani.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 00:46:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 124868_640.jpg
www.merlininkazani.com/images/games/11198/ 53 KB
53 KB 23ms
22ms Image
image/jpeg 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.merlininkazani.com/images/games/11198/124868_640.jpg

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

d1c902b44f1f4338b8f29193707f81e9859908051e4437056306bba08946d2e6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 19 Oct 2023 14:23:40 GMT
server: nginx
etag: "f2115fdb972da1:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 54181
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 124865_640.jpg
www.merlininkazani.com/images/games/7899/ 37 KB
37 KB 24ms
23ms Image
image/jpeg 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.merlininkazani.com/images/games/7899/124865_640.jpg

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

6a08c6270fd9133e662f6667e8b0d6178af291e1e8ba9296d08c4971a30bbd58

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2023 15:48:20 GMT
server: nginx
etag: "391f1085da1da1:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 37475
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 124862_320.jpg
www.merlininkazani.com/images/games/8500/ 12 KB
12 KB 25ms
23ms Image
image/jpeg 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.merlininkazani.com/images/games/8500/124862_320.jpg

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

7967bba83f81a8532b4b6fa44170739850a213335832d2f2fbf46e54cad8b315

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Tue, 17 Oct 2023 16:08:44 GMT
server: nginx
etag: "e3872934141da1:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 12319
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 124860_320.jpg
www.merlininkazani.com/images/games/11638/ 13 KB
13 KB 25ms
24ms Image
image/jpeg 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.merlininkazani.com/images/games/11638/124860_320.jpg

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

2d2a1804477f6bbf31e676bda8d10f7f1a063680b2564dfd3c0b2d2ec75d4d7c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Tue, 17 Oct 2023 14:16:25 GMT
server: nginx
etag: "cb75138341da1:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 13132
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 124866_320.jpg
www.merlininkazani.com/images/games/5596/ 13 KB
13 KB 26ms
25ms Image
image/jpeg 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.merlininkazani.com/images/games/5596/124866_320.jpg

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

f7aff1fccc14eb2b8c07b46245a27af1eee78bdca68be209f996b3525e74815e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2023 21:14:18 GMT
server: nginx
etag: "11bba4e82da1:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 13038
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 124867_320.jpg
www.merlininkazani.com/images/games/8748/ 16 KB
16 KB 26ms
26ms Image
image/jpeg 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.merlininkazani.com/images/games/8748/124867_320.jpg

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

731a1690662cfe57b65566ec218d9684a2e4085de56d70b21688c43a1b7ba60e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2023 22:37:30 GMT
server: nginx
etag: "479c97ad132da1:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 16307
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 89ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab1eb8d4a988d7d6baaf5fcd6c4c8fdaa2058a8d4db4dd4b8a6872c7f99277fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29586
x-xss-protection: 0
server: cafe
etag: 870 / 19651 / m202310170101 / config-hash: 4808689989001815818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 00:46:48 GMT

GET
H2 200 ads.js Show response
adx.protagcdn.com/ads/advertisement/ 200 B
622 B 49ms
31ms Script
application/javascript 2606:4700:20::681a:68e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.protagcdn.com/ads/advertisement/ads.js

Requested by

Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4307a4a83648898a0381fa21222a3670428146cb065186d0ff72449bdafa8140

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-balancer-id: 2
date: Sat, 21 Oct 2023 00:46:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2392
cf-polished: origSize=248
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 09 May 2023 13:32:59 GMT
server: cloudflare
etag: W/"f8-5fb42cb349414"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lf58P1TyQhOXA9aj3J%2BXP2U3vV57roztl83Zvz%2FTurznEP6dgwXxPUiKPOgjiO0uKq8alzU4uooOVTr6UIGe24wZCtdfvBrcBWhoQOToi0RZM3YlzQMM8KFdK3WMbQW9I5kjYLE9ZkKFGYU%2FvngN"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=691200
cf-ray: 81957c511b144dca-FRA
expires: Sun, 29 Oct 2023 00:06:56 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/dd34ec3d/ Frame 66AF 379 KB
48 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dd34ec3d/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1u_YClCXiRs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42d9e8a5975207cb02aae556e0403d885ec3e05da4ef170c07595c4a500c69d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1u_YClCXiRs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:54:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49033
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 01:52:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 19 Oct 2024 23:54:11 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/dd34ec3d/player_ias.vflset/de_DE/ Frame 66AF 54 KB
17 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1u_YClCXiRs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67b27d97ce1d287bd6b2fa55e6e5ce400e37444754afb6746e0f17a45643d024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1u_YClCXiRs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:36:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 407434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17010
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 01:52:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 15 Oct 2024 07:36:14 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/dd34ec3d/www-embed-player.vflset/ Frame 66AF 318 KB
95 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dd34ec3d/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1u_YClCXiRs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ee5c9e9f3ff16052b3ccd7ba71c89dc87f5364b8135ff8c604bd7be650cad62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1u_YClCXiRs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:05:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97482
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 01:52:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 19 Oct 2024 23:05:17 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/dd34ec3d/player_ias.vflset/de_DE/ Frame 66AF 3 MB
801 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1u_YClCXiRs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f14fe12ab7033abf1ec82fbd6c7dedaf36998f5718010b37a99cc26147441651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1u_YClCXiRs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 407434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 819909
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 01:52:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 15 Oct 2024 07:36:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 66AF 15 KB
15 KB 81ms
28ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1u_YClCXiRs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 596925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Oct 2024 02:58:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 66AF 15 KB
16 KB 75ms
22ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1u_YClCXiRs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:06:30 GMT
x-content-type-options: nosniff
age: 110418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:06:30 GMT

GET
H2 200 124870_320.jpg
www.merlininkazani.com/images/games/13412/ 13 KB
13 KB 25ms
24ms Image
image/jpeg 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.merlininkazani.com/images/games/13412/124870_320.jpg

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

10cf286ac3db9108a7f0c941e6f9d73b4fdae32ab58bc393050c0225db15d221

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 20 Oct 2023 12:11:29 GMT
server: nginx
etag: "2a92848e4e3da1:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 13291
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 124869_320.jpg
www.merlininkazani.com/images/games/1110/ 16 KB
17 KB 27ms
26ms Image
image/jpeg 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.merlininkazani.com/images/games/1110/124869_320.jpg

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

0e30020157f1997c6c9b31bba4fb1f77a4276fcb378a36bb71f8712d6b2a6b6f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 20 Oct 2023 11:09:30 GMT
server: nginx
etag: "ac1f11e6453da1:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 16583
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 124855_320.jpg
www.merlininkazani.com/images/games/13031/ 9 KB
10 KB 27ms
27ms Image
image/jpeg 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.merlininkazani.com/images/games/13031/124855_320.jpg

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

94165cb5908d25c576a1a6bbc63a5d275d8f5a14c20aaf4d574ed3ffc895b311

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 21:47:00 GMT
server: nginx
etag: "541e5f20b1ffd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 9562
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 124853_320.jpg
www.merlininkazani.com/images/games/13031/ 8 KB
9 KB 28ms
28ms Image
image/jpeg 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.merlininkazani.com/images/games/13031/124853_320.jpg

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

d52caf623e61266af7de0ab2eed9ca32278d993f031ff6f104349d8399825fd5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sat, 14 Oct 2023 02:15:16 GMT
server: nginx
etag: "9789d84544fed91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 8455
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 124861_320.jpg
www.merlininkazani.com/images/games/13266/ 13 KB
13 KB 30ms
30ms Image
image/jpeg 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.merlininkazani.com/images/games/13266/124861_320.jpg

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

c9dabfed9723e6968f8b73a3cbd9b3b24169a717a5e6a60f36df706564cfc0df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Tue, 17 Oct 2023 15:47:40 GMT
server: nginx
etag: "9257042111da1:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 12858
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/ 421 KB
132 KB 21ms
18ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f1999dd213ea15813d6e27249169c4d54cfec7150e81ed1e1aad85d7b20202f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 16:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28242
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135205
x-xss-protection: 0
server: cafe
etag: 9147680799068891735
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 19 Oct 2024 16:56:06 GMT

GET
H2 200 124871_320.jpg
www.merlininkazani.com/images/games/9848/ 13 KB
14 KB 23ms
23ms Image
image/jpeg 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.merlininkazani.com/images/games/9848/124871_320.jpg

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

cc2c34f22bf681dc4855fd952319535be3f79cf4d500a36ab63fdf93770fe41d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Fri, 20 Oct 2023 13:28:24 GMT
server: nginx
etag: "eb30734d593da1:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 13744
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 66AF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

32ms
32ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1u_YClCXiRs

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f21c2221933c2e679a258a9f6d6d37a1010bfa7acf917e7c8ef4da5deb5629d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 21 Oct 2023 00:46:48 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 66AF 29 B
494 B 77ms
22ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:45:32 GMT
x-content-type-options: nosniff
age: 76
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Oct 2023 01:00:32 GMT

GET
H2 200 homepage.js Show response
www.publisher-network.com/publisher/merlininkazani/ 4 KB
1 KB 43ms
43ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publisher-network.com/publisher/merlininkazani/homepage.js

Requested by

Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f973d65bd50b0e925e40a22908be91d504fcdc4e0b43b4fc60e8d4e49cbb916

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish (Varnish/6.1)
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-polished: origSize=5113
x-cache: MISS
x-ua-device
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 09 Oct 2023 11:51:10 GMT
server: cloudflare
etag: W/"6523e92e-13f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZHu8zieFsWVi8PfoWKPeZbf88iNRtAP1elrRL92SWeKQJpaVyJx%2FOwFiGZnrlJ3vd7%2BfYXd%2BGgQQGwLgEQeNxv5Q1v%2BEmaI2cpF7yXyyw0jAdq7rKkGR3sdFnmQXSmgg%2BAlkXuH2ADxCg7L9mfglwcb6SLz1kCJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 106467
cache-control: max-age=3600
cf-ray: 81957c52cc0b3644-FRA
x-storage: static
x-cache-hits: 0

GET
H2 200 21929979084 Show response
fundingchoicesmessages.google.com/i/ 158 KB
52 KB 116ms
55ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/21929979084?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

955471bf3d46169a2830173ee8c67e720c2117bbf5718f45ff8d913be1b2f710

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-rsmKFWb2t0huFuz7QEyAfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-rsmKFWb2t0huFuz7QEyAfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
537 B 141ms
34ms XHR
text/plain 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 00:46:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.merlininkazani.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
386 B 181ms
77ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 00:46:48 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.merlininkazani.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Sat, 21 Oct 2023 00:46:48 GMT

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
314 B 120ms
56ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.merlininkazani.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 81957c53bf0218e3-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 142ms
79ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.merlininkazani.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 81957c53bf0118e3-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 144ms
81ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.merlininkazani.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 81957c53bf0418e3-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 240ms
177ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:46:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.merlininkazani.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 81957c53bf0518e3-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 122ms
60ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.merlininkazani.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 81957c539eec18e3-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
59 B 237ms
175ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:46:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.merlininkazani.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 81957c539eea18e3-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
35 B 121ms
59ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.merlininkazani.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 81957c539ee718e3-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 144ms
82ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.merlininkazani.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 81957c53bf0818e3-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 141ms
79ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.merlininkazani.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 81957c53bf0718e3-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 139ms
78ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.merlininkazani.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 81957c53bf0618e3-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 141ms
82ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.merlininkazani.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 81957c539ee518e3-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 241ms
182ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:46:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.merlininkazani.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 81957c53bf0918e3-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 118ms
59ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.merlininkazani.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 81957c53bf0018e3-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 234ms
176ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:46:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.merlininkazani.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 81957c539ef018e3-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 233ms
176ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:46:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.merlininkazani.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 81957c539eee18e3-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 235ms
178ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:46:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.merlininkazani.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 81957c539ee218e3-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 137ms
80ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:46:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.merlininkazani.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 81957c539ee318e3-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
240 B 165ms
77ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:45:04 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.merlininkazani.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
240 B 164ms
77ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:45:04 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.merlininkazani.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
241 B 139ms
52ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:45:04 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.merlininkazani.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
240 B 165ms
78ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:45:04 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.merlininkazani.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
240 B 165ms
78ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:45:04 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.merlininkazani.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
240 B 141ms
54ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:45:04 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.merlininkazani.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
240 B 143ms
57ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:45:04 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.merlininkazani.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
240 B 144ms
57ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:45:04 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.merlininkazani.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
240 B 165ms
79ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:45:04 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.merlininkazani.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
240 B 144ms
58ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:45:04 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.merlininkazani.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
240 B 164ms
79ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:45:04 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.merlininkazani.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
240 B 139ms
54ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:45:04 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.merlininkazani.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
240 B 165ms
80ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:45:04 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.merlininkazani.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
240 B 144ms
59ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:45:04 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.merlininkazani.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
240 B 164ms
80ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:45:04 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.merlininkazani.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
240 B 143ms
59ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:45:04 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.merlininkazani.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
240 B 143ms
58ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:45:04 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.merlininkazani.com
access-control-allow-credentials: true

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 94ms
28ms Preflight
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 21 Oct 2023 00:46:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 66AF 69 KB
32 KB 41ms
36ms XHR
application/json+protobuf 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f02ac69c3dbe42287e32d7b2262300a5cc7a08b76a3a904fd2588960c8897ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 21 Oct 2023 00:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32052
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/dd34ec3d/player_ias.vflset/de_DE/ Frame 66AF 116 KB
33 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9715cad5176e9cdc9ab737cab44fa6a3197724652f97ad2b047e60ad6bfede07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1u_YClCXiRs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:37:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 407380
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33674
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 01:52:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 15 Oct 2024 07:37:08 GMT

GET
H2 200 PCqCuqRWleJvAFB5HssaUTeU1BO5ETzC_zrpZ-5DxRc.js Show response
www.google.com/js/th/ Frame 66AF 38 KB
15 KB 95ms
21ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/PCqCuqRWleJvAFB5HssaUTeU1BO5ETzC_zrpZ-5DxRc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c2a82baa45695e26f0050791ecb1a513794d413b9113cc2ff3ae967ee43c517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 16:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14755
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Oct 2024 16:21:06 GMT

GET
H2 200 default.webp
i.ytimg.com/vi_webp/1u_YClCXiRs/ Frame 66AF 3 KB
4 KB 102ms
29ms Image
image/webp 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/1u_YClCXiRs/default.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1u_YClCXiRs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5882bcc30dd953d661b9b7bb6d8772408192e5093811a9ef8a07d45af1ff1b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3280
x-xss-protection: 0
server: sffe
etag: "1677499201"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 21 Oct 2023 02:46:49 GMT

GET
DATA 200
OK truncated
/ Frame 66AF 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 APkrFKYSukKTfQ-LvJ75iHiTqTFF1RshxG9IT0lY3L_C=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 66AF 2 KB
3 KB 132ms
36ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/APkrFKYSukKTfQ-LvJ75iHiTqTFF1RshxG9IT0lY3L_C=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1u_YClCXiRs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fb689ebd799f6f85c4c01509f34f66ff25225fcb7fb8381630acadd9ab2a9e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:49 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2500
x-xss-protection: 0
server: fife
etag: "v17"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 22 Oct 2023 00:46:49 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 66AF 12 KB
12 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1u_YClCXiRs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 07:43:03 GMT
x-content-type-options: nosniff
age: 61425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11936
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Oct 2024 07:43:03 GMT

GET
H2 200 AGSKWxXYWLWACInnjyEaY3rVH9f0AQCo5yovHNzuV4nIRdgPiw6dAAPNm92zfLTy0O9riTan9jEa2MboPpGYSgc83GEtou3fmeMAYkvP2lKnW58vZdLR7DRSLQ-69Jic4ATACoP3fpQ3kw== Show response
fundingchoicesmessages.google.com/f/ 310 KB
50 KB 96ms
96ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXYWLWACInnjyEaY3rVH9f0AQCo5yovHNzuV4nIRdgPiw6dAAPNm92zfLTy0O9riTan9jEa2MboPpGYSgc83GEtou3fmeMAYkvP2lKnW58vZdLR7DRSLQ-69Jic4ATACoP3fpQ3kw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk3ODQ5MjA5LDMzMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5tZXJsaW5pbmthemFuaS5jb20vIixudWxsLFtbOCwiMWowZXNOdTBSV0EiXSxbOSwiZGUiXSxbMTksIjEiXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.1j0esNu0RWA.es5.O/am=gAE/d=1/rs=AJlcJMySwWY9nT6oDPgqelYCNhzqEE1t-A/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f27641a1a91a756cf4f4ed029155438dd9d05d42a83bbc97e4e6c81a4ca20d6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Fcwpk54v1nEDGyJ72cb8Kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:49 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Fcwpk54v1nEDGyJ72cb8Kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 66AF 90 B
134 B 32ms
32ms XHR
application/json+protobuf 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08da07bb99c760a430815d11a91dad908c51a7631307b70eb380a29e20546562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 21 Oct 2023 00:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 29ms
29ms Preflight
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 21 Oct 2023 00:46:49 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 66AF 4 KB
2 KB 86ms
35ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 00:46:49 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 66AF 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?hlK9mQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/1u_YClCXiRs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1u_YClCXiRs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ 69 KB
4 KB 56ms
40ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.1j0esNu0RWA.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwnTF3BdmiQfW8xryYMvMG2mG_AGA/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

da4485322b09758f7177cc201d69a4743b839c8c831005675b213501c26535fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 21 Oct 2023 00:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 21 Oct 2023 00:46:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 Oct 2023 00:46:49 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.merlininkazani.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 109830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:16:19 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
125 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.merlininkazani.com/
Origin: https://www.merlininkazani.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 07:35:16 GMT
x-content-type-options: nosniff
age: 61893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Oct 2024 07:35:16 GMT

POST
H3 204 AGSKWxVPppy9zHyz_ZP5xBEeNn4yNlmB9u4fJEs0zl_nV6XmqxXxjdFJvdFWYn_8om-a8eRh4WRxYHXqfZwOzVYishSfXx5_nckvoFckWdyvUFsKkh_dlbKSIqgvBcSGCA5kDt9AZpr9-Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 112ms
69ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVPppy9zHyz_ZP5xBEeNn4yNlmB9u4fJEs0zl_nV6XmqxXxjdFJvdFWYn_8om-a8eRh4WRxYHXqfZwOzVYishSfXx5_nckvoFckWdyvUFsKkh_dlbKSIqgvBcSGCA5kDt9AZpr9-Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8yFcIcVVskWtnsaBUvuZSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.merlininkazani.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Oct 2023 00:46:49 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8yFcIcVVskWtnsaBUvuZSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.merlininkazani.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/118/ Frame 66AF 50 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/118/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 22:15:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14707
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 15:06:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 21 Oct 2023 22:15:11 GMT

GET
H2 200 124863_320.jpg
www.merlininkazani.com/images/games/13410/ 7 KB
8 KB 23ms
22ms Image
image/jpeg 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.merlininkazani.com/images/games/13410/124863_320.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

f972b248695af24e4d1b2bdcd6320d895ad0e122d0433a459966edd85e99734b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:49 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2023 13:52:46 GMT
server: nginx
etag: "5091e15fca1da1:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 7527
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 124854_320.jpg
www.merlininkazani.com/images/games/13031/ 10 KB
11 KB 23ms
23ms Image
image/jpeg 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.merlininkazani.com/images/games/13031/124854_320.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

64f4206dc92e322fe6ce8ff110d4cb83287e7c987a20501d61c858000509479a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:49 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Sat, 14 Oct 2023 02:54:59 GMT
server: nginx
etag: "5ca85cd249fed91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 10579
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 124864_320.jpg
www.merlininkazani.com/images/games/13411/ 13 KB
13 KB 22ms
22ms Image
image/jpeg 192.124.249.27
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.merlininkazani.com/images/games/13411/124864_320.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.27 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10027.sucuri.net

Software

nginx /

Resource Hash

5ae391caa32a24bc733034dde1aa085e8df2b0fd941718038b00c67e017967d8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:49 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2023 14:41:36 GMT
server: nginx
etag: "21a01932d11da1:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15027
accept-ranges: bytes
content-length: 13424
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 66AF 28 B
54 B 34ms
33ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
X-Goog-Request-Time: 1697849211361
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/1u_YClCXiRs
X-YouTube-Client-Version: 1.20231015.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtmalZEbUpiQzJXRSj4vsypBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1697849208561&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C168&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 21 Oct 2023 00:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 21 Oct 2023 00:46:51 GMT

GET
H2 200 / Show response
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 014F 61 B
254 B 128ms
28ms Document
text/html 168.119.72.236
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1244865222
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.236.72.119.168.clients.your-server.de
Software: nginx / PHP/8.2.5
Resource Hash: 0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c

Request headers

Referer: https://www.merlininkazani.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 21 Oct 2023 00:45:27 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.5

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 7806 6 KB
2 KB 59ms
39ms Document
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/merlininkazani.com/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6417c65a57cd68bc0e5e18cf23b47ee22d6c9643d6b2987c6dbed425baebf25b

Request headers

Referer: https://www.merlininkazani.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 81957c68193318e3-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 21 Oct 2023 00:46:52 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 7806 48 KB
12 KB 63ms
47ms Script
application/javascript 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 667529
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 81957c68c98918e3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame D2CE 0
322 B 43ms
43ms Document
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 81957c6929bd18e3-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 21 Oct 2023 00:46:52 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame B7D0 0
0 89ms
23ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 50A1 0
0 281ms
39ms Document
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Sat, 21 Oct 2023 00:46:52 GMT
X-Sovrn-Pod: ad_ap5ams1

GET
H2

200

/ Show response
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 03C5
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F

95 B
236 B

27ms
27ms

Document
image/png

168.119.72.236
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.236.72.119.168.clients.your-server.de
Software: nginx / PHP/8.2.5
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/png
date: Sat, 21 Oct 2023 00:45:27 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx
x-powered-by: PHP/8.2.5

Redirect headers

content-type: text/html; charset=UTF-8
date: Sat, 21 Oct 2023 00:45:27 GMT
location: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server: nginx
x-powered-by: PHP/8.2.5

GET
H2

200

RX-26f3fd36-3fff-441a-8b02-c3812e2a9dfa-003 Show response
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame EECB
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1697849212590
https://ad.turn.com/r/cs?pid=45&rndcb=7956067026
https://sync.1rx.io/usersync/turn/9086847863266335042?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-26f3fd36-3fff-441a-8b02-c3812e2a9dfa-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-26f3fd36-3fff-441a-8b02-c38...
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-26f3fd36-3fff-441a-8b02-c3812e2a9dfa-003

0
723 B

35ms
35ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-26f3fd36-3fff-441a-8b02-c3812e2a9dfa-003
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 81957c6e0bfe18e3-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 21 Oct 2023 00:46:53 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-type: text/html
date: Sat, 21 Oct 2023 00:46:53 GMT
etag: RX26f3fd363fff441a8b02c3812e2a9dfa003
location: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-26f3fd36-3fff-441a-8b02-c3812e2a9dfa-003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H2

200

c27d0194-3296-5226-9828-42a5fd1b5dd9 Show response
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 722E
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=8988362782739925800
https://csync.smilewanted.com/set_partner_userid_get/betweenx/c27d0194-3296-5226-9828-42a5fd1b5dd9

0
385 B

41ms
40ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/betweenx/c27d0194-3296-5226-9828-42a5fd1b5dd9
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 81957c6b3abd18e3-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 21 Oct 2023 00:46:52 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: https://csync.smilewanted.com/set_partner_userid_get/betweenx/c27d0194-3296-5226-9828-42a5fd1b5dd9

GET
H/1.1 204
No Content smwt256.gif
us.ck-ie.com/ Frame BFA4 0
0 352ms
114ms Document
text/plain 8.2.110.114
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Sat, 21 Oct 2023 00:46:52 GMT
Server: nginx

GET
H2 200 cookie Show response
cm.adform.net/ Frame D53C 43 B
106 B 106ms
35ms Document
image/gif 37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Sat, 21 Oct 2023 00:46:52 GMT
server: nginx

GET
H2

200

sync Show response
x.bidswitch.net/ Frame 4261
Redirect Chain

https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
https://dis.criteo.com/dis/usersync.aspx?r=73&p=230&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fgdprapplies%3d0%26gdpr%3d%26redir%3dhttps%253A%252F%252Fcsync.smilewanted.co...
https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24{CRITEO_USER_ID}&profile=230&uid=45b4a13b-803a-48...
https://x.bidswitch.net/sync?ssp=criteo&custom_data=nxwGPV9NRDQyTkZnTmhzc29PelpWSGtsR1puRUFLY1JrUGtUOSUyRm5DcVpKdVBaJTJGVTM1T1huZVdIT2pqcVkxUzVlbFklMkIxcTJabFhISDk4ODZ2biUyQllacEl2WTF0R3k1dkt0bkVaW...
https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=nxwGPV9NRDQyTkZnTmhzc29PelpWSGtsR1puRUFLY1JrUGtUOSUyRm5DcVpKdVBaJTJGVTM1T1huZVdIT2pqcVkxUzVlbFklMkIxcTJabFhISDk4ODZ2biUyQllacEl2WTF0R3k1dkt...
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=1a90fbb4-56d0-4c3d-b055-ed456eeb2e39&gdpr=&gdpr_consent=&us_privacy=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=1a90fbb4-56d0-4c3d-b055-ed456eeb2e39&gdpr=&gdpr_consent=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=ff65b09b-15ff-46b0-a1cc-a5104b59154e&ssp=criteo

43 B
145 B

22ms
22ms

Document
image/gif

3.126.125.13

General

Check archive.org

Show headers Download Go to

Full URL: https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=ff65b09b-15ff-46b0-a1cc-a5104b59154e&ssp=criteo
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.125.13 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif
date: Sat, 21 Oct 2023 00:46:53 GMT

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Sat, 21 Oct 2023 00:46:53 GMT
Location: //x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=ff65b09b-15ff-46b0-a1cc-a5104b59154e&ssp=criteo

GET
H2

200

cd10f041c3cd7fabfc9b5b994a13f093 Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 9281
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/cd10f041c3cd7fabfc9b5b994a13f093?gdpr_consent=&gdpr=0

0
432 B

40ms
39ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/cd10f041c3cd7fabfc9b5b994a13f093?gdpr_consent=&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 81957c6cdb7718e3-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 21 Oct 2023 00:46:52 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Sat, 21 Oct 2023 00:46:52 GMT
Expires: Sat, 21 Oct 2023 00:46:52 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/cd10f041c3cd7fabfc9b5b994a13f093?gdpr_consent=&gdpr=0
Pragma: no-cache
Server: nginx
x-sticky-vk: 1697849212664069-529

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 6389 0
0 100ms
22ms Document
text/plain 3.120.99.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.99.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-99-213.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Sat, 21 Oct 2023 00:46:52 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 199 KB
69 KB 317ms
132ms Script
application/javascript 2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.merlininkazani.com
URL: https://www.merlininkazani.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

7a900ef99c0d027e9586048adc3e61588a1bbc73a946a8e32b6dc77c209e7526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 20 Oct 2023 11:55:53 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65326ac9-1117c"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70012
expires: Sat, 21 Oct 2023 01:46:53 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10162.2nY95qfZ1y8XrWIIecPRqjYbq_H-lFWcX4R4WRkLEmVaP-mDMOgtJw1d98GdZh6c.q4gVunz301JBZgLSmlqCOQM-4r0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10162.WvIQy__uMTlB81hqnVIFOXPjPxTGX_WGhEL38DQsIeTCS4n1UFkVIVp1kVDU16Aoo4Adx204j1T_fXKmbGHK_diEKAl_VCKhy7J1CqGcR__iRyDPJh__k7zi1ZaD2RLmNJGxYxEkzg...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10162.MTs3A3hN8wWM0u_ebocQRNVIIhzM4wrUn6Fd0_Q16Trqmwa3iaEguRFKLqdEVD75c2pjVUp2bZ_266L4M4M71MIbyBN4ZSMwWsPg4wqysQk6Y...

43 B
581 B

65ms
65ms

Image
image/gif

2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10162.MTs3A3hN8wWM0u_ebocQRNVIIhzM4wrUn6Fd0_Q16Trqmwa3iaEguRFKLqdEVD75c2pjVUp2bZ_266L4M4M71MIbyBN4ZSMwWsPg4wqysQk6YttsKnspJrtKznVl3kIrc795nwIhIzfM9Swj7yTlF1y1u8PjnJFvkCqGZOeKbq8ba7X-9oy3Lp0v-GP2JQDI98qRgQlqMsfMVibe3tBWVQ%2C%2C.R88ORX7Y8gy_Am1U4NnLa2xWKLg%2C

Protocol

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:53 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10162.MTs3A3hN8wWM0u_ebocQRNVIIhzM4wrUn6Fd0_Q16Trqmwa3iaEguRFKLqdEVD75c2pjVUp2bZ_266L4M4M71MIbyBN4ZSMwWsPg4wqysQk6YttsKnspJrtKznVl3kIrc795nwIhIzfM9Swj7yTlF1y1u8PjnJFvkCqGZOeKbq8ba7X-9oy3Lp0v-GP2JQDI98qRgQlqMsfMVibe3tBWVQ%2C%2C.R88ORX7Y8gy_Am1U4NnLa2xWKLg%2C
date: Sat, 21 Oct 2023 00:46:53 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
473 B 112ms
109ms Image
image/gif 2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:46:53 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 20 Oct 2023 11:55:53 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65326ac9-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 21 Oct 2023 01:46:53 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/93441843/
Redirect Chain

https://mc.yandex.com/watch/93441843?wmode=7&page-url=https%3A%2F%2Fwww.merlininkazani.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A947%3Afu%3A0%3Ae...
https://mc.yandex.com/watch/93441843/1?wmode=7&page-url=https%3A%2F%2Fwww.merlininkazani.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A947%3Afu%3A0%3...

462 B
626 B

70ms
70ms

XHR
application/json

2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/93441843/1?wmode=7&page-url=https%3A%2F%2Fwww.merlininkazani.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A947%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1141%3Acn%3A1%3Adp%3A0%3Als%3A1586847504474%3Ahid%3A465572487%3Az%3A120%3Ai%3A20231021024653%3Aet%3A1697849214%3Ac%3A1%3Arn%3A340914289%3Arqn%3A1%3Au%3A1697849214611037760%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C48%2C694%2C28%2C72%2C0%2C%2C238%2C0%2C2300%2C2300%2C1%2C1083%3Aco%3A0%3Acpf%3A1%3Ans%3A1697849207208%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697849214%3At%3AMerlin%27in%20Kazan%C4%B1%20-%20Oyun%20%C4%B0nceleme%20ve%20Oyun%20Haberleri&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

6fdeeba32415d152fcb3527f4aee281ae040f1ba992cfe41b720bdf208463b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.merlininkazani.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 00:46:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 21-Oct-2023 00:46:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.merlininkazani.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 462
x-xss-protection: 1; mode=block
expires: Sat, 21-Oct-2023 00:46:54 GMT

Redirect headers

pragma: no-cache
date: Sat, 21 Oct 2023 00:46:53 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 21-Oct-2023 00:46:53 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/93441843/1?wmode=7&page-url=https%3A%2F%2Fwww.merlininkazani.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A947%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1141%3Acn%3A1%3Adp%3A0%3Als%3A1586847504474%3Ahid%3A465572487%3Az%3A120%3Ai%3A20231021024653%3Aet%3A1697849214%3Ac%3A1%3Arn%3A340914289%3Arqn%3A1%3Au%3A1697849214611037760%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C48%2C694%2C28%2C72%2C0%2C%2C238%2C0%2C2300%2C2300%2C1%2C1083%3Aco%3A0%3Acpf%3A1%3Ans%3A1697849207208%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697849214%3At%3AMerlin%27in%20Kazan%C4%B1%20-%20Oyun%20%C4%B0nceleme%20ve%20Oyun%20Haberleri&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://www.merlininkazani.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 21-Oct-2023 00:46:53 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.merlininkazani.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: re3qszngpu5nxnaqm2prrm4v
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 5A8KojEynBU
.youtube.com/	1970-01-20 19:56:41	Name: VISITOR_INFO1_LIVE Value: fjVDmJbC2WE
www.merlininkazani.com/	1970-01-20 16:20:41	Name: _pbjs_userid_consent_data Value: 3524755945110770
.betweendigital.com/	1970-01-21 00:23:05	Name: dc Value: lux1
.betweendigital.com/	1970-01-21 00:23:05	Name: tuuid Value: c27d0194-3296-5226-9828-42a5fd1b5dd9
.betweendigital.com/	1970-01-21 00:23:05	Name: ss Value: 1
.betweendigital.com/	1970-01-21 00:23:05	Name: ut Value: ZTMffAAJ31jXvjv5T531BVAPuJtPA4p9zEVVgw==
.turn.com/	1970-01-20 19:56:41	Name: uid Value: 9086847863266335042
.1rx.io/	1970-01-21 00:23:05	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-26f3fd36-3fff-441a-8b02-c3812e2a9dfa-003%22%2C%22nxtrdr%22%3Afalse%7D
.criteo.com/	1970-01-21 00:59:05	Name: uid Value: 45b4a13b-803a-489e-8af6-710a30dc17cd
.ads.stickyadstv.com/	1970-01-20 16:20:41	Name: UID Value: cd10f041c3cd7fabfc9b5b994a13f093
.smilewanted.com/	1970-01-21 00:23:26	Name: sw_user_params_infos Value: h%2BJgx3Nbnc8ectlWYTQJHIwF2cadEiFbehIrp3DJwiDQyp8jIptioCqQxx9z3blzf%2BEtEhNcuYUYoRt0IG4v%2FwJEKn9akZXLKsInybEIm4hv47jPdeSPVgZot9tHZXs%2Fx1Qo4FZlJMNCMbpuUpXRTKu%2BnNdgImodaFB0diZA8w8ojK%2FobYa8R1xclbb76%2F1y1D%2FW3bwkUNNyp64iyZEPtEFXADr8%2FFhn5JZAWmHSW0%2FBybF3EdV7%2FNJHZiQb6C7vgBdtyftXpqavAEtZWoiIRg%3D%3D
.bidswitch.net/	1970-01-21 00:23:05	Name: tuuid Value: 1a90fbb4-56d0-4c3d-b055-ed456eeb2e39
.bidswitch.net/	1970-01-21 00:23:05	Name: c Value: 1697849213
.bidswitch.net/	1970-01-21 00:23:05	Name: tuuid_lu Value: 1697849213

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
ad.turn.com
ads.betweendigital.com
ads.stickyadstv.com
adx.adform.net
adx.protagcdn.com
ajax.googleapis.com
ap.lijit.com
cm.adform.net
csync.smilewanted.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
match.sharethrough.com
mc.yandex.com
mc.yandex.ru
onetag-sys.com
prebid.smilewanted.com
protagcdn.com
rtb.mfadsrvr.com
securepubads.g.doubleclick.net
shb.richaudience.com
ssp-sync.criteo.com
static.doubleclick.net
static.smilewanted.com
sync.1rx.io
sync.richaudience.com
sync.targeting.unrulymedia.com
us.ck-ie.com
www.google.com
www.gstatic.com
www.merlininkazani.com
www.publisher-network.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
104.22.69.131
162.55.101.208
168.119.72.236
178.250.1.9
184.30.21.51
188.42.34.64
192.124.249.27
2001:678:cb4:bbbb::11
216.52.2.48
2606:4700:20::681a:68e
2a00:1450:4001:800::2003
2a00:1450:4001:800::2006
2a00:1450:4001:802::2004
2a00:1450:4001:803::2016
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:827::2001
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2003
2a02:2638:3::6
2a02:6b8::1:119
2a06:98c1:3121::3
3.120.99.213
3.122.23.32
3.126.125.13
37.157.6.237
37.157.6.243
46.228.174.117
51.75.86.98
8.2.110.114
95.101.54.217
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c
055d465eb4e1ad962c5cb135315b3156000345fab645bfe080e59bb8d0d14567
08da07bb99c760a430815d11a91dad908c51a7631307b70eb380a29e20546562
0e30020157f1997c6c9b31bba4fb1f77a4276fcb378a36bb71f8712d6b2a6b6f
0ea51cf9f6a026af6aed5bcc5fd0e9ec981fe6ca4f33baae315aaaac87cbfcb4
0f21c2221933c2e679a258a9f6d6d37a1010bfa7acf917e7c8ef4da5deb5629d
10cf286ac3db9108a7f0c941e6f9d73b4fdae32ab58bc393050c0225db15d221
16776146986abe16ecf4ecf828855012f5c50da7a7d699d7d5143b21b8ae8adf
17831697d0fa783764813af590e05afe21f36cbde5eeaed445cc55960930e69f
1b766b48c5f0eb5878e5719b08722518a8135fe371378d41627eed3e238198bc
1f973d65bd50b0e925e40a22908be91d504fcdc4e0b43b4fc60e8d4e49cbb916
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
2d2a1804477f6bbf31e676bda8d10f7f1a063680b2564dfd3c0b2d2ec75d4d7c
383b405288db900880f67f30c434be6d9096b14d3008ba8c09eb1abf9c22b0f5
3c2a82baa45695e26f0050791ecb1a513794d413b9113cc2ff3ae967ee43c517
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f02ac69c3dbe42287e32d7b2262300a5cc7a08b76a3a904fd2588960c8897ff
4307a4a83648898a0381fa21222a3670428146cb065186d0ff72449bdafa8140
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5882bcc30dd953d661b9b7bb6d8772408192e5093811a9ef8a07d45af1ff1b67
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ae391caa32a24bc733034dde1aa085e8df2b0fd941718038b00c67e017967d8
5f27641a1a91a756cf4f4ed029155438dd9d05d42a83bbc97e4e6c81a4ca20d6
6417c65a57cd68bc0e5e18cf23b47ee22d6c9643d6b2987c6dbed425baebf25b
64f4206dc92e322fe6ce8ff110d4cb83287e7c987a20501d61c858000509479a
67b27d97ce1d287bd6b2fa55e6e5ce400e37444754afb6746e0f17a45643d024
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a08c6270fd9133e662f6667e8b0d6178af291e1e8ba9296d08c4971a30bbd58
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6ee5c9e9f3ff16052b3ccd7ba71c89dc87f5364b8135ff8c604bd7be650cad62
6fdeeba32415d152fcb3527f4aee281ae040f1ba992cfe41b720bdf208463b9e
731a1690662cfe57b65566ec218d9684a2e4085de56d70b21688c43a1b7ba60e
7967bba83f81a8532b4b6fa44170739850a213335832d2f2fbf46e54cad8b315
7a900ef99c0d027e9586048adc3e61588a1bbc73a946a8e32b6dc77c209e7526
7f1999dd213ea15813d6e27249169c4d54cfec7150e81ed1e1aad85d7b20202f
8111c7108a96d733858585c11105896911bf6aa4f113e56905aa39a425f134f4
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3
94165cb5908d25c576a1a6bbc63a5d275d8f5a14c20aaf4d574ed3ffc895b311
955471bf3d46169a2830173ee8c67e720c2117bbf5718f45ff8d913be1b2f710
96e0082f1fe85dfa8f77b4355c84df8b41eded0d97a657806b063807f5558c31
9715cad5176e9cdc9ab737cab44fa6a3197724652f97ad2b047e60ad6bfede07
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
ab1eb8d4a988d7d6baaf5fcd6c4c8fdaa2058a8d4db4dd4b8a6872c7f99277fa
add2474dc337e3ccd718e7052da920b3aa81a274c599131ce65e376d9ba36623
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9d9640ea52c10cf46cd3ed4f151054f94f0e056f4f8832653930028f53b97b5
bf2ffbcf4269eac339246b6ef2e37f3abb33a2905decffba0e1cf198190342e8
c9dabfed9723e6968f8b73a3cbd9b3b24169a717a5e6a60f36df706564cfc0df
cc2c34f22bf681dc4855fd952319535be3f79cf4d500a36ab63fdf93770fe41d
d1c902b44f1f4338b8f29193707f81e9859908051e4437056306bba08946d2e6
d42d9e8a5975207cb02aae556e0403d885ec3e05da4ef170c07595c4a500c69d
d52caf623e61266af7de0ab2eed9ca32278d993f031ff6f104349d8399825fd5
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
da4485322b09758f7177cc201d69a4743b839c8c831005675b213501c26535fa
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d5c2426a9e21107a71e1ac87e3411fd6b9b228e63f1c3b389859660e1d31fe
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f14fe12ab7033abf1ec82fbd6c7dedaf36998f5718010b37a99cc26147441651
f7aff1fccc14eb2b8c07b46245a27af1eee78bdca68be209f996b3525e74815e
f972b248695af24e4d1b2bdcd6320d895ad0e122d0433a459966edd85e99734b
fb689ebd799f6f85c4c01509f34f66ff25225fcb7fb8381630acadd9ab2a9e13
ff4146d5b185d73ee60a39ff346662b6a39cfb0ccff34810d83b72b3f0b2f389

www.merlininkazani.com Open in urlscan Pro 192.124.249.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

115 Requests

97 %HTTPS

50 %IPv6

28 Domains

40 Subdomains

28 IPs

7 Countries

2496 kBTransfer

6807 kBSize

16 Cookies

8 Outgoing links

Page URL History

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.merlininkazani.com Open in urlscan Pro
192.124.249.27 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

97 %
HTTPS

50 %
IPv6

28
Domains

40
Subdomains

28
IPs

7
Countries

2496 kB
Transfer

6807 kB
Size

16
Cookies

115 HTTP transactions
2 data transactions