urlscan.io logo urlscan.io
SecurityTrails logo

win.gg Open in urlscan Pro
52.35.68.139  Public Scan

Go To Rescan Add Verdict Report
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Submission: On August 04 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 97 IPs in 12 countries across 89 domains to perform 344 HTTP transactions. The main IP is 52.35.68.139, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is win.gg.
TLS certificate: Issued by Amazon on June 14th 2021. Valid for: a year.
This is the only time win.gg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 52.35.68.139 16509 (AMAZON-02)
5 2.18.234.190 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
7 35.190.74.49 15169 (GOOGLE)
13 2606:2800:234... 15133 (EDGECAST)
3 104.244.42.8 13414 (TWITTER)
1 2a00:1450:400... ()
1 2.18.232.28 16625 (AKAMAI-AS)
1 13.224.96.3 16509 (AMAZON-02)
1 63.34.109.205 16509 (AMAZON-02)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
27 143.204.98.95 16509 (AMAZON-02)
3 64.202.112.159 22075 (AS-OUTBRAIN)
1 2606:2800:134... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.224.96.61 16509 (AMAZON-02)
1 18.197.253.20 16509 (AMAZON-02)
2 104.244.43.131 54113 (FASTLY)
2 2606:2800:134... 15133 (EDGECAST)
1 13.224.96.63 16509 (AMAZON-02)
31 185.220.204.204 41436 (CLOUDWEBM...)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.24.213.82 16509 (AMAZON-02)
1 13.224.96.22 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... ()
1 2a00:1450:400... 15169 (GOOGLE)
2 13.224.90.44 16509 (AMAZON-02)
3 2a00:1450:400... ()
4 2.18.233.180 ()
2 2 185.94.180.126 ()
3 11 35.244.159.8 ()
2 2a0c:5c81:509... 55081 (24SHELLS)
13 63.250.57.179 41436 (CLOUDWEBM...)
1 35.157.168.25 16509 (AMAZON-02)
1 1 162.55.6.212 ()
4 15 2.18.234.21 ()
7 9 185.33.220.145 29990 (ASN-APPNEX)
4 2a00:1450:400... ()
3 185.86.139.96 201081 (SMARTADSE...)
4 2.18.234.233 16625 (AKAMAI-AS)
3 52.59.136.38 ()
3 3.120.211.246 16509 (AMAZON-02)
3 185.94.180.124 35220 (SPOTX-AMS)
3 185.64.189.112 ()
3 185.64.189.115 ()
2 2 185.184.8.65 ()
2 7 62.149.0.72 ()
1 4 46.249.52.249 ()
3 2600:9000:219... 16509 (AMAZON-02)
1 37.157.2.236 ()
2 89.187.169.47 ()
1 151.101.14.132 ()
1 13 3.120.44.238 16509 (AMAZON-02)
2 2 66.155.71.25 13768 (COGECO-PEER1)
6 5.178.65.245 50673 (SERVERIUS-AS)
4 5.178.65.253 50673 (SERVERIUS-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.186.253.211 15169 (GOOGLE)
2 5 54.205.106.87 14618 (AMAZON-AES)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 3 168.119.79.223 24940 (HETZNER-AS)
3 178.162.133.149 60781 (LEASEWEB-...)
4 7 18.156.0.31 ()
1 1 88.214.206.247 ()
1 1 2a00:7c80:0:1... ()
1 1 2.19.35.65 16625 (AKAMAI-AS)
4 104.109.78.125 16625 (AKAMAI-AS)
4 2a00:1450:400... ()
1 193.200.65.5 ()
1 2a00:1450:400... 15169 (GOOGLE)
1 1 62.209.227.211 5588 (GTSCE GTS...)
1 2606:4700:303... ()
1 19 2606:4700:10:... ()
11 13 142.250.186.66 15169 (GOOGLE)
3 4 35.227.248.159 ()
4 6 37.157.4.39 ()
4 7 76.223.111.131 16509 (AMAZON-02)
1 2a04:4e42:3::300 ()
1 2607:ae80:128... 26558 (FREEWHEEL)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
3 3 52.31.176.223 16509 (AMAZON-02)
1 54.78.254.47 16509 (AMAZON-02)
1 1 151.1.205.165 ()
1 1 85.114.159.118 ()
2 2 35.201.81.244 ()
1 89.163.159.107 24961 (MYLOC-AS ...)
3 7 52.208.103.128 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 35.176.195.187 16509 (AMAZON-02)
1 34.98.67.61 ()
2 52.51.228.134 16509 (AMAZON-02)
3 4 151.101.14.49 54113 (FASTLY)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 52.206.55.189 14618 (AMAZON-AES)
1 2 52.95.124.170 ()
1 1 104.111.215.191 16625 (AKAMAI-AS)
1 1 52.17.37.134 ()
3 2a00:1450:400... ()
3 142.250.74.194 15169 (GOOGLE)
3 3 18.184.95.242 16509 (AMAZON-02)
4 4 185.29.132.245 ()
1 1 91.228.74.189 16509 (AMAZON-02)
2 69.173.144.139 26667 (RUBICONPR...)
1 2 52.46.130.91 ()
1 1 3.90.195.16 14618 (AMAZON-AES)
2 2 2001:678:cb4:... 56396 (TURN)
1 2 52.70.17.21 14618 (AMAZON-AES)
2 2 37.157.4.24 198622 (ADFORM)
1 1 178.250.2.151 44788 (ASN-CRITE...)
1 13.224.96.104 16509 (AMAZON-02)
6 2606:4700:20:... ()
1 212.129.3.112 ()
2 2 72.251.244.142 29791 (VOXEL-DOT...)
1 2 54.36.109.47 ()
1 1 18.184.122.71 16509 (AMAZON-02)
1 51.89.9.254 16276 (OVH)
1 2a00:1288:110... ()
1 54.246.13.173 ()
1 1 185.183.112.148 60350 (VP)
2 2 51.178.20.139 16276 (OVH)
1 1 2001:678:cb4:... 56396 (TURN)
1 69.169.85.6 ()
2 3.121.27.153 ()
344 97
22    52.35.68.139 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-68-139.us-west-2.compute.amazonaws.com
win.gg
5    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
5    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
7    35.190.74.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.74.190.35.bc.googleusercontent.com
enormousearth.com
13    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
3    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN- ()
googleads.g.doubleclick.net
1    2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
1    13.224.96.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-3.zrh50.r.cloudfront.net
ob.cheqzone.com
1    63.34.109.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-109-205.eu-west-1.compute.amazonaws.com
static.adsafeprotected.com
2    2600:1f18:e8a:cd02:882c:d916:bae1:7722 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
obs.cheqzone.com
27    143.204.98.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-95.fra50.r.cloudfront.net
cdn-images.win.gg
3    64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
log.outbrainimg.com
1    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.224.96.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-61.zrh50.r.cloudfront.net
static.hotjar.com
1    18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
2    104.244.43.131 (United States)

ASN54113 (FASTLY, US)
abs-0.twimg.com
2    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)
pbs.twimg.com
1    13.224.96.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-63.zrh50.r.cloudfront.net
script.hotjar.com
31    185.220.204.204 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
live.sekindo.com
live.primis.tech
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.24.213.82 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-213-82.us-west-2.compute.amazonaws.com
api-data.win.gg
1    13.224.96.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-22.zrh50.r.cloudfront.net
vars.hotjar.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN- ()
www.google-analytics.com
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    13.224.90.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-90-44.zrh50.r.cloudfront.net
c.amazon-adsystem.com
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN- ()
fonts.googleapis.com
4    2.18.233.180 (Frankfurt am Main, Germany)

ASN- ()
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    185.94.180.126 (United States)

ASN- ()
sync.search.spotxchange.com
11    35.244.159.8 (Kansas City, United States)

ASN- ()
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
primis-d.openx.net
eu-u.openx.net
us-u.openx.net
2    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
s.adtelligent.com
13    63.250.57.179 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
video.primis.tech
1    35.157.168.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-168-25.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    162.55.6.212 (Germany)

ASN- ()
PTR: static.212.6.55.162.clients.your-server.de
csync.loopme.me
15    2.18.234.21 (Frankfurt am Main, Germany)

ASN- ()
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
9    185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
ib.adnxs.com
4    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN- ()
fonts.gstatic.com
3    185.86.139.96 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
4    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
3    52.59.136.38 (Frankfurt am Main, Germany)

ASN- ()
PTR: ec2-52-59-136-38.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
3    3.120.211.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-211-246.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
3    185.94.180.124 (United States)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
3    185.64.189.112 (United Kingdom)

ASN- ()
hbopenbid.pubmatic.com
3    185.64.189.115 (United Kingdom)

ASN- ()
image6.pubmatic.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN- ()
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
7    62.149.0.72 (Ukraine)

ASN- ()
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.console.adtarget.com.tr
sync.adtelligent.com
4    46.249.52.249 (Netherlands)

ASN- ()
PTR: ads.us.e-planning.net
ads.us.e-planning.net
sync.e-planning.net
3    2600:9000:2190:4600:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
1    37.157.2.236 (Denmark)

ASN- ()
cm.adform.net
2    89.187.169.47 (Frankfurt am Main, Germany)

ASN- ()
PTR: unn-89-187-169-47.cdn77.com
cdn.admatic.com.tr
1    151.101.14.132 (Frankfurt am Main, Germany)

ASN- ()
odb.outbrain.com
13    3.120.44.238 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-44-238.eu-central-1.compute.amazonaws.com
ih.adscale.de
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
pixel-sync.sitescout.com
6    5.178.65.245 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
4    5.178.65.253 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
1    2606:4700::6810:cf3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
5    54.205.106.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-106-87.compute-1.amazonaws.com
a.audrte.com
1    2a02:fa8:8806:16::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
prebid-match.dotomi.com
3    168.119.79.223 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.223.79.119.168.clients.your-server.de
sync.richaudience.com
3    178.162.133.149 (Madrid, Spain)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
7    18.156.0.31 (Frankfurt am Main, Germany)

ASN- ()
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    88.214.206.247 (United Kingdom)

ASN- ()
PTR: buycheapfags.com
cs.admanmedia.com
1    2a00:7c80:0:120::2 (Netherlands)

ASN- ()
ufo.approximity.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN- ()
imasdk.googleapis.com
1    193.200.65.5 (Amsterdam, Netherlands)

ASN- ()
PTR: t.trafmag.com
t.trafmag.com
1    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    62.209.227.211 (Prague, Czech Republic)

ASN5588 (GTSCE GTS Central Europe Antel Germany, CZ)
PTR: bbnautid2.ibillboard.com
bbnaut.ibillboard.com
1    2606:4700:3034::6815:4466 (United States)

ASN- ()
images.getadmiral.com
19    2606:4700:10::ac43:db6 (United States)

ASN- ()
spl.zeotap.com
mwzeom.zeotap.com
13    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
4    35.227.248.159 (Kansas City, United States)

ASN- ()
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
6    37.157.4.39 (Denmark)

ASN- ()
dmp.adform.net
c1.adform.net
7    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
1    2a04:4e42:3::300 (United States)

ASN- ()
trc.taboola.com
1    2607:ae80:128:1::49 (United States)

ASN26558 (FREEWHEEL, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b002:2591:850:d183:b9b4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
3    52.31.176.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-176-223.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Bellagio, Italy)

ASN- ()
bn01.er.bemail.it
1    85.114.159.118 (Schopfheim, Germany)

ASN- ()
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.201.81.244 (Kansas City, United States)

ASN- ()
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    89.163.159.107 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
7    52.208.103.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    35.176.195.187 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-195-187.eu-west-2.compute.amazonaws.com
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN- ()
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    52.51.228.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-228-134.eu-west-1.compute.amazonaws.com
beacon.krxd.net
4    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    52.206.55.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-55-189.compute-1.amazonaws.com
usermatch.krxd.net
2    52.95.124.170 (Dublin, Ireland)

ASN- ()
aax-eu.amazon-adsystem.com
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    52.17.37.134 (Dublin, Ireland)

ASN- ()
PTR: ec2-52-17-37-134.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
3    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN- ()
adservice.google.com
3    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
securepubads.g.doubleclick.net
3    18.184.95.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-95-242.eu-central-1.compute.amazonaws.com
pixel.advertising.com
4    185.29.132.245 (United Kingdom)

ASN- ()
sync.mathtag.com
1    91.228.74.189 (United Kingdom)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    52.46.130.91 (Ashburn, United States)

ASN- ()
s.amazon-adsystem.com
1    3.90.195.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-90-195-16.compute-1.amazonaws.com
nep.advangelists.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    52.70.17.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-17-21.compute-1.amazonaws.com
um2.eqads.com
2    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    13.224.96.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-104.zrh50.r.cloudfront.net
tags.crwdcntrl.net
6    2606:4700:20::681a:24e (United States)

ASN- ()
sync.quantumdex.io
1    212.129.3.112 (France)

ASN- ()
PTR: 212-129-3-112.rev.poneytelecom.eu
js.cookieless-data.com
2    72.251.244.142 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
PTR: tracking-failover-03.ams2.m6r.eu
tracking.m6r.eu
2    54.36.109.47 (France)

ASN- ()
PTR: p02.id5-sync.com
id5-sync.com
1    18.184.122.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-122-71.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
1    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN- ()
pr-bh.ybp.yahoo.com
1    54.246.13.173 (Dublin, Ireland)

ASN- ()
PTR: ec2-54-246-13-173.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
2    51.178.20.139 (France)

ASN16276 (OVH, FR)
PTR: ns31193669.ip-51-178-20.eu
gu.dyntrk.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
1    69.169.85.6 (Cranford, United States)

ASN- ()
global.ib-ibi.com
2    3.121.27.153 (Frankfurt am Main, Germany)

ASN- ()
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
ps.eyeota.net
Apex Domain
Subdomains		 Transfer
50 win.gg
win.gg
cdn-images.win.gg
api-data.win.gg
666 KB
43 primis.tech
live.primis.tech
video.primis.tech
3 MB
19 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
5 KB
19 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
securepubads.g.doubleclick.net
7 KB
16 adscale.de
js.adscale.de
ih.adscale.de
16 KB
16 twitter.com
platform.twitter.com
syndication.twitter.com
380 KB
15 casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
18 KB
14 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
s.e-planning.net
sync.e-planning.net
19 KB
12 openx.net
u.openx.net
primis-d.openx.net
rtb.openx.net
eu-u.openx.net
us-u.openx.net
3 KB
10 rubiconproject.com
prebid-server.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
23 KB
10 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
22 KB
9 yahoo.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
pr-bh.ybp.yahoo.com
7 KB
9 adform.net
cm.adform.net
dmp.adform.net
c1.adform.net
track.adform.net
4 KB
9 adnxs.com
secure.adnxs.com
ib.adnxs.com
6 KB
8 crwdcntrl.net
bcp.crwdcntrl.net
tags.crwdcntrl.net
sync.crwdcntrl.net
16 KB
7 adsrvr.org
match.adsrvr.org
3 KB
7 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
688 KB
7 enormousearth.com
enormousearth.com
242 KB
6 quantumdex.io
sync.quantumdex.io
3 KB
6 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
2 KB
6 adtarget.com.tr
s.console.adtarget.com.tr
sync.console.adtarget.com.tr
4 KB
6 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
38 KB
6 google.com
analytics.google.com
www.google.com
adservice.google.com
1 KB
6 outbrain.com
widgets.outbrain.com
widget-pixels.outbrain.com
odb.outbrain.com
71 KB
5 mathtag.com
pixel.mathtag.com
sync.mathtag.com
3 KB
5 audrte.com
a.audrte.com
7 KB
5 spotxchange.com
sync.search.spotxchange.com
search.spotxchange.com
4 KB
5 twimg.com
cdn.syndication.twimg.com
abs-0.twimg.com
pbs.twimg.com
8 KB
5 googlesyndication.com
pagead2.googlesyndication.com
179 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 tapad.com
pixel.tapad.com
2 KB
4 stickyadstv.com
ads.stickyadstv.com
2 KB
4 gstatic.com
fonts.gstatic.com
103 KB
4 google-analytics.com
www.google-analytics.com
58 KB
4 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com
1 KB
3 turn.com
ad.turn.com
d.turn.com
1 KB
3 krxd.net
beacon.krxd.net
usermatch.krxd.net
935 B
3 demdex.net
dpm.demdex.net
3 KB
3 sonobi.com
sync.go.sonobi.com
1 KB
3 richaudience.com
sync.richaudience.com
743 B
3 adtelligent.com
s.adtelligent.com
sync.adtelligent.com
2 KB
3 smartadserver.com
prg.smartadserver.com
942 B
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
67 KB
3 cheqzone.com
ob.cheqzone.com
obs.cheqzone.com
21 KB
2 eyeota.net
ps.eyeota.net
2 KB
2 dyntrk.com
gu.dyntrk.com
850 B
2 id5-sync.com
id5-sync.com
3 KB
2 m6r.eu
tracking.m6r.eu
1 KB
2 eqads.com
um2.eqads.com
563 B
2 weborama.fr
idsync.frontend.weborama.fr
868 B
2 tidaltv.com
sync.tidaltv.com
791 B
2 sitescout.com
pixel.sitescout.com
pixel-sync.sitescout.com
587 B
2 admatic.com.tr
cdn.admatic.com.tr
21 KB
2 creativecdn.com
creativecdn.com
721 B
2 google.de
www.google.de
170 B
2 googletagmanager.com
www.googletagmanager.com
107 KB
1 ib-ibi.com
global.ib-ibi.com
72 B
1 adotmob.com
sync.adotmob.com
689 B
1 bidr.io
match.prod.bidr.io
430 B
1 onetag-sys.com
onetag-sys.com
823 B
1 sharethrough.com
match.sharethrough.com
240 B
1 cookieless-data.com
js.cookieless-data.com
367 B
1 criteo.com
dis.criteo.com
586 B
1 advangelists.com
nep.advangelists.com
232 B
1 quantserve.com
pixel.quantserve.com
496 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
215 B
1 bluekai.com
tags.bluekai.com
346 B
1 mookie1.com
odr.mookie1.com
324 B
1 agkn.com
aa.agkn.com
380 B
1 theadex.com
dmp.theadex.com
378 B
1 adition.com
dsp.adfarm1.adition.com
596 B
1 bemail.it
bn01.er.bemail.it
659 B
1 exelator.com
loadeu.exelator.com
324 B
1 fwmrm.net
dmp.v.fwmrm.net
411 B
1 taboola.com
trc.taboola.com
161 B
1 getadmiral.com
images.getadmiral.com
1 KB
1 ibillboard.com
bbnaut.ibillboard.com
550 B
1 2mdn.net
s0.2mdn.net
17 KB
1 trafmag.com
t.trafmag.com
232 B
1 approximity.com
ufo.approximity.com
280 B
1 admanmedia.com
cs.admanmedia.com
428 B
1 dotomi.com
prebid-match.dotomi.com
104 B
1 navdmp.com
tag.navdmp.com
4 KB
1 loopme.me
csync.loopme.me
242 B
1 bidswitch.net
x.bidswitch.net
146 B
1 sekindo.com
live.sekindo.com
12 KB
1 ensighten.com
nexus.ensighten.com
271 B
1 adsafeprotected.com
static.adsafeprotected.com
259 B
1 googleoptimize.com
www.googleoptimize.com
40 KB
344 89
Domain Requested by
30 live.primis.tech live.sekindo.com
live.primis.tech
27 cdn-images.win.gg win.gg
22 win.gg win.gg
16 mwzeom.zeotap.com 1 redirects ads.us.e-planning.net
13 cm.g.doubleclick.net 11 redirects u.openx.net
bcp.crwdcntrl.net
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
13 video.primis.tech live.primis.tech
win.gg
13 platform.twitter.com win.gg
platform.twitter.com
9 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
um2.eqads.com
ssum-sec.casalemedia.com
7 match.adsrvr.org 4 redirects u.openx.net
ssum.casalemedia.com
bcp.crwdcntrl.net
7 ups.analytics.yahoo.com 4 redirects ssum-sec.casalemedia.com
7 enormousearth.com win.gg
enormousearth.com
6 sync.quantumdex.io ads.us.e-planning.net
sync.quantumdex.io
ssum-sec.casalemedia.com
6 ib.adnxs.com 5 redirects spl.zeotap.com
6 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
5 a.audrte.com 2 redirects ads.us.e-planning.net
a.audrte.com
s.console.adtarget.com.tr
5 sync.console.adtarget.com.tr s.console.adtarget.com.tr
s.adtelligent.com
js.adscale.de
ads.us.e-planning.net
5 pagead2.googlesyndication.com win.gg
pagead2.googlesyndication.com
srcdoc
4 sync.mathtag.com 4 redirects
4 sync-tm.everesttech.net 3 redirects
4 bcp.crwdcntrl.net 3 redirects tags.crwdcntrl.net
4 pixel.tapad.com 3 redirects ads.us.e-planning.net
4 imasdk.googleapis.com live.primis.tech
imasdk.googleapis.com
4 eus.rubiconproject.com ads.us.e-planning.net
live.primis.tech
eus.rubiconproject.com
4 s.e-planning.net ads.us.e-planning.net
4 ads.stickyadstv.com live.primis.tech
4 fonts.gstatic.com fonts.googleapis.com
4 ssum-sec.casalemedia.com 2 redirects ssum.casalemedia.com
sync.quantumdex.io
4 u.openx.net 3 redirects live.primis.tech
4 ads.pubmatic.com live.primis.tech
s.console.adtarget.com.tr
ads.us.e-planning.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 widgets.outbrain.com win.gg
widgets.outbrain.com
3 sync.crwdcntrl.net bcp.crwdcntrl.net
3 c1.adform.net 2 redirects ssum-sec.casalemedia.com
3 pixel.advertising.com 3 redirects
3 securepubads.g.doubleclick.net imasdk.googleapis.com
3 adservice.google.com imasdk.googleapis.com
3 dpm.demdex.net 3 redirects
3 dmp.adform.net 2 redirects spl.zeotap.com
3 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
3 sync.go.sonobi.com ads.us.e-planning.net
sync.quantumdex.io
3 sync.richaudience.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
3 hbopenbid.pubmatic.com live.primis.tech
3 search.spotxchange.com live.primis.tech
3 primis-d.openx.net live.primis.tech
3 ads.adaptv.advertising.com live.primis.tech
3 prebid-server.rubiconproject.com live.primis.tech
3 prg.smartadserver.com live.primis.tech
3 secure.adnxs.com 2 redirects ssum-sec.casalemedia.com
3 fonts.googleapis.com win.gg
live.primis.tech
enormousearth.com
3 log.outbrainimg.com widgets.outbrain.com
3 syndication.twitter.com platform.twitter.com
win.gg
2 ps.eyeota.net s.console.adtarget.com.tr
2 gu.dyntrk.com 2 redirects
2 id5-sync.com 1 redirects sync.quantumdex.io
2 tracking.m6r.eu 2 redirects
2 track.adform.net 2 redirects
2 um2.eqads.com 1 redirects ssum.casalemedia.com
2 ad.turn.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 token.rubiconproject.com eus.rubiconproject.com
ads.us.e-planning.net
2 us-u.openx.net u.openx.net
2 eu-u.openx.net u.openx.net
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 idsync.frontend.weborama.fr 2 redirects
2 sync.tidaltv.com 2 redirects
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 sync.adtelligent.com 2 redirects
2 sync.e-planning.net ads.us.e-planning.net
sync.quantumdex.io
2 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
2 ads.us.e-planning.net 1 redirects s.console.adtarget.com.tr
2 creativecdn.com 2 redirects
2 sync.search.spotxchange.com 2 redirects
2 c.amazon-adsystem.com live.primis.tech
c.amazon-adsystem.com
2 www.google.de win.gg
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 pbs.twimg.com win.gg
2 abs-0.twimg.com win.gg
2 www.googletagmanager.com win.gg
www.googletagmanager.com
2 obs.cheqzone.com ob.cheqzone.com
win.gg
1 global.ib-ibi.com bcp.crwdcntrl.net
1 d.turn.com 1 redirects
1 sync.adotmob.com 1 redirects
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
1 onetag-sys.com sync.quantumdex.io
1 match.sharethrough.com 1 redirects
1 js.cookieless-data.com s.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 dis.criteo.com 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 nep.advangelists.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 images.getadmiral.com
1 bbnaut.ibillboard.com 1 redirects
1 s0.2mdn.net imasdk.googleapis.com
1 t.trafmag.com s.adtelligent.com
1 secure-assets.rubiconproject.com 1 redirects
1 ufo.approximity.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 prebid-match.dotomi.com ads.us.e-planning.net
1 rtb.openx.net 1 redirects
1 tag.navdmp.com ads.us.e-planning.net
1 pixel.sitescout.com 1 redirects
1 odb.outbrain.com widgets.outbrain.com
1 s.adtelligent.com s.console.adtarget.com.tr
1 cm.adform.net s.console.adtarget.com.tr
1 csync.loopme.me 1 redirects
1 x.bidswitch.net
1 s.console.adtarget.com.tr live.primis.tech
1 www.google.com win.gg
1 vars.hotjar.com static.hotjar.com
1 api-data.win.gg win.gg
1 live.sekindo.com win.gg
1 script.hotjar.com static.hotjar.com
1 nexus.ensighten.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 cdn.syndication.twimg.com platform.twitter.com
1 static.adsafeprotected.com win.gg
1 ob.cheqzone.com widgets.outbrain.com
1 widget-pixels.outbrain.com win.gg
1 tcheck.outbrainimg.com widgets.outbrain.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.googleoptimize.com win.gg
344 141
Subject Issuer Validity Valid
win.gg
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
enormousearth.com
R3		 2021-07-17 -
2021-10-15		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA		 2021-05-04 -
2022-05-09		 a year crt.sh
*.cheqzone.com
Amazon		 2021-02-21 -
2022-03-22		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-01-06 -
2022-02-04		 a year crt.sh
obs.cheqzone.com
R3		 2021-06-14 -
2021-09-12		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
nexus.ensighten.com
DigiCert SHA2 Secure Server CA		 2020-09-09 -
2021-10-11		 a year crt.sh
www.sekindo.com
Go Daddy Secure Certificate Authority - G2		 2021-05-11 -
2021-11-28		 7 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2021-08-01 -
2021-10-30		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-11-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-24 -
2021-11-17		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
sync.console.adtarget.com.tr
R3		 2021-07-31 -
2021-10-29		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-08-01 -
2021-10-30		 3 months crt.sh
*.adscale.de
Amazon		 2020-09-06 -
2021-10-06		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
cdn.admatic.com.tr
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-06-06 -
2021-09-04		 3 months crt.sh
*.e-planning.net
R3		 2021-06-04 -
2021-09-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-06-10 -
2022-06-22		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
getadmiral.com
Cloudflare Inc ECC CA-3		 2021-05-13 -
2022-05-12		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.theadex.com
GeoTrust RSA CA 2018		 2019-10-11 -
2021-10-10		 2 years crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
js.cookieless-data.com
R3		 2021-07-23 -
2021-10-21		 3 months crt.sh
*.id5-sync.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
onetag-sys.com
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.ib-ibi.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-03-08		 a year crt.sh
*.eyeota.net
R3		 2021-06-28 -
2021-09-26		 3 months crt.sh

This page contains 42 frames:

Primary Page: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Frame ID: 0E73B348DB9B3A410AAB3EC0E49987A3
Requests: 120 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwin.gg
Frame ID: 6C7974A2A7FE9ECE7AC912B4E546035E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210729/r20190131/zrt_lookup.html
Frame ID: EEA059940D3101FCE0C6B91BE6188AFB
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 5EF7B5F106CE6FDE8ECC48D88F52CC85
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1385788446606774273&lang=en&origin=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&sessionId=1f2f0aa267be0a6310a4d9ec518c2bb7a10ff9bf&siteScreenName=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Frame ID: 7AAA70C14979E24322A64278D27F9580
Requests: 17 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 1C7C960B4ADBDA7D82D296EE98D6CE21
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=104669&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&subId=[SUBID_ENCODED]&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed211firpglwsz&csuuid=610a2dd2d60d7&r_csuuid=1&cbuster=1628057042&pubUrlAuto=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=110&floatHorizontalOffset=1&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Frame ID: 6CE8BC0275D929561F3DEFD66C37889E
Requests: 47 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: 1C233E79927415B17E52BFF4D4938173
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D610a2dd2d60d7%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: F63C3DCC9F9E8D33BF35A24C9A195D07
Requests: 2 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=94&advUuid=c4d94cf8-f4e9-11eb-8527-1d21b9eb0306
Frame ID: 46A49C877601397A43E78CE71AFEA9C8
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=98&advUuid=d21d07de-f9e0-48d8-9bad-de93137959ae
Frame ID: 4752EA06C356D82F807E714544D2FD88
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: 75E3DA6C55384884A41CC44E0D8F209E
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=mD2EWlc7Ed7etGUCLVjf&pi=admatic&tc=1
Frame ID: 7AF9794D99C33B785615C4D7C34834D3
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: CA08B6187BC78A4BC62E4B04CFB37B48
Requests: 20 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: 1CA9825314D1B04E6031284873DADBF1
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 4B5E649D9ABBB601264DD9ABCC0998D3
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 8791C8E3BD2E9053DFD0AA31CC4C0703
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: DEDCE3E8135AD7F85F4EA48B80B27B4B
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=609724
Frame ID: E9C555161ADD1035172F4008A01E40D6
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 8C0035126357C36277C01FFF01D2C3D3
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dd8722cea88f59622%26uid%3D
Frame ID: 7F2C523FE08FC037DE2374D1AB87994B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: A216EF256DE4BE64768999B97B2E8F9B
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 3E3D917E0951D21F468DE05AA1F3653A
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 4A9E301EE1113DC7C4B4BE8E41A41302
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 32C1430BCFC335C07DEC0BCFB4602605
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd8722cea88f59622%26uid%3D
Frame ID: 7035EDD67906E8F6B6E893DBB1F54D8A
Requests: 9 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361&cmp=0
Frame ID: 0401049317CA6801B501F1E1BE9B9E7E
Requests: 31 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Frame ID: 76074241765F92B8F965FDD92F549946
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: 8CFB211DDFDDC9C51A42E830051CFF67
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1&gdpr=1&gdpr_consent=
Frame ID: 0B8348F4365738D4007888E0050512D4
Requests: 7 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 20509AB5C38009C7E476883CB1898617
Requests: 2 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 527C51054B5B317382D54D632AE16A37
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: 0E238C4BEA0CE2F36CE8181EB34801ED
Requests: 8 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=ABLmvu77u7hmfiPe
Frame ID: 777AB8CB8B828B94C00B5D9CB0ECA332
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: EA94E9C551F2713A871EAC1AF2A93622
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 156190DAD86615F793834DCA6BA7EB8B
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 44AAB8FC3854CDE3CB706A492A40992B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: FC835DC42E9D1A5C01DC2A2DD86EB62D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7BFAE5EC2C6F96AF3D86D7628239FCBC
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=530791046/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Frame ID: 74136CE181B4D6AB2D2504BA1FD6ADA3
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: 06C58BF1FF725BC2A72A11FAECB75A45
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D406BB01B0197E1014B6DAADFDE75E3A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /widgets\.outbrain\.com\/outbrain\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

344
Requests

100 %
HTTPS

27 %
IPv6

89
Domains

141
Subdomains

97
IPs

12
Countries

6118 kB
Transfer

12077 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 117
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D610a2dd2d60d7%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D610a2dd2d60d7%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=c4d94d36-f4e9-11eb-8527-1d21b9eb0306 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=94&advUuid=c4d94cf8-f4e9-11eb-8527-1d21b9eb0306
Request Chain 118
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D610a2dd2d60d7%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D610a2dd2d60d7%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=98&advUuid=d21d07de-f9e0-48d8-9bad-de93137959ae
Request Chain 130
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D610a2dd2d60d7%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=93&advUuid=2cc034d5-8308-4c9e-80d2-03dc6ff36fa2
Request Chain 131
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D610a2dd2d60d7%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D610a2dd2d60d7%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=99&advUuid=YQot09KJFv55nvrxBBPb5QAABJgAAAAB
Request Chain 132
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D610a2dd2d60d7%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D610a2dd2d60d7%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=105&advUuid=9038827357018361317
Request Chain 150
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=mD2EWlc7Ed7etGUCLVjf&pi=admatic&tc=1
Request Chain 151
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Request Chain 160
  • https://ih.adscale.de/uu?cbfn=receive&t=1628057043 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1628057043&nut&uu=db8064d0861c4f9991cd68092d16136a
Request Chain 161
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dd8722cea88f59622 HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=d8722cea88f59622
Request Chain 165
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dd8722cea88f59622%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=d8722cea88f59622&uid=1c666ea1-0c39-43c2-b444-88a57e6ad836
Request Chain 169
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Dd8722cea88f59622 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 170
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dd8722cea88f59622%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=d8722cea88f59622&uid=9038827357018361317
Request Chain 172
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-7goVqiZE2uEuDLNW198FdYqEv_jjex9y2ONx54k-~A
Request Chain 173
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3Dd8722cea88f59622%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=d8722cea88f59622&uid=61c065ec1696f79439e719708577bce141ab5263
Request Chain 174
  • https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3Dd8722cea88f59622 HTTP 302
  • https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=d8722cea88f59622&uid=02000000C32D0A61A424EF48024694A1
Request Chain 175
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 180
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=6f11c13c4feba312
Request Chain 181
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D322988%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=6f11c13c4feba312
Request Chain 196
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=db8064d0861c4f9991cd68092d16136a&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F018d4457cc884b8eb463b518434052bf%2F1628057043519%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/018d4457cc884b8eb463b518434052bf/1628057043519/0/img?tpid=101&tpuid=BBID-01-03027710436897767-16358076
Request Chain 204
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=e3e9afba65c1f3b7e97bcbfe9fc0bc06666f87a997839ca6a6049efcc4f92ce9&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F018d4457cc884b8eb463b518434052bf%2F1628057043519%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YQot09KJFv55nvrxBBPb5QAA%261176
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEAp9UjSuCkKc8tglAyvBtGQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Request Chain 208
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7be3dfbc-79f0-47a5-7d08-566fbe1a44e6%26reqId%3Dff2b3918-5440-4d0d-6742-ae39efa3e3ed%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7be3dfbc-79f0-47a5-7d08-566fbe1a44e6%26reqId%3Dff2b3918-5440-4d0d-6742-ae39efa3e3ed%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=33231e33-1b7d-4266-8574-43f603483a4d&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Request Chain 210
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7be3dfbc-79f0-47a5-7d08-566fbe1a44e6%26reqId%3Dff2b3918-5440-4d0d-6742-ae39efa3e3ed%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7be3dfbc-79f0-47a5-7d08-566fbe1a44e6%26reqId%3Dff2b3918-5440-4d0d-6742-ae39efa3e3ed%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=c8036eb7-2df9-4d94-845d-4a3bab6854ab&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Request Chain 214
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=ecf51656-bb44-4fcc-ae2a-35c163761ee7&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 215
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7be3dfbc-79f0-47a5-7d08-566fbe1a44e6%26reqId%3Dff2b3918-5440-4d0d-6742-ae39efa3e3ed%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7be3dfbc-79f0-47a5-7d08-566fbe1a44e6%26reqId%3Dff2b3918-5440-4d0d-6742-ae39efa3e3ed%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=73522639935570750572091841601929039849&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Request Chain 217
  • https://bn01.er.bemail.it/zeotap.php?_bid=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021080408-90875-0.764164001628057055-3b75994a4c79592278a0cc20673a159c&zdid=533&env=mWeb
Request Chain 218
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7be3dfbc-79f0-47a5-7d08-566fbe1a44e6%26reqId%3Dff2b3918-5440-4d0d-6742-ae39efa3e3ed%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6992451760022812823&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Request Chain 219
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6
Request Chain 220
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7be3dfbc-79f0-47a5-7d08-566fbe1a44e6%26reqId%3Dff2b3918-5440-4d0d-6742-ae39efa3e3ed%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7be3dfbc-79f0-47a5-7d08-566fbe1a44e6%26reqId%3Dff2b3918-5440-4d0d-6742-ae39efa3e3ed%26zdid%3D1361&bounce=1&random=3488472547 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=D0qBXIaw0WARwiVTMc7bhO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Request Chain 222
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=c2d52a1455cf78e0a258bdca2b96497d&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Request Chain 223
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-FlbIoBdE2or6kGJvRI7NkOnB0SqNh.XdOg--~A&zpartnerid=570&env=mWeb
Request Chain 224
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=tKr7P5R%2FMpGhrQKPZzWj4OktzehU4wju%2BS41iYitP1U%3D
Request Chain 228
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7be3dfbc-79f0-47a5-7d08-566fbe1a44e6%26reqId%3Dff2b3918-5440-4d0d-6742-ae39efa3e3ed%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7be3dfbc-79f0-47a5-7d08-566fbe1a44e6%26reqId%3Dff2b3918-5440-4d0d-6742-ae39efa3e3ed%26zdid%3D1361&_test=YQot1QADWoovTAAC HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YQot1QADWoovTAAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361&_test=YQot1QADWoovTAAC
Request Chain 229
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7be3dfbc-79f0-47a5-7d08-566fbe1a44e6%26reqId%3Dff2b3918-5440-4d0d-6742-ae39efa3e3ed%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=aea3610a-2dd4-4600-9f07-e9ecf9a77538&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Request Chain 230
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OR8XtAiD&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=b4a1a241-2d2e-49b2-659a-0ddaaa9fcefc
Request Chain 231
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361&dcc=t
Request Chain 232
  • https://tags.bluekai.com/site/87734?id=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 233
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7be3dfbc-79f0-47a5-7d08-566fbe1a44e6%26reqId%3Dff2b3918-5440-4d0d-6742-ae39efa3e3ed%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Request Chain 241
  • https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent= HTTP 302
  • https://u.openx.net/w/1.0/pd?cc=1&gdpr=1&gdpr_consent=
Request Chain 242
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPc5b7182f-f4e9-11eb-a2d8-06dbf28d7f76 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBjNWI3MTgyZi1mNGU5LTExZWItYTJkOC0wNmRiZjI4ZDdmNzY%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEKsEhhOjHkaqA8umpC5fV3k&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEKsEhhOjHkaqA8umpC5fV3k&google_cver=1&apid=UPc5b7182f-f4e9-11eb-a2d8-06dbf28d7f76
Request Chain 243
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=c8036eb7-2df9-4d94-845d-4a3bab6854ab&_origin=1&gdpr=1&gdpr_consent=
Request Chain 244
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_test=YQot1QADWlYvTwAC
Request Chain 248
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=66c4610a-2dd5-4400-9a5b-70b1e374516b
Request Chain 249
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=BaE9ZwH0aTMeoD5iA6YgNVDxb2AeoD9lB6BckZzb
Request Chain 250
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5129030013448688590
Request Chain 252
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTMwNmRkYjgtNGE1Yy0yMDdjLWM3NzUtMjMzMzNiYTY5ODlh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTMwNmRkYjgtNGE1Yy0yMDdjLWM3NzUtMjMzMzNiYTY5ODlh&google_tc=
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEK7YYkl0VTlmCdYvf7uR0TQ&google_cver=1
Request Chain 255
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=a54fb64b06f76df88a9814709b0a5156d34d4758a27de21acc8421b5ae3e1e41&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F018d4457cc884b8eb463b518434052bf%2F1628057043519%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=4d98610a-2dd5-4c00-b853-aa00e9903c25&gdpr=0&gdpr_consent=
Request Chain 256
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQot09KJFv55nvrxBBPb5QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF-SYEfT9UHhxqSO9iKZG3o&google_cver=1&gdpr=1
Request Chain 258
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQot09KJFv55nvrxBBPb5QAABJgAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQot09KJFv55nvrxBBPb5QAABJgAAAAB&dcc=t
Request Chain 259
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQot09KJFv55nvrxBBPb5QAABJgAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAU909PicW8_VLxfx9r4Ecs&google_cver=1
Request Chain 260
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a5dbdc03-b3c0-48bc-84be-bfae24b2be82
Request Chain 261
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1630649044
Request Chain 262
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4492411835778968300
Request Chain 264
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 266
  • https://track.adform.net/serving/cookie/match/?party=9&uid=675fa32fc7a65d11b0891d5bb96b46bc973ad8eab6ee8cd3fbdefe0b477bfa73&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F018d4457cc884b8eb463b518434052bf%2F1628057043519%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=675fa32fc7a65d11b0891d5bb96b46bc973ad8eab6ee8cd3fbdefe0b477bfa73&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F018d4457cc884b8eb463b518434052bf%2F1628057043519%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/018d4457cc884b8eb463b518434052bf/1628057043519/0/img?tpid=42&gdpr=0&tpuid=5129030013448688590
Request Chain 269
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=58cbd5534f9c2adfe16ae455491af8ba5389ea19f7550a055e6826d15c1d53df&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F018d4457cc884b8eb463b518434052bf%2F1628057043519%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=20d250ab-40d4-4087-bf4c-1005faaf63c1&gdpr=0
Request Chain 275
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=c14c428bc7d82afb8a70d85ffecdc4b9bf8459c3692ef9c08938af113e2a8de1&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F018d4457cc884b8eb463b518434052bf%2F1628057043519%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=4d98610a-2dd5-4c00-b853-aa00e9903c25&gdpr=0&gdpr_consent=
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=46e8796b7e00d9a800d64d783247692767c4b31fdd224dc675702edf839fa517&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F018d4457cc884b8eb463b518434052bf%2F1628057043519%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/018d4457cc884b8eb463b518434052bf/1628057043519/0/img?uid=46e8796b7e00d9a800d64d783247692767c4b31fdd224dc675702edf839fa517&tpid=38&gdpr=0&tpuid=CAESEGdchOwImmC_VmecipeSkCc&google_cver=1
Request Chain 277
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=d4cea2cbef1bc6f28b1477a6dc68c298d092742bcbd9ca03a8c024423a9dcf3d&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F018d4457cc884b8eb463b518434052bf%2F1628057043519%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=d4cea2cbef1bc6f28b1477a6dc68c298d092742bcbd9ca03a8c024423a9dcf3d&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F018d4457cc884b8eb463b518434052bf%2F1628057043519%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/018d4457cc884b8eb463b518434052bf/1628057043519/0/js?tpid=48&tpuid=1fcdce5c41960303677050cce5d77882
Request Chain 279
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7goVqiZE2uEuDLNW198FdYqEv_jjex9y2ONx54k-~A
Request Chain 280
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 281
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2458628405783015084
Request Chain 282
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=611fe2a4-a812-4486-8503-9477058e7f3e
Request Chain 283
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7477611067365133009
Request Chain 294
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=068c220402d288306837278c&expiration=[EXPIRATION]&gdpr=1
Request Chain 295
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4492411835778968300
Request Chain 296
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 314
  • https://bcp.crwdcntrl.net/5/c=15238/rand=530791046/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=530791046/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Request Chain 315
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=2e92610a-2ddb-4500-862d-798fdf8e41c6
Request Chain 316
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/c2d52a1455cf78e0a258bdca2b96497d/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4139657704722061062
Request Chain 318
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=c2d52a1455cf78e0a258bdca2b96497d&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=73522639935570750572091841601929039849
Request Chain 319
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YzJkNTJhMTQ1NWNmNzhlMGEyNThiZGNhMmI5NjQ5N2Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YzJkNTJhMTQ1NWNmNzhlMGEyNThiZGNhMmI5NjQ5N2Q&google_tc=
Request Chain 322
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=4m1Su-jqg1HTUiWJh10eDuWLQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=4m1Su-jqg1HTUiWJh10eDuWLQ&gdpr=0&gdpr_consent=&google_gid=CAESEB2Ol3i883NDHYnxb5H-kNo&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 323
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=3901544780403911500 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=4m1Su-jqg1HTUiWJh10eDuWLQ&gdpr=0&gdpr_consent=

344 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
win.gg/news/7962/ 		97 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx / Next.js
Resource Hash
311b721d77428a51ccce1f2abdb54772d8b75b052ee2bcda088436bd8683c098
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
win.gg
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 04 Aug 2021 06:04:01 GMT
ETag
"1826d-F02yBmwnnhE+ArRkQ1l4Uc0YWPI"
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
Next.js
X-Xss-Protection
1; mode=block
transfer-encoding
chunked
Connection
keep-alive
styles.569076bd.chunk.css
win.gg/_next/static/css/ 		74 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win.gg/_next/static/css/styles.569076bd.chunk.css
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
9c3500c6354d6cca5ebe517dfad92ce8a1204579f9467cca0edd1a6d7a5b692e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
win.gg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Connection
keep-alive
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
C3V64GTZ45ENA66B
x-amz-id-2
+UUZ8v0SOyjzhib6XRdtTeFaQ4YwsfD0PcRLhb38k4aujfJvQlraKJXd5f5JyWLvARGWLkIywCE=
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
7617
X-Xss-Protection
1; mode=block
Last-Modified
Mon, 17 May 2021 09:48:50 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"5778f3f466763d7dfaa5766d86830e24"
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
text/css
Cache-Control
public, max-age=31536000, immutable
e131c285e681484cc2b42095c01ea9fecf46b257_CSS.af726f49.chunk.css
win.gg/_next/static/css/ 		55 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win.gg/_next/static/css/e131c285e681484cc2b42095c01ea9fecf46b257_CSS.af726f49.chunk.css
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4bdfb79288321fe816d8e3e70c46bbba6fc703993b83f2d64a150439517a2dbd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
win.gg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Connection
keep-alive
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
C3V9XED3366DZRME
x-amz-id-2
PahPCNaeS5eo0JknBRGKG7Y+I6FCFOqx0OVZoyyzIUx9qOWl6WVb57NL3B46UQSiGeERKyBlhbs=
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
5148
X-Xss-Protection
1; mode=block
Last-Modified
Mon, 17 May 2021 09:48:50 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"ea29ea636391d508f3149424c6971e19"
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
text/css
Cache-Control
public, max-age=31536000, immutable
main-2535a1540cb8fa18d291.js
win.gg/_next/static/chunks/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/_next/static/chunks/main-2535a1540cb8fa18d291.js
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
51459bc6ffe473ac67f7b4a7342c9450f7a2958256f07e8c544f08d923041761
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
win.gg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Connection
keep-alive
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
RGZMGVSNM3D3RZ2K
x-amz-id-2
lRcNqSkGaiV6SJtsLMEdoKdDrJs5s1OMxi8tyee/8bGa9oUiczWyZosHumXpQiYYzDdC/mmvUCw=
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
6839
X-Xss-Protection
1; mode=block
Last-Modified
Mon, 17 May 2021 09:48:50 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"8497f5cc1c5dbb7896681fdda0054f7c"
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
application/javascript
Cache-Control
public, max-age=31536000, immutable
webpack-6db12db89a1040fb7fdf.js
win.gg/_next/static/chunks/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/_next/static/chunks/webpack-6db12db89a1040fb7fdf.js
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
90805ba88e5c4c373b911c96d62b1d6a8bd6f496fa8ae838d600a4fb71618877
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
win.gg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Connection
keep-alive
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
RGZJ3NK3SDH97N55
x-amz-id-2
kvFkWHLDy42AjzP1mKtzJushbuLHNkr3wCXv5Y3HRCx3YewVPSESHBENH05JZOmKvz1KAB4sDeo=
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1513
X-Xss-Protection
1; mode=block
Last-Modified
Mon, 17 May 2021 09:48:50 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"9d24e877c6d3d73fc45901bebac1c635"
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
application/javascript
Cache-Control
public, max-age=31536000, immutable
framework.33edf24cd040bcfe1fae.js
win.gg/_next/static/chunks/ 		129 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/_next/static/chunks/framework.33edf24cd040bcfe1fae.js
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
782a87bd18241cdd7b1e30f3502d78d342c47dd564333ab5f775c22e8dfbf0e9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
win.gg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Connection
keep-alive
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
RGZGHZTJ7WBXC1CK
transfer-encoding
chunked
x-amz-id-2
Tik4pi8plgGXHqGXRQbKjcl3GjY1mQ4lnKMQMGP0X/BqpXiwFqTqIhb5HSRQWaeHw0GZXS5J6TM=
Connection
keep-alive
Vary
Accept-Encoding
X-Xss-Protection
1; mode=block
Last-Modified
Mon, 17 May 2021 09:48:50 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"b1be9c5075da3ba15338016a9d40e146"
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
application/javascript
Cache-Control
public, max-age=31536000, immutable
commons.4e5d3f2c1dd3e30dc1e6.js
win.gg/_next/static/chunks/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/_next/static/chunks/commons.4e5d3f2c1dd3e30dc1e6.js
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
7bad3757a05d7c6a22c30127a3be33478dd8fc8cef294a96a38487e1f8dad179
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
win.gg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Connection
keep-alive
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
RGZR6N5M1XYNJD05
x-amz-id-2
8VgWNi+FwMdl20ahb/ApTmGpU0SNZdiHGlPWC2zj0qeqtryn/4Pc5s7WC2lh04SSvY4pnoY8uWo=
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
15160
X-Xss-Protection
1; mode=block
Last-Modified
Mon, 17 May 2021 09:48:50 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"83c4dfe7eb1e099ce5de9b4b263351bf"
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
application/javascript
Cache-Control
public, max-age=31536000, immutable
621eed9ee291de38e4d94d5fe17029d666781a61.16d5dfae4b12d556990c.js
win.gg/_next/static/chunks/ 		59 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/_next/static/chunks/621eed9ee291de38e4d94d5fe17029d666781a61.16d5dfae4b12d556990c.js
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
fc57e92d2e36700dae12e71b5d6bda0529af71454b6cde671e7ba75f8f959a7b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
win.gg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Connection
keep-alive
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
RGZJVF2P3F5PSWCX
x-amz-id-2
NE6vx/jA6nlSvSnR9hL9XZ4NkuweSgOhAk8Tiie8Lu/jBZTJmnj/KGUdPoNPEk5+hoV2a/NN7qQ=
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20502
X-Xss-Protection
1; mode=block
Last-Modified
Mon, 17 May 2021 09:48:50 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"328abead0439c21b64ba8377d808013e"
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
application/javascript
Cache-Control
public, max-age=31536000, immutable
styles.c2ece2ab1b92d9900338.js
win.gg/_next/static/chunks/ 		396 B
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/_next/static/chunks/styles.c2ece2ab1b92d9900338.js
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e2679a03abad1a4b61c41a3f39ea558d811bd68cbd9ac19a3217071a76db497a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
win.gg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Connection
keep-alive
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 17 May 2021 09:48:50 GMT
Server
nginx
x-amz-request-id
RGZYCR8RW1HJGFET
ETag
"8de3a3967bc8b1255a2793c2ec7f5e7b"
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
public, max-age=31536000, immutable
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Accept-Ranges
bytes
Content-Length
396
X-Xss-Protection
1; mode=block
x-amz-id-2
UiwOrH5rKcEejyUoyYovzJvypTsaLIY8BgZfkoGULSnjTBp/CzF4S/ExQvh0K6hjsjoztirCK0Q=
_app-6998b01168da29ea278b.js
win.gg/_next/static/chunks/pages/ 		52 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/_next/static/chunks/pages/_app-6998b01168da29ea278b.js
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
dca18eb730e3977305cdb36680103281682133622b49458399bc539727da487a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
win.gg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Connection
keep-alive
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
RGZPQAHPR3XCNAFS
x-amz-id-2
xtVdRYZTxa5X38S0uHeLxesg5IIOvRUN6p4TgglPDnUIhOGjtMpbLlWmjiMv2BSNsZVkcij25j8=
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
21782
X-Xss-Protection
1; mode=block
Last-Modified
Mon, 17 May 2021 09:48:50 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"59e81eb7b25b6ea971b3c7a7a30afc04"
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
application/javascript
Cache-Control
public, max-age=31536000, immutable
e131c285e681484cc2b42095c01ea9fecf46b257.b42f3f9b1c991b864bea.js
win.gg/_next/static/chunks/ 		177 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/_next/static/chunks/e131c285e681484cc2b42095c01ea9fecf46b257.b42f3f9b1c991b864bea.js
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ffdd35d15d7c994f9ec3ef787be1438de07081f4d5440cbb7b8562124b25ba8e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
win.gg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Connection
keep-alive
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
RGZXKF6Z69JZFVQE
transfer-encoding
chunked
x-amz-id-2
5vB0aaDN0r1zjhO906KK9k0enocq1plJ6R7ns6FSM7qj5pmX6+T5JCEjJUmTfaAov2gxkNxmyek=
Connection
keep-alive
Vary
Accept-Encoding
X-Xss-Protection
1; mode=block
Last-Modified
Mon, 17 May 2021 09:48:50 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"5b58a58da5700e652424aeb8425bd4de"
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
application/javascript
Cache-Control
public, max-age=31536000, immutable
e131c285e681484cc2b42095c01ea9fecf46b257_CSS.a83a6a4548b93404854d.js
win.gg/_next/static/chunks/ 		69 B
678 B 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/_next/static/chunks/e131c285e681484cc2b42095c01ea9fecf46b257_CSS.a83a6a4548b93404854d.js
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
856ab159a9a6cbdc7beb72fc35086e839adb48361d197135a92809e95b875345
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
win.gg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Connection
keep-alive
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 17 May 2021 09:48:50 GMT
Server
nginx
x-amz-request-id
RGZR30DQ79ZS9K6F
ETag
"99e6d6dc6704694222e663251c1f8deb"
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
public, max-age=31536000, immutable
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Accept-Ranges
bytes
Content-Length
69
X-Xss-Protection
1; mode=block
x-amz-id-2
+7FdlnFiJob1/FIvm+oKNxEAk3eUWY3YqZfkK8EgaiMHF94PsMMi9dF6EiKmMGa2D2IRtRW6RX0=
5bf10f1e6e180613e463bd3c60eceebb6933729b.004bacf3a5329b318e71.js
win.gg/_next/static/chunks/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/_next/static/chunks/5bf10f1e6e180613e463bd3c60eceebb6933729b.004bacf3a5329b318e71.js
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e5c8cfe628899742b1717332ff98e584ed9d447a5ab7286dc09e0a70200cc803
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
win.gg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Connection
keep-alive
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
RGZK44CX0V30G84N
x-amz-id-2
5ebR3pW1s/ckiQNSY4oZ/0Y4yaL5E6ouovSfOXr1PoMIok2l+Scw0UPzVfj9a6JTPAvb5rkBZQY=
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
13766
X-Xss-Protection
1; mode=block
Last-Modified
Mon, 17 May 2021 09:48:50 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"3690da8cfc836d8f4cc348ba1d2c1d5b"
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
application/javascript
Cache-Control
public, max-age=31536000, immutable
%5B%5B...article%5D%5D-c7e5f85e68fa46eb4afa.js
win.gg/_next/static/chunks/pages/news/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/_next/static/chunks/pages/news/%5B%5B...article%5D%5D-c7e5f85e68fa46eb4afa.js
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4703e74548d17725c6b19435dea7c5a6360637bb7da29bba1cffb492a6021a36
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
win.gg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Connection
keep-alive
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 17 May 2021 09:46:43 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"9b25-17979b877b8"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
transfer-encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Accept-Ranges
bytes
X-Xss-Protection
1; mode=block
outbrain.js
widgets.outbrain.com/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4608d28254aa44ec2ffd9fdd3c30c92dd9e0dde76321d6c6169400808f81b310

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:01 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 15:08:11 GMT
etag
W/"2da60-XTVS44eoZpdFcHk1jTPUZdlb8K8"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
2a1a2ccaa960cdb704e03561a6b0873
timing-allow-origin
*, *
content-length
62007
expires
Wed, 04 Aug 2021 10:04:01 GMT
optimize.js
www.googleoptimize.com/ 		99 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-T8SWN4K
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d7ef12f5141b24238008cc55bd42ec04393d94072a91f8de29e4ff2bf15d08d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:01 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40017
x-xss-protection
0
expires
Wed, 04 Aug 2021 06:04:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e2604c6dd17e24abb1fb6cc89b3ca24d6acc9a4ea33587198839686692aa4c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49279
x-xss-protection
0
server
cafe
etag
5728508375345498794
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 04 Aug 2021 06:04:01 GMT
v2rgfDdndpl66h9VM1zLygfc-9xi0cneh2WrNivwmFGh1e6l2nA4mPoRTI_Qg4Mfb
enormousearth.com/ 		601 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://enormousearth.com/v2rgfDdndpl66h9VM1zLygfc-9xi0cneh2WrNivwmFGh1e6l2nA4mPoRTI_Qg4Mfb
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.74.190.35.bc.googleusercontent.com
Software
/
Resource Hash
7b0470c903d0fd5548f9603db3468b8494bbd75d4aeb5776db4de0eedbc06cab
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"08b0735297245f847c1654cc12b0919c06dc32e7ef90a878e4ec643f28725e18"
vary
Accept-Encoding, Accept-Language
x-hostname
94ecd830
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Wed, 04 Aug 2021 06:04:01 GMT
timing-allow-origin
*
v2ztixJtvvVyiUz7-FvleTsLgEWv_kdVMNFPIQ6a1oSXokOdPO8nGIbQ4hbwgeNBQaNiZqrflrsj4imLALA
enormousearth.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://enormousearth.com/v2ztixJtvvVyiUz7-FvleTsLgEWv_kdVMNFPIQ6a1oSXokOdPO8nGIbQ4hbwgeNBQaNiZqrflrsj4imLALA
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.74.190.35.bc.googleusercontent.com
Software
/
Resource Hash
99d80f532327095f773bc1c082ccb44ffe5c8eed237bf2b5682c909534c3f1d0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
x-datacenter
gce-europe-west1
etag
"048211334484018ea010433f1b9ba683c22c7a32781e74c8cdc05bd36af1e5c4"
vary
Accept-Encoding, Accept-Language
x-hostname
94ecd830
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Wed, 04 Aug 2021 06:04:01 GMT
timing-allow-origin
*
_buildManifest.js
win.gg/_next/static/e20cc898bca7c17f12bbcd528c18503d63a96871/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/_next/static/e20cc898bca7c17f12bbcd528c18503d63a96871/_buildManifest.js
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
9a006d898f97d3e99147e94a9af12df0b7ae91402c7f66d6b9017f0a361dacd2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
win.gg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Cookie
usprivacy=1---
Connection
keep-alive
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
RGZKG70W28NZCDZR
x-amz-id-2
2eTww9jcYwWokLY81Shdx4YD23ItIHfUHopC2v7HIaPwxZDJ/1DfLQP5aO6zJsgNqx0v6JQBa/Q=
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
474
X-Xss-Protection
1; mode=block
Last-Modified
Mon, 17 May 2021 09:48:50 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"50fc08882afa7f0fe49271c9f26aa783"
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
application/javascript
Cache-Control
public, max-age=31536000, immutable
_ssgManifest.js
win.gg/_next/static/e20cc898bca7c17f12bbcd528c18503d63a96871/ 		76 B
685 B 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/_next/static/e20cc898bca7c17f12bbcd528c18503d63a96871/_ssgManifest.js
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
win.gg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Cookie
usprivacy=1---
Connection
keep-alive
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 17 May 2021 09:48:50 GMT
Server
nginx
x-amz-request-id
RGZN43GTB1W7BWSK
ETag
"abee47769bf307639ace4945f9cfd4ff"
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
public, max-age=31536000, immutable
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Accept-Ranges
bytes
Content-Length
76
X-Xss-Protection
1; mode=block
x-amz-id-2
1viBwgxkylwMlQC8H9VNcNxuxUUUjVuIzpb7VxqpixMhGEdpMbpwkdnvGRBaHI/LwN79V6dk48M=
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) /
Resource Hash
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:01 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 20:34:57 GMT
Server
ECS (frb/6762)
Age
1011
Etag
"d405b816322f9770c70cbd10cfa87be4+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28872
widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html
platform.twitter.com/widgets/ Frame 6C79 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwin.gg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6752) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://win.gg/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://win.gg/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
3506
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 04 Aug 2021 06:04:01 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:53 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6752)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
settings
syndication.twitter.com/ Frame 6C79 		232 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=1f2f0aa267be0a6310a4d9ec518c2bb7a10ff9bf
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwin.gg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:01 GMT
content-encoding
gzip
last-modified
Wed, 04 Aug 2021 06:04:01 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
b5cc949c2dbc9967ac1b47cfce3034ce46ba9fd9ce44b8a7d279621e66ead102
content-length
166
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108030101/ 		250 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3008689639908773&plah=win.gg&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09dae33c582394eed951c555509767c9a6dd115bf0fa4c59904eab718508e360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95229
x-xss-protection
0
server
cafe
etag
17815857422069322066
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 04 Aug 2021 06:04:01 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210729/r20190131/ Frame EEA0 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210729/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210729/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://win.gg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://win.gg/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 04 Aug 2021 01:18:02 GMT
expires
Wed, 18 Aug 2021 01:18:02 GMT
content-type
text/html; charset=UTF-8
etag
4389807852502320046
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
17159
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 5EF7 		416 B
799 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/put.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://win.gg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://win.gg/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"c0311cf15c21ddda054005e92fad3f9e:1628004708.380047"
last-modified
Tue, 03 Aug 2021 15:07:51 GMT
server
AkamaiNetStorage
content-length
416
cache-control
max-age=345600
date
Wed, 04 Aug 2021 06:04:01 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1628057041~rv=47~id=e357d99897cd194098b05a3e163fc7be; path=/; Expires=Wed, 04 Aug 2021 06:04:01 GMT; Secure; SameSite=None
d2luLmdn
tcheck.outbrainimg.com/tcheck/check/ 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d2luLmdn
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:01 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=24708
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
5e858825b86afd0ce5471d562ea8fde8
Content-Length
15
Expires
Wed, 04 Aug 2021 12:55:49 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=8.587576732241079
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:01 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Fri, 03 Sep 2021 06:04:01 GMT
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 5EF7 		610 B
991 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/test.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
thirdparty=yes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges
bytes
content-type
text/html
etag
"48053d50141031b1511dbd30f9a31288:1628004709.193488"
last-modified
Tue, 03 Aug 2021 15:07:51 GMT
server
AkamaiNetStorage
content-length
610
cache-control
max-age=345600
date
Wed, 04 Aug 2021 06:04:01 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1628057041~rv=8~id=80fa70adbcf0e83c17a68fba480f00bf; path=/; Expires=Wed, 04 Aug 2021 06:04:01 GMT; Secure; SameSite=None
horizon_tweet.0c307910a3b82b535f15af7aa5102a10.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_tweet.0c307910a3b82b535f15af7aa5102a10.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D3) /
Resource Hash
bfe1c96d2b61be1e17839f9e3d734ba10701c7be4a38faff1a63f4aedc3d31de

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:01 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 20:33:39 GMT
Server
ECS (frb/67D3)
Age
29540
Etag
"4985a73adee036c4a8fe64d49af6033a+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2443
placement_invocation
ob.cheqzone.com/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-3.zrh50.r.cloudfront.net
Software
/
Resource Hash
5e0aeb27ad5ec940a7b1049848d9ac96fcc00a34653745b7796d695f9f25f508

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 21:47:43 GMT
content-encoding
gzip
cheq_headers_order
Content-Type Cache-Control Expires Etag Content-Length Content-Encoding Date Connection
age
29778
etag
"c62f-zfp6hy/A0Hu4xWYKZo/YBOKVxgM"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
cache-control
max-age=43200
x-amz-cf-pop
ZRH50-C1
content-length
19216
x-amz-cf-id
WyizMVILEOCgr6qzBKDjV0Dw9CmZso0zu6-ibahBa8js9D0SQww-Tw==
expires
Wed, 04 Aug 2021 09:47:43 GMT
acv.json
enormousearth.com/ 		210 KB
46 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://enormousearth.com/acv.json
Requested by
Host: enormousearth.com
URL: https://enormousearth.com/v2rgfDdndpl66h9VM1zLygfc-9xi0cneh2WrNivwmFGh1e6l2nA4mPoRTI_Qg4Mfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.74.190.35.bc.googleusercontent.com
Software
/
Resource Hash
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
last-modified
Tue, 27 Jul 2021 16:45:20 GMT
x-datacenter
gce-europe-west1
date
Wed, 04 Aug 2021 06:04:01 GMT
vary
Accept-Encoding, Origin
x-hostname
94ecd830
content-type
application/json
access-control-allow-origin
https://win.gg
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
skeleton.gif
static.adsafeprotected.com/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.109.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-109-205.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
nginx/1.16.1
age
15432441
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-cache-status
HIT
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
43
show_pla
obs.cheqzone.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=23110907184810586710572942985828742002772006802685262416911910162812&nc=0&tsf=0&tsfmi=&pv=0&cb=1628057042143&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2826626440&at=&bid=e30%3D&di=W1siZWYiLDg5OF0sWzEyLCJ7XCJlXCI6MCxcIndnbFwiOjF9Il0sWy0xLCItIl0sWy0yLCIxMixY%0D%0ASHhnMWowekVsQVF3SjFRRWNrdnpvdmJjQUlaU0VFakFoSklRUUJ3Z2w5RjRDQkFnUVdnaWQwTEhC%0D%0AQmVPR2pidlgzcVl5TTYvK3Z6dlM3R29YR3doLytiTWxqYlR5YW83T1BmIl0sWy0zLCJbXSJdLFst%0D%0ANCwiLSJdLFstNSwiLSJdLFstNiwie1wid1wiOltcIjBcIixcImFkVW5pdFBhdGhcIixcImRpZG5h%0D%0AXCIsXCJhZG1pcmFsXCIsXCJnb29nbGV0YWdcIixcIl9fdGNmYXBpXCIsXCJfX3VzcGFwaVwiLFwi%0D%0AZ29vZ2xlX3RhZ19tYW5hZ2VyXCIsXCJkYXRhTGF5ZXJcIixcImdvb2dsZV9vcHRpbWl6ZVwiLFwi%0D%0AdHd0dHJcIixcIl9fdHd0dHJsbFwiLFwiX190d3R0clwiLFwiZ29vZ2xlX2pzX3JlcG9ydGluZ19x%0D%0AdWV1ZVwiLFwiZ29vZ2xlX3NydFwiLFwiZ29vZ2xlX2xvZ2dpbmdfcXVldWVcIixcImdvb2dsZV9h%0D%0AZF9tb2RpZmljYXRpb25zXCIsXCJnZ2VhY1wiLFwiZ29vZ2xlX21lYXN1cmVfanNfdGltaW5nXCIs%0D%0AXCJnb29nbGVfcmVhY3RpdmVfYWRzX2dsb2JhbF9zdGF0ZVwiLFwiYWRzYnlnb29nbGVcIixcIl9n%0D%0AZnBfYV9cIixcImdvb2dsZV9zYV9xdWV1ZVwiLFwiZ29vZ2xlX3NsX3dpblwiLFwiZ29vZ2xlX3By%0D%0Ab2Nlc3Nfc2xvdHNcIixcImdvb2dsZV9wZXJzaXN0ZW50X3N0YXRlX2FzeW5jXCIsXCJnb29nbGVf%0D%0Ac3BmZFwiLFwiZ29vZ2xlX3VuaXF1ZV9pZFwiLFwiZ29vZ2xlX3N2X21hcFwiLFwiZ29vZ2xlX3Vz%0D%0AZXJfYWdlbnRfY2xpZW50X2hpbnRcIixcIk9CUlwiLFwiT0JfcmVsZWFzZVZlclwiLFwiT0JSJFwi%0D%0ALFwiT0JfUFJPWFlcIixcIm91dGJyYWluXCIsXCJvdXRicmFpbl9yYXRlclwiLFwiR29vZ19BZFNl%0D%0AbnNlX2dldEFkQWRhcHRlckluc3RhbmNlXCIsXCJHb29nX0FkU2Vuc2VfT3NkQWRhcHRlclwiLFwi%0D%0AZ29vZ2xlX3NhX2ltcGxcIixcIl9fZ29vZ2xlX2FkX3VybHNcIixcImdvb2dsZV9nbG9iYWxfY29y%0D%0AcmVsYXRvclwiLFwiX19nb29nbGVfYWRfdXJsc19pZFwiLFwiZ29vZ2xlVG9rZW5cIixcImdvb2ds%0D%0AZUlNU3RhdGVcIixcIjRkbTFyMTE1NDUyNDI1MjdcIixcIl9fY3RjZ182NTM0OV8wX2V4ZWNcIl0s%0D%0AXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCItIl0sWy0xMCwiLSJd%0D%0ALFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJrZXl3b3Jkc1wiLFwi%0D%0Ab2c6dGl0bGVcIixcIm9nOmRlc2NyaXB0aW9uXCIsXCJ0d2l0dGVyOnRpdGxlXCIsXCJ0d2l0dGVy%0D%0AOmRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwie1wib1wiOjB9%0D%0AIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxMiJdLFstMTgsIlswLDAsMCwxXSJdLFstMTks%0D%0AIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAw%0D%0ALDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIi0iXSxbLTIxLCJ4VGM3UTda%0D%0AVCJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0s%0D%0AWy0yNiwie1widGpoc1wiOjExMjAwMDAwLFwidWpoc1wiOjEwMDAwMDAwLFwiamhzbFwiOjM3NjAw%0D%0AMDAwMDB9Il0sWy0yNywiWzAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyJdLFstMjks%0D%0AIntcInZcIjpbMiwyLDIsMiwwLDAsMCwyLDAsMiwwLDIsMCwwLDIsMiwyLDIsMF19Il0sWy0zMCwi%0D%0AW1widlwiLDBdIl0sWy0zMSwidHJ1ZSJdLFstMzIsIjIiXSxbLTMzLCItIl0sWy0zNCwiLSJdLFst%0D%0AMzUsIlsxNjI4MDU3MDQyMDczLC0yXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywi%0D%0ALSJdLFstMzgsImksLTEsLTEsMCwwLDEsMCwxLDU4Miw2NjEsNzQsMCwsLDE3NTksMTc1OSJdLFst%0D%0AMzksIltcIjIwMDMwMTA3XCIsMCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51%0D%0AbGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwwXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIs%0D%0AIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAwMDAwMDAwMDAxMTEwMTEwMCJdLFstNDQsIjAs%0D%0AMCwwLDUiXSxbLTQ1LCI2MjAsMCwwLDAsMCwwLDc2MiwwLDY0OCwwLDAsMCwwLDAsMCwwLDAsMCww%0D%0ALDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiRXVyb3BlL0Jlcmxp%0D%0Abixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWyJibmNoIiwxODZd%0D%0AXQ%3D%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A0%2C%22w%22%3A1600%2C%22h%22%3A21595%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=gHQRHPsOR9&sdd=%7B%7D&pto=1831
Requested by
Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
676c93703ba03e337c79220b9eb51b31271d61d9cf75d48db31e8daa2315ccd2

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
gzip
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Set-Cookie Content-Type Cache-Control Pragma Expires Content-Length Content-Encoding Date Connection
content-length
1547
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_footer.png
cdn-images.win.gg/static/imgs/assets/Footer/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/static/imgs/assets/Footer/logo_footer.png
Requested by
Host: win.gg
URL: https://win.gg/_next/static/css/e131c285e681484cc2b42095c01ea9fecf46b257_CSS.af726f49.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
267893f9fbc3c75119da25e5d96ee58e9c5cb43baed64724d50673cb3c4f77fb

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Mon, 02 Mar 2020 09:05:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"92266de8cae410fd9f21df49ba799765"
vary
Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
RefreshHit from cloudfront
content-length
19235
x-amz-cf-id
gRZVV2DE1YcSoZXIOd6U1Eu1RmCENgEghpEi3hiKOO-p6PkC0awQFA==
Tweet.html
platform.twitter.com/embed/ Frame 7AAA 		487 B
971 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1385788446606774273&lang=en&origin=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&sessionId=1f2f0aa267be0a6310a4d9ec518c2bb7a10ff9bf&siteScreenName=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
a70847ac6d115607d96811480afe2786869edb9a9b292a0a5b2ed497e3b914e3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://win.gg/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://win.gg/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
305
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Wed, 04 Aug 2021 06:04:02 GMT
Etag
"2a119da73cc3bf023b2578d4caf768e8"
Last-Modified
Tue, 03 Aug 2021 21:31:52 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668C)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
embed.runtime.074459b7246bed8b7428.js
platform.twitter.com/embed/ Frame 7AAA 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.074459b7246bed8b7428.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1385788446606774273&lang=en&origin=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&sessionId=1f2f0aa267be0a6310a4d9ec518c2bb7a10ff9bf&siteScreenName=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) /
Resource Hash
93c29ce6cc3f4160c09b068ac26e521c51950c41d336b6cf01742c3608da7f4a

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1385788446606774273&lang=en&origin=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&sessionId=1f2f0aa267be0a6310a4d9ec518c2bb7a10ff9bf&siteScreenName=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Aug 2021 21:31:35 GMT
Server
ECS (frb/6723)
Age
29541
Etag
"de18848235c8af6cbd77cbb45171370e+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
3541
embed.modules.6d412ab277f295e6d2f6.js
platform.twitter.com/embed/ Frame 7AAA 		510 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.6d412ab277f295e6d2f6.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1385788446606774273&lang=en&origin=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&sessionId=1f2f0aa267be0a6310a4d9ec518c2bb7a10ff9bf&siteScreenName=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E0) /
Resource Hash
11358d2115817389c001cc4e11e470ded0caa3999b0cc923c4c7c1459d36c345

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1385788446606774273&lang=en&origin=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&sessionId=1f2f0aa267be0a6310a4d9ec518c2bb7a10ff9bf&siteScreenName=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Aug 2021 21:31:52 GMT
Server
ECS (frb/67E0)
Age
29540
Etag
"ff61fb364693cdc4ee1e60ce67e16202+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
164115
embed.i18n.fca6d1207a0eb09086fa.js
platform.twitter.com/embed/ Frame 7AAA 		146 B
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.fca6d1207a0eb09086fa.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1385788446606774273&lang=en&origin=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&sessionId=1f2f0aa267be0a6310a4d9ec518c2bb7a10ff9bf&siteScreenName=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6712) /
Resource Hash
ae33dd22d81c7494fa59404d4dcb6e28dd2bc0346494efde5bbc630301d1592a

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1385788446606774273&lang=en&origin=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&sessionId=1f2f0aa267be0a6310a4d9ec518c2bb7a10ff9bf&siteScreenName=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Tue, 03 Aug 2021 21:31:35 GMT
Server
ECS (frb/6712)
Age
29541
Etag
"c82976f830f64e89c4fc50e5b78cef64"
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
146
embed.Tweet.ea42f86d9cdd333db962.js
platform.twitter.com/embed/ Frame 7AAA 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.ea42f86d9cdd333db962.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1385788446606774273&lang=en&origin=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&sessionId=1f2f0aa267be0a6310a4d9ec518c2bb7a10ff9bf&siteScreenName=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) /
Resource Hash
2212a2b2e78ff9aba6061ccad0f85b2a7cb899d17b36f9764dd2a9efec6fdf46

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1385788446606774273&lang=en&origin=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&sessionId=1f2f0aa267be0a6310a4d9ec518c2bb7a10ff9bf&siteScreenName=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Aug 2021 21:31:34 GMT
Server
ECS (frb/6723)
Age
3652
Etag
"b55480e3364d2f498f006be4738964d6+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5592
embed.vendors~ondemand.horizon-web.en-js.adcb3a520eb6eab2f5eb.js
platform.twitter.com/embed/ Frame 7AAA 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.adcb3a520eb6eab2f5eb.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.074459b7246bed8b7428.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
26d788a2a593ee53a9126a76e00b1085b83c238ac207d89666ab75f855231f14

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1385788446606774273&lang=en&origin=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&sessionId=1f2f0aa267be0a6310a4d9ec518c2bb7a10ff9bf&siteScreenName=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Aug 2021 21:31:36 GMT
Server
ECS (frb/668B)
Age
29541
Etag
"eded0105ab27a2d62811c8af369c2bc1+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
7955
embed.ondemand.i18n.en-js.e118516d2a7cf1b9f689.js
platform.twitter.com/embed/ Frame 7AAA 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.e118516d2a7cf1b9f689.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.074459b7246bed8b7428.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6731) /
Resource Hash
a0e15885d6d7e1694c5d7cdaff3ed800baabe7359ddf0e70f632b903ec624fb9

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1385788446606774273&lang=en&origin=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&sessionId=1f2f0aa267be0a6310a4d9ec518c2bb7a10ff9bf&siteScreenName=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Aug 2021 21:31:35 GMT
Server
ECS (frb/6731)
Age
29541
Etag
"ad3c3dffcde6bdbeb1bf440bf8999746+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2056
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1628057042379&sessionId=9c1bb4ea-1a64-baf7-af53-15c9a6644132&url=win.gg&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:02 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
39001419e428bcf313c73d836a7155
Content-Length
4
Expires
0
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.437ccdd371e978ddf777.js
platform.twitter.com/embed/ Frame 7AAA 		144 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.437ccdd371e978ddf777.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.074459b7246bed8b7428.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E0) /
Resource Hash
3b6d83d05ea7d9daf5347aab70f49c0e56a72514211e3a84018503f5ebb0c76a

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1385788446606774273&lang=en&origin=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&sessionId=1f2f0aa267be0a6310a4d9ec518c2bb7a10ff9bf&siteScreenName=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Aug 2021 21:31:36 GMT
Server
ECS (frb/67E0)
Age
29541
Etag
"db724a857300fdc0b16409c422b20371+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
40397
embed.vendors~ondemand.Tweet.9ac25caab7a7e09d4c21.js
platform.twitter.com/embed/ Frame 7AAA 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.9ac25caab7a7e09d4c21.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.074459b7246bed8b7428.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67DF) /
Resource Hash
eda59077110bb4dbfce02ce5acc0c70f587447df6a90ef2933d5b0e01b367258

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1385788446606774273&lang=en&origin=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&sessionId=1f2f0aa267be0a6310a4d9ec518c2bb7a10ff9bf&siteScreenName=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Aug 2021 21:31:35 GMT
Server
ECS (frb/67DF)
Age
3653
Etag
"665bacdcf33653653631d92f3465150e+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5873
embed.ondemand.Tweet.04aac513ced21f369640.js
platform.twitter.com/embed/ Frame 7AAA 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.04aac513ced21f369640.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.074459b7246bed8b7428.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6763) /
Resource Hash
eabf38020de4da8165ab2763f43ee7f0bd88fdfe108adfe99bed02b1ce8dff4e

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1385788446606774273&lang=en&origin=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&sessionId=1f2f0aa267be0a6310a4d9ec518c2bb7a10ff9bf&siteScreenName=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Aug 2021 21:31:35 GMT
Server
ECS (frb/6763)
Age
29541
Etag
"bb7d93cb8db2ea824560564a445d6eb4+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
14908
tweet
cdn.syndication.twimg.com/ Frame 7AAA 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=1385788446606774273&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.6d412ab277f295e6d2f6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f / Express
Resource Hash
f8600af365253367eb2aa286046845891806a10cf1ae337068fa331663a43cea
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"537-4TMegpP8N+/IFhL0frRyfQSPDZ0"
x-powered-by
Express
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
x-xss-protection
0
server
tsa_f
x-frame-options
SAMEORIGIN
date
Wed, 04 Aug 2021 06:04:02 GMT
vary
Origin, Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
4660c2374eb089d16bbcfe0d4652ff2dd4f695fa831deb77bb46b937c155e4fe
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1628057042487&sessionId=9c1bb4ea-1a64-baf7-af53-15c9a6644132&url=win.gg&cheqSource=1&cheqEvent=2&responseTime=642
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:02 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
f2a41063c2034674322809a5add4b1b0
Content-Length
4
Expires
0
imp.gif
obs.cheqzone.com/tracker/ 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e001368e6c730ed478e9f9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714593d60632fd78afe7d4e2474ebe48debd39e821da61c45085052aae2d05f91e46042cc95b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c1250616e9656ca0990a63ecc89825d957bd1fad811bc551c8c96dd82a77c3d835d2779284bdf28bede61e28a72fe3bcf3785067ee826a90e247b4174606df5b0bd3d2c38681eb923bce6a88deefd92bbf7b7d61832d7992c0974f77d0b223fa50b7974a9526f926124d509c31ff439cd0be71f8df78d217ebc3d9de2a825e517cb00b4f072e0472ccad6abb42c4cd966bb59971fa9322cbcdfff47e99ffed58297599a65249cef80a1506f7f4e57bf766cbb441bcbf33ed3bfe64d741c80683fd2ecd1b3bf6ecc7377c603e1120084005e8bd9e66b901ab464e4635fbb446c39b1a0ae2a5d9baba70c1ece7e09bfeaff157523afb469aab5f6e875f7818d163416c6af679c26a0b91f9cb71fe15c53999f93ec7b9118b3e5e332a066001df95a69d693926c55d1bd18a87eca2c01747dbe5a16fd58f6171d89f&cb=1628057042487&cri=gHQRHPsOR9
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:02 GMT
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Cache-Control Pragma Expires Content-Type Date Connection Content-Length
content-type
image/gif
content-length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		167 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-598L2T6&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
401d6d33be4bacd7816e48664acff8ecb9db32679f9068115a6b128aa72cdc34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58981
x-xss-protection
0
expires
Wed, 04 Aug 2021 06:04:02 GMT
js
www.googletagmanager.com/gtag/ 		125 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-916JLHZYLF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-598L2T6&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
033db15aa10648d707f79283aea15cff71c69fdd958c364a1886d1eb76b91eb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50322
x-xss-protection
0
expires
Wed, 04 Aug 2021 06:04:02 GMT
hotjar-1102782.js
static.hotjar.com/c/ 		40 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1102782.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-598L2T6&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-61.zrh50.r.cloudfront.net
Software
/
Resource Hash
07349829f72d9d95e5c985dbc1acb5e876272721c4b5f00700ec1053d6e297ee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
ZRH50-C1
etag
W/708a23b249c96d9a7043647fd81174c8
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-id
XTLagLPL1h2kQ-vjzxM-WAwBU8TtRYN0U2kdYC2UF5DTaJz3nDJQHg==
via
1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
Bootstrap.js
nexus.ensighten.com/choozle/14253/ 		47 B
271 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/14253/Bootstrap.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-598L2T6&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2179619d4ea1daa8e9dd10fadee9f787ac5fbab3b50ad2d8020c94b89c534e59

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
last-modified
Mon, 01 Apr 2013 06:07:33 GMT
server
nginx
etag
"51592425-2f"
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
47
expires
Wed, 04 Aug 2021 06:04:01 GMT
1f60e.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 7AAA 		997 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f60e.svg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d32bd9f51b2a54f620f9693e833935c5e2cb2304cbf89aab75fd10f054711ce5
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
timing-server-allow
https://twitter.com;https://mobile.twitter.com
server-timing
x-cache;desc=HIT, HIT, x-tw-cdn;desc=FT
content-length
551
x-served-by
cache-fty21379-FTY, cache-hhn4020-HHN
last-modified
Thu, 16 Apr 2020 17:07:04 GMT
etag
"X4DwTm7pf+690A/v+Sztgg=="
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
date
Wed, 04 Aug 2021 06:04:02 GMT
expires
Fri, 20 May 2022 07:10:55 GMT
1f37b.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 7AAA 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f37b.svg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a6c31832e3de9bcade7f798071335a9d5cdb442e5d75a17d4b6445b7bf15bad3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
timing-server-allow
https://twitter.com;https://mobile.twitter.com
server-timing
x-cache;desc=HIT, HIT, x-tw-cdn;desc=FT
content-length
1169
x-served-by
cache-fty21350-FTY, cache-hhn4020-HHN
last-modified
Wed, 21 Feb 2018 22:30:50 GMT
etag
"Xi6gOqSWPNpekdOVwlh+aw=="
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
date
Wed, 04 Aug 2021 06:04:02 GMT
expires
Fri, 01 Apr 2022 08:22:23 GMT
jot
syndication.twitter.com/i/ Frame 7AAA 		43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1628057042657%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%221890d59c%3A1627936082797%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%2209b221f%3A1627939825498%22%2C%22item_ids%22%3A%5B%221385788446606774273%22%5D%2C%22item_details%22%3A%7B%221385788446606774273%22%3A%7B%22item_type%22%3A0%7D%7D%7D
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Wed, 04 Aug 2021 06:04:02 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
b5cc949c2dbc9967ac1b47cfce3034ce46ba9fd9ce44b8a7d279621e66ead102
x-transaction
da6f638232dcb35c
expires
Tue, 31 Mar 1981 05:00:00 GMT
ll9IjW-q_normal.jpg
pbs.twimg.com/profile_images/1420410587117359104/ Frame 7AAA 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1420410587117359104/ll9IjW-q_normal.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/673A) /
Resource Hash
d797964d6a83cb900b91942488c80147265bcdcd7011285f55698a6590e13914
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
x-content-type-options
nosniff
age
569791
x-cache
HIT
content-length
2263
surrogate-key
profile_images profile_images/bucket/3 profile_images/1420410587117359104
last-modified
Wed, 28 Jul 2021 15:45:28 GMT
server
ECS (frb/673A)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
1ab0f39bcbc4ad743f68c31aa58bad2adb6f7e366827619f944474b7829c7d86
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
oKbxh_Bv_normal.jpg
pbs.twimg.com/profile_images/1421269155383324675/ Frame 7AAA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1421269155383324675/oKbxh_Bv_normal.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) /
Resource Hash
37552af4a72f8b5b6c2e9d9f86c01cdaf27ff2f31b4257b56de5c52705b7ae82
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
x-content-type-options
nosniff
age
365093
x-cache
HIT
content-length
2035
surrogate-key
profile_images profile_images/bucket/5 profile_images/1421269155383324675
last-modified
Sat, 31 Jul 2021 00:37:07 GMT
server
ECS (frb/67F3)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
6cf8b290c391c53c9b60d3e98dbf5ec7d637ca19ab8f2f9ef90c26ce26309fa7
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
modules.7cb32ca5fc09d90486d4.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.7cb32ca5fc09d90486d4.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1102782.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-63.zrh50.r.cloudfront.net
Software
/
Resource Hash
cc33742f4eab551d4e76af8a2da85c3d2304d8252171d16a3e56207c0c073e93
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:44:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
155997
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59482
access-control-allow-origin
*
last-modified
Mon, 02 Aug 2021 10:43:09 GMT
etag
"e6f555ee598c867e151cb33c3be24c8f"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
5mBsEYDgYJ3KqVuIhaYB8SWSuXVvFDTed_z1zw-syV59aZbxw3Frgw==
16.1db9b6fd20358f2fd5dd.js
win.gg/_next/static/chunks/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.gg/_next/static/chunks/16.1db9b6fd20358f2fd5dd.js
Requested by
Host: win.gg
URL: https://win.gg/_next/static/chunks/webpack-6db12db89a1040fb7fdf.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
1cc563d8358c3274ab7db0b7af5ab39f89ce81b5d8f9427169ef295522b2491e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
win.gg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Cookie
usprivacy=1---
Connection
keep-alive
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
RGZXHE2TAZXVTKMW
x-amz-id-2
/lA2i/SS4LU/XOdXjhIjw/yIeYQVwR/N0qGvPjkDpdsxdc40FWQkgO7iYJmKX3x+2E4ImNyMdqo=
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1291
X-Xss-Protection
1; mode=block
Last-Modified
Mon, 17 May 2021 09:48:50 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"e3cecba64bf7d11722b870e60108eddb"
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
application/javascript
Cache-Control
public, max-age=31536000, immutable
liveView.php
live.sekindo.com/live/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveView.php?s=104669&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&subId=[SUBID_ENCODED]&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed211firpglwsz
Requested by
Host: win.gg
URL: https://win.gg/_next/static/chunks/621eed9ee291de38e4d94d5fe17029d666781a61.16d5dfae4b12d556990c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
fa902e9c0a1ce118fa59f898fe9b4509e16172d7bf2dc86c9d629dbc3921ddad

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-598L2T6&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3021
date
Wed, 04 Aug 2021 05:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 04 Aug 2021 07:13:41 GMT
live
api-data.win.gg/tournaments/ 		2 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-data.win.gg/tournaments/live?game_id=101
Requested by
Host: win.gg
URL: https://win.gg/_next/static/chunks/621eed9ee291de38e4d94d5fe17029d666781a61.16d5dfae4b12d556990c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.213.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-213-82.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Response-Time
6ms
Date
Wed, 04 Aug 2021 06:04:03 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Authorization
Content-Length
2
X-Xss-Protection
1; mode=block
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 1C7C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1102782.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-22.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://win.gg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://win.gg/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
6_6Y54a0wf28Of-d3-rB2P-RBymehhmNxsW4YhBT6P0gUHBk-012ag==
age
1489652
e131c285e681484cc2b42095c01ea9fecf46b257.b42f3f9b1c991b864bea.js
win.gg/_next/static/chunks/ 		0
61 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://win.gg/_next/static/chunks/e131c285e681484cc2b42095c01ea9fecf46b257.b42f3f9b1c991b864bea.js
Requested by
Host: win.gg
URL: https://win.gg/_next/static/chunks/commons.4e5d3f2c1dd3e30dc1e6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Purpose
prefetch
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
win.gg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Cookie
usprivacy=1---
Connection
keep-alive
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
RGZK7F8RTN66DDB4
transfer-encoding
chunked
x-amz-id-2
GTlr1W2mZKb2GUDoNJnSMoIUf/QDcs9gsthBf1yDu3YJguRl8PyoQg4QlkCJIa/MosQWLbiazVw=
Connection
keep-alive
Vary
Accept-Encoding
X-Xss-Protection
1; mode=block
Last-Modified
Mon, 17 May 2021 09:48:50 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"5b58a58da5700e652424aeb8425bd4de"
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
application/javascript
Cache-Control
public, max-age=31536000, immutable
e131c285e681484cc2b42095c01ea9fecf46b257_CSS.a83a6a4548b93404854d.js
win.gg/_next/static/chunks/ 		0
678 B 		Other
General
Check archive.org
Download Go to
Full URL
https://win.gg/_next/static/chunks/e131c285e681484cc2b42095c01ea9fecf46b257_CSS.a83a6a4548b93404854d.js
Requested by
Host: win.gg
URL: https://win.gg/_next/static/chunks/commons.4e5d3f2c1dd3e30dc1e6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Purpose
prefetch
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
win.gg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Cookie
usprivacy=1---
Connection
keep-alive
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:03 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 17 May 2021 09:48:50 GMT
Server
nginx
x-amz-request-id
RGZMP9XR9273VWP5
ETag
"99e6d6dc6704694222e663251c1f8deb"
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
public, max-age=31536000, immutable
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Accept-Ranges
bytes
Content-Length
69
X-Xss-Protection
1; mode=block
x-amz-id-2
E4H0D+E8AqQBiD3H24yifMWPUTjMKlWumRcXFHlKNnc7qkCWizysKa92UhRqf7B+mISqHcJEzOs=
5bf10f1e6e180613e463bd3c60eceebb6933729b.004bacf3a5329b318e71.js
win.gg/_next/static/chunks/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://win.gg/_next/static/chunks/5bf10f1e6e180613e463bd3c60eceebb6933729b.004bacf3a5329b318e71.js
Requested by
Host: win.gg
URL: https://win.gg/_next/static/chunks/commons.4e5d3f2c1dd3e30dc1e6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Purpose
prefetch
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
win.gg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Cookie
usprivacy=1---
Connection
keep-alive
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
RGZMH0M1ACP8E6H7
x-amz-id-2
GzA4JkkcGcDJl/3M2U4byi6QNqvkPL1AHlq2u0HZEB9H3cOJuyS7gSrEaUvVWRhYzAnmPd7KQsU=
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
13766
X-Xss-Protection
1; mode=block
Last-Modified
Mon, 17 May 2021 09:48:50 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"3690da8cfc836d8f4cc348ba1d2c1d5b"
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
application/javascript
Cache-Control
public, max-age=31536000, immutable
%5B%5B...article%5D%5D-c7e5f85e68fa46eb4afa.js
win.gg/_next/static/chunks/pages/news/ 		0
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://win.gg/_next/static/chunks/pages/news/%5B%5B...article%5D%5D-c7e5f85e68fa46eb4afa.js
Requested by
Host: win.gg
URL: https://win.gg/_next/static/chunks/commons.4e5d3f2c1dd3e30dc1e6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Purpose
prefetch
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
win.gg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Cookie
usprivacy=1---
Connection
keep-alive
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 17 May 2021 09:46:43 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"9b25-17979b877b8"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000, immutable
transfer-encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Accept-Ranges
bytes
X-Xss-Protection
1; mode=block
original.jpg
cdn-images.win.gg/resize/w/610/h/345/format/webp/type/progressive/fit/cover/path/news/ebb87faa733d9a04ebb40f422b135fb0/d6382a0b215658ea3739026b3cc7e5d9/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/610/h/345/format/webp/type/progressive/fit/cover/path/news/ebb87faa733d9a04ebb40f422b135fb0/d6382a0b215658ea3739026b3cc7e5d9/original.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ef6ddbd1b8cd92a3e8717f00cacd3f22d743ff1a2bb635604f8b7291b07f471

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Sat, 24 Apr 2021 21:39:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"cde90e4157b86c306e74ac70fa221fe8"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
63502
x-amz-cf-id
AtkshNp62-SIL0MRYjElNexWiom0BPgf7xgmjJXlW9jyRjVBIXqlsg==
original.png
cdn-images.win.gg/resize/w/28/h/28/format/webp/type/progressive/fit/cover/path/teams/bf8af7399db538a24dd5e9ce48e562d2/fad23a845ae9f365c0b23fded0d221b7/ 		966 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/28/h/28/format/webp/type/progressive/fit/cover/path/teams/bf8af7399db538a24dd5e9ce48e562d2/fad23a845ae9f365c0b23fded0d221b7/original.png
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16111e76e07f9ad6bcabb5db5c092a7fdc7f35a75899e1b95eb9bca1849609bd

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Tue, 09 Feb 2021 07:25:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"92f9369665fc7cd5d40416da17e56bef"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
966
x-amz-cf-id
dyhdHOUu4xe1Kc0PylxBf3zIBm6WqqHUeT_qAbBjDhmWDBFZfrY32A==
s1.png
cdn-images.win.gg/resize/w/189/h/336/format/webp/type/progressive/fit/cover/path/static/imgs/stories/fortnite/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/189/h/336/format/webp/type/progressive/fit/cover/path/static/imgs/stories/fortnite/s1.png
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0040779f88cf461e73c11276dab124cf7211abb09c5e1d3d70339432086f664

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Fri, 14 May 2021 07:19:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"bc6ec0372a613f5df5479517e2863f3b"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
28198
x-amz-cf-id
jTJYstFN2msNGFxSEwgX9HibJWzJaK7IETswEGGl82Eez8_1dR2sXQ==
s2.png
cdn-images.win.gg/resize/w/189/h/336/format/webp/type/progressive/fit/cover/path/static/imgs/stories/fortnite/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/189/h/336/format/webp/type/progressive/fit/cover/path/static/imgs/stories/fortnite/s2.png
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66cb5f472f7ebe23910758c6734dbc34fa7368c058f9d7ff5a5faa487f4c753b

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Fri, 14 May 2021 07:19:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"6e1147bfb44806b4ac262e05f5836bc3"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
27712
x-amz-cf-id
6sfrit0KK9Owme6AUTmsU09KEcwV1qlnJy0WnZ7_fHiOtxylC2pcew==
s3.png
cdn-images.win.gg/resize/w/189/h/336/format/webp/type/progressive/fit/cover/path/static/imgs/stories/fortnite/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/189/h/336/format/webp/type/progressive/fit/cover/path/static/imgs/stories/fortnite/s3.png
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d4853ae6b057920b3b70a90949e268ad1bc488b95bc280e1d2a6dd58ba595cff

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Fri, 14 May 2021 07:19:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"fdb419f5ce2b10f67b66c28f116fed86"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
20528
x-amz-cf-id
9trSZOEtiM8Y4_8IIjwgfItv-2DbFxz_xJg7aWgEztP0Oi3eBNN14A==
s5.png
cdn-images.win.gg/resize/w/189/h/336/format/webp/type/progressive/fit/cover/path/static/imgs/stories/fortnite/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/189/h/336/format/webp/type/progressive/fit/cover/path/static/imgs/stories/fortnite/s5.png
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c21cb0a9213d90cdbba376f8fae4c8b62239fd685202b6a21dd358eeb51192c8

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Fri, 14 May 2021 07:19:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"0762485219d1c0ea0b0ccea0c6774ccb"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
29566
x-amz-cf-id
CCx7p79_Sd-pbqEn2PGl4ZExxiyzy7vwVjF8I6qaOtWXfXVg9Ttjxg==
original.jpg
cdn-images.win.gg/resize/w/210/h/118/format/webp/type/progressive/fit/cover/path/news/images/3795/d516acb23819e7acb710808defddb098/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/210/h/118/format/webp/type/progressive/fit/cover/path/news/images/3795/d516acb23819e7acb710808defddb098/original.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2675e89e82517fce2ec2237adaaa69475c7bc90c02084d9fd985dc1fef53692

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Wed, 10 Feb 2021 01:39:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"d0bcfdc9443572f06da33ea79535d396"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
7794
x-amz-cf-id
EbHS-RMe6YI8P1a34pRTuZop1Me98xvYhD1SVsHSwBDFanh7CUnScg==
original.jpg
cdn-images.win.gg/resize/w/210/h/118/format/webp/type/progressive/fit/cover/path/news/images/3535/805e22e051b5850eb625abee08be23e8/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/210/h/118/format/webp/type/progressive/fit/cover/path/news/images/3535/805e22e051b5850eb625abee08be23e8/original.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e6319374a8dc59b7bdbe554d655765c87d141192555234aea61a744a7da457f

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Tue, 09 Feb 2021 16:38:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"d8f257b67c5e0947a794dabf71e83519"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
10126
x-amz-cf-id
WIKCUSYRTkgfcekXaT2fI_PW6yoo5014IHf-KFh-xg68e9AB8n8reA==
original.jpg
cdn-images.win.gg/resize/w/210/h/118/format/webp/type/progressive/fit/cover/path/news/images/3305/2b666c86c531edcb995963efb266967f/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/210/h/118/format/webp/type/progressive/fit/cover/path/news/images/3305/2b666c86c531edcb995963efb266967f/original.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7b7075df53dbdd01d1a0b0108b5f213d3f621f0f541ed3e838ab4239d8e7e7a

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Tue, 09 Feb 2021 16:38:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"0fdc9181d86c906a5ea3d90a485c7f39"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
12184
x-amz-cf-id
w_qZW-MfGJpuLrNVyimOGeQRzt_lJqGi1jvohH7ScVo0jybX7VWxag==
original.jpg
cdn-images.win.gg/resize/w/210/h/118/format/webp/type/progressive/fit/cover/path/news/images/3251/74cadf9903587256f77ff1d53bf3e69a/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/210/h/118/format/webp/type/progressive/fit/cover/path/news/images/3251/74cadf9903587256f77ff1d53bf3e69a/original.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22b16769a41b564d450d644ba9b9e7189f65b8649df8f8bfe1b00e3328e2b931

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Tue, 09 Feb 2021 16:38:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"a3a85d4cabfa25e0e8d4cd174dbfc686"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
8776
x-amz-cf-id
fpURO8FwzPTfwK6-m50l58dSCyIAL4fLofcSFMV9LxgizPvyCExbsQ==
original.jpg
cdn-images.win.gg/resize/w/210/h/118/format/webp/type/progressive/fit/cover/path/news/images/2064/a08026b421ddf0fd42b23eedcdc9f16b/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/210/h/118/format/webp/type/progressive/fit/cover/path/news/images/2064/a08026b421ddf0fd42b23eedcdc9f16b/original.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb1283e3f33f34befc3708faa4e40927a2119e369d90b8fb234709f0265f2c8e

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Tue, 09 Feb 2021 09:21:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"56a91fd721c0d6fffea849c253bd9dac"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
10930
x-amz-cf-id
KJHNSqKwhkqpeuuXZFru7tkP5VbMM8CwkuAy3T8losSl8B8nV3bayA==
winners-net-banner.png
cdn-images.win.gg/resize/w/300/h/250/format/webp/type/progressive/fit/cover/path/static/imgs/ads/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/300/h/250/format/webp/type/progressive/fit/cover/path/static/imgs/ads/winners-net-banner.png
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d47daf7894302e50f7b27a9f607cd2f18374631cae5182f3e44c6128c6949402

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Fri, 30 Apr 2021 07:20:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"588159af5c9900d9665e1baf9680fe55"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
25554
x-amz-cf-id
yr45DLE_E5d744jPZ5B5Dza_T17bi-_LkQHT8M0Qih3SlNjhp97TAQ==
original.jpg
cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/e48a900a95c8e0a3db31da9fbad6866e/f5b2299062968494e8e8a81581f0b4fd/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/e48a900a95c8e0a3db31da9fbad6866e/f5b2299062968494e8e8a81581f0b4fd/original.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43319981414ac41f7d63edd19c7fac61d63b8ff6ddb66710f03f34b4a852c7e6

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Sat, 24 Apr 2021 01:32:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"b3b9363e5ae2e1c09b8c67ca2d26c241"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
3870
x-amz-cf-id
k7Bb1kkapkZDG6ZP3YBThqZtyo9wcr9_s6s6PrBeYBe3mrvTJGF43Q==
original.jpg
cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/400c3241004b5db7ca7f5abfef2794f2/5e09f74d0f5fa63aed6a9458c815c346/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/400c3241004b5db7ca7f5abfef2794f2/5e09f74d0f5fa63aed6a9458c815c346/original.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5b5b3be5cad9f0035eac9efb0bbb7068d9fb710f698d1d12be9ed44d780638b5

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Sat, 17 Apr 2021 18:15:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"9f4c9fdf72358e5d77aee570ab70ced0"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
2440
x-amz-cf-id
Il1_IX0ixF1QtEoygvWa-w1xQtHsG0rLbJD8Pc8CeTZfuwVLRXTJDg==
original.jpg
cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/89db09d856d45d361982edc10ce738a2/0b9e940ccf016466fbe1595335365d35/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/89db09d856d45d361982edc10ce738a2/0b9e940ccf016466fbe1595335365d35/original.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4e962fb036597ef2218da6584c918a2fd01c058d56b2323b40ae9d8b76e7a330

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Sun, 28 Mar 2021 18:55:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"c0956e37eba6df3ca128c2e3eec78a92"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
3362
x-amz-cf-id
9pgIgChHaYI6JB5qAOGecOjWIQwPK0GqfHpQe7rwW9JJw9nzqWLw_Q==
original.png
cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/62326dc7c4f7b849d6f013ba46489d6c/338dad3749d1ff36a431891c375ece62/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/62326dc7c4f7b849d6f013ba46489d6c/338dad3749d1ff36a431891c375ece62/original.png
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb046ae31caa2ca462183ad2c714ece6d905e0fb79fc463ad339946ec1c4f886

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Tue, 16 Mar 2021 22:39:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"956aaf6030a3cf32e1ff520d3be1643b"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
4122
x-amz-cf-id
lfnroNdsk9niH4lc1qF3Z00gfKW736I24tmrxOSHxzM_cnNBNrKFRQ==
original.jpg
cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/27d52bcb3580724eb4cbe9f2718a9365/89a4251e0f9f601a56e3925a044fa9bc/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/27d52bcb3580724eb4cbe9f2718a9365/89a4251e0f9f601a56e3925a044fa9bc/original.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1a7fda10c2e6661b80fd360916f9400af18a40fa6ee5ebb06064a21cbf81e16

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Mon, 15 Mar 2021 10:45:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"9b1c22b8ceab6d928eb1197caac83f3a"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
3216
x-amz-cf-id
gSnIH2BiyOdkXLDHFd6Lm9NZTpAxAc9Vg73h5vS4zKqaHmhoyFnA-w==
original.jpg
cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/bb836c01cdc9120a9c984c525e4b1a4a/54ebebb09778e598f254ad85a8a9d657/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/bb836c01cdc9120a9c984c525e4b1a4a/54ebebb09778e598f254ad85a8a9d657/original.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
29126b49d2d42bd5d93e0dc093987fe2a2c6b572db6cdbc5ad9a727c18b54629

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 00:57:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"21e0a268d5134734b5d7b422a78c012b"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
4808
x-amz-cf-id
XHaG1aGcZUfgJfCFLP5loXImzKEXFZW0BsW_5ymF2F7GlrpNCUkrLQ==
original.jpg
cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/4582ef600b4316d72eede3ef78fc77d9/bd662eb3ab4a7d681e86bcb3e997c1f9/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/4582ef600b4316d72eede3ef78fc77d9/bd662eb3ab4a7d681e86bcb3e997c1f9/original.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afaf030770c2cf3a5366c70816938f1d4e3530c8abeefbba4c4a738455533a56

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Tue, 09 Mar 2021 02:15:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"4d6de7d6e05b2567556ee07ef9e021cb"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
3390
x-amz-cf-id
B41XS1YJgpSDgdVYbES8pKd8Rv5-7758ruqtrGRjDYscVIsZEPXnHQ==
original.jpg
cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/99e4ff886ade110350981edaec84553c/a72f6cfdefb7794399ff013a13ee7f87/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/99e4ff886ade110350981edaec84553c/a72f6cfdefb7794399ff013a13ee7f87/original.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a751fe51dbc872521b7aa68bbaae29e857f0da3bb8667617bdf95223d00b6c8e

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Fri, 05 Mar 2021 21:32:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"3d019328db64833f0521619545a6847a"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
4218
x-amz-cf-id
M33dfrNFHOEJZKVmkhJeeBz-CDTXw9QiXGQAMLWEvPqHHEkTRmATnA==
original.jpg
cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/f2c5b1f06bfe59954cb2a56858c2ed98/41f38bcf047da7f0d91dc1e9ba1e7fd9/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/f2c5b1f06bfe59954cb2a56858c2ed98/41f38bcf047da7f0d91dc1e9ba1e7fd9/original.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6bd82341efc9433c5b3508adcc7fe2e7ff798f547c264e1cf33a2c8358d4408a

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Sun, 21 Feb 2021 02:54:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"80f13392c47e1cae81a556129dc99941"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
4768
x-amz-cf-id
8KY1IBxcRv6u7_u-U4H9uDBnCQauOdcGvkYPpInqVMzIRhv7tyJ5ng==
original.jpg
cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/162d18156abe38a3b32851b72b1d44f5/312414ba0be23e7616a0045b175a6f57/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/162d18156abe38a3b32851b72b1d44f5/312414ba0be23e7616a0045b175a6f57/original.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dbb098b8d65e7422473cb1a73abf837a5b622d3b1c44af69cb738d7be8dd6b78

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Tue, 09 Feb 2021 19:22:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"c10e7a301f7ed230d4ea38cac41cae3b"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
5250
x-amz-cf-id
u1lVhBi_Hlzame0y-qyOC7o69W1zT2a2iEVGWOmk4a8Q1Zc40tGEnw==
original.jpg
cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/185e48a43c7f63acf74b1bd58827b510/24bc5e9f779516c6df0b2ce65774cc5a/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/185e48a43c7f63acf74b1bd58827b510/24bc5e9f779516c6df0b2ce65774cc5a/original.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed02ce1d0bf58b6ea7e0b73f7d02493efeda20231da1992586311c6fceb618f4

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Tue, 09 Feb 2021 06:50:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"9c023a22a09cb1811d74fbbbc258715d"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
4462
x-amz-cf-id
aWqx10JbdY2RIX5GpOOfATwzGSgnUlFozpiURa4kT-_BzJMv311UUw==
original.png
cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/1e9f65024cd764a33b94a14b0e79f42d/556c137fc5cd9da67d34ddd00cf51327/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/1e9f65024cd764a33b94a14b0e79f42d/556c137fc5cd9da67d34ddd00cf51327/original.png
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
454e0aa8c5a3f313841100fe4cd9b93f94b0a04ad943de2321500d0ee8dffee3

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Thu, 04 Feb 2021 13:49:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"2b1f34ca8fd62e043923d67c681afd06"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
5446
x-amz-cf-id
tcsdlSPCHjCUyoHExUCW-6XLvxONkWVOAO4ZyGddpsHXf3RZ6hVSaw==
original.jpg
cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/33cf42b38bbcf1dd6ba6b0f0cd005328/8fa12d610f5fc396341f3f34d6b0c040/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/33cf42b38bbcf1dd6ba6b0f0cd005328/8fa12d610f5fc396341f3f34d6b0c040/original.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a5ab8a24329a106185ec8a5c028d77ec64d65ce9d7f90ef87e0b1ff9dfcdf70

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 21:15:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"3fde5afce2b7ed915bd75e66e4e1eb26"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
3728
x-amz-cf-id
uUcR4JZSx7uiz-DRIA8oG10pB0I0FS71r-9LrSgUxS9q_coCguucOA==
original.jpg
cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/83da7c539e1ab4e759623c38d8737e9e/9e650deeb0445c11977075fde53b63c5/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.win.gg/resize/w/70/h/70/format/webp/type/progressive/fit/cover/path/news/83da7c539e1ab4e759623c38d8737e9e/9e650deeb0445c11977075fde53b63c5/original.jpg
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-95.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5f671f47fbef406042ec6fc6695021e4ce80a181cd4e0d7e8fdda046a8c3cdb

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 21:15:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"ef690709f87f47762264e9100b68a56b"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31557600
x-cache
Miss from cloudfront
content-length
4298
x-amz-cf-id
p6zYfXMr_3uAHU0BuOqPNomvhFKzkVdhOWdMshqHBzlhMMCCF_kKwA==
collect
analytics.google.com/g/ 		0
362 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-916JLHZYLF&gtm=2oe820&_p=930610526&sr=1600x1200&_gaz=1&ul=en-us&cid=1279408773.1628057043&_s=1&dl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&dt=Nickmercs%20reveals%20that%20he%20is%20now%20a%20FaZe%20Clan%20co-owner%20-%20FORTNITE%20News%20-%20WIN.gg&sid=1628057042&sct=1&seg=0&en=suggestion&_fv=1&_nsi=1&_ss=1&ep.suggestion_path=%2Fnews%2F7936%2Fis-the-fortnite-world-cup-happening-this-year-in-2021-question-mark&ep.suggestion_reason=recency&ep.suggestion_location=right_column
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-916JLHZYLF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
68 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-916JLHZYLF&cid=1279408773.1628057043&gtm=2oe820&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-916JLHZYLF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-916JLHZYLF&cid=1279408773.1628057043&gtm=2oe820&aip=1&z=877018526
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=930610526&t=pageview&_s=1&dl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&ul=en-us&de=UTF-8&dt=Nickmercs%20reveals%20that%20he%20is%20now%20a%20FaZe%20Clan%20co-owner%20-%20FORTNITE%20News%20-%20WIN.gg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEADQAAAAC~&jid=284849183&gjid=106643680&cid=1279408773.1628057043&tid=UA-125662552-1&_gid=2110887804.1628057043&_r=1&gtm=2wg820598L2T6&cg1=FORTNITE&cd2=FORTNITE&cd3=13666&cd4=FaZe&z=1779385130
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-T8SWN4K&t=gtm12&cid=1279408773.1628057043
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bde0e574a13019b31209cdaf12d997d181de16fd71bf1cdec0df758b04fef5e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39096
x-xss-protection
0
expires
Wed, 04 Aug 2021 06:04:02 GMT
liveView.php
live.primis.tech/live/ Frame 6CE8 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=104669&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&subId=[SUBID_ENCODED]&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed211firpglwsz&csuuid=610a2dd2d60d7&r_csuuid=1&cbuster=1628057042&pubUrlAuto=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=110&floatHorizontalOffset=1&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=104669&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&subId=[SUBID_ENCODED]&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed211firpglwsz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
14e47404c7ddf75fd3864c395ff69a83dba34fed682c29cb4f44c5210e913336

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
jot
syndication.twitter.com/i/ Frame 7AAA 		43 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1628057042936%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%221890d59c%3A1627936082797%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%2209b221f%3A1627939825498%22%2C%22item_ids%22%3A%5B%221385788446606774273%22%5D%2C%22item_details%22%3A%7B%221385788446606774273%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A700.7000007629395%7D
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Wed, 04 Aug 2021 06:04:02 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
b5cc949c2dbc9967ac1b47cfce3034ce46ba9fd9ce44b8a7d279621e66ead102
x-transaction
1f45698e94947d3d
expires
Tue, 31 Mar 1981 05:00:00 GMT
e131c285e681484cc2b42095c01ea9fecf46b257_CSS.af726f49.chunk.css
win.gg/_next/static/css/ 		55 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://win.gg/_next/static/css/e131c285e681484cc2b42095c01ea9fecf46b257_CSS.af726f49.chunk.css
Requested by
Host: win.gg
URL: https://win.gg/_next/static/chunks/commons.4e5d3f2c1dd3e30dc1e6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.68.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-68-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4bdfb79288321fe816d8e3e70c46bbba6fc703993b83f2d64a150439517a2dbd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
win.gg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Cookie
usprivacy=1---; _ga_916JLHZYLF=GS1.1.1628057042.1.0.1628057042.60; _hjid=dcc8e9b3-7ddb-41fd-b525-c90e49f54734; _hjFirstSeen=1; _ga=GA1.2.1279408773.1628057043; _gid=GA1.2.2110887804.1628057043; _gat_UA-125662552-1=1
Connection
keep-alive
Referer
https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
KTTX5KSDZ3JWEB8Y
x-amz-id-2
PjH9wfTCF1/Q1RoZq6jercnSEpbl9LR2HVVf1hQMFEPFdkCybJ4iVGSWcjcCxE0ckQrFsn1DZFw=
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
5148
X-Xss-Protection
1; mode=block
Last-Modified
Mon, 17 May 2021 09:48:50 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"ea29ea636391d508f3149424c6971e19"
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
text/css
Cache-Control
public, max-age=31536000, immutable
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-125662552-1&cid=1279408773.1628057043&jid=284849183&gjid=106643680&_gid=2110887804.1628057043&_u=YADAAEACQAAAAC~&z=1561189527
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 04 Aug 2021 06:04:02 GMT
content-type
text/plain
access-control-allow-origin
https://win.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 6CE8 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=104669&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&subId=[SUBID_ENCODED]&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed211firpglwsz&csuuid=610a2dd2d60d7&r_csuuid=1&cbuster=1628057042&pubUrlAuto=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=110&floatHorizontalOffset=1&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 04 Aug 2022 06:04:02 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 6CE8 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=104669&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&subId=[SUBID_ENCODED]&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed211firpglwsz&csuuid=610a2dd2d60d7&r_csuuid=1&cbuster=1628057042&pubUrlAuto=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=110&floatHorizontalOffset=1&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-228f"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 04 Aug 2022 06:04:02 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 6CE8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=104669&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&subId=[SUBID_ENCODED]&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed211firpglwsz&csuuid=610a2dd2d60d7&r_csuuid=1&cbuster=1628057042&pubUrlAuto=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=110&floatHorizontalOffset=1&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-1ef8"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 04 Aug 2022 06:04:02 GMT
hls.0.12.4_2.min.js
live.primis.tech/content/video/hls/ Frame 6CE8 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=104669&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&subId=[SUBID_ENCODED]&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed211firpglwsz&csuuid=610a2dd2d60d7&r_csuuid=1&cbuster=1628057042&pubUrlAuto=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=110&floatHorizontalOffset=1&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 08:36:05 GMT
server
nginx
etag
W/"5f34fb75-3ff27"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 04 Aug 2022 06:04:02 GMT
prebidVid.4.43.0_4.min.js
live.primis.tech/content/prebid/ Frame 6CE8 		385 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=104669&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&subId=[SUBID_ENCODED]&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed211firpglwsz&csuuid=610a2dd2d60d7&r_csuuid=1&cbuster=1628057042&pubUrlAuto=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=110&floatHorizontalOffset=1&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a69c0de1cea125db41c1d1006d96df811952b87f283ff2f05c2a8421f82cf989

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 07:00:02 GMT
server
nginx
etag
W/"610251f2-60362"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 04 Aug 2022 06:04:02 GMT
liveVideo.php
live.primis.tech/live/ Frame 6CE8 		602 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30382D30345F30397D7B7331343830393231367D7B4335377D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=610a2dd2d60d7&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed211firpglwsz&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=104669&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&subId=[SUBID_ENCODED]&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed211firpglwsz&csuuid=610a2dd2d60d7&r_csuuid=1&cbuster=1628057042&pubUrlAuto=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=110&floatHorizontalOffset=1&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
18de98eb4055c8ea53a6556a321c48b2b95b1137eb5e04724a586e5db016a532

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
ga-audiences
www.google.com/ads/ 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-125662552-1&cid=1279408773.1628057043&jid=284849183&_u=YADAAEACQAAAAC~&z=1557664014
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-125662552-1&cid=1279408773.1628057043&jid=284849183&_u=YADAAEACQAAAAC~&z=1557664014
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2swfL7V4PlfIZLN0JUhFAUo0WLBNhcXuj-LB_dm9JaaBJ5RDlovDOQp0DJF_X6DsyUUC1En8R8LlTPrM
enormousearth.com/ 		216 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://enormousearth.com/v2swfL7V4PlfIZLN0JUhFAUo0WLBNhcXuj-LB_dm9JaaBJ5RDlovDOQp0DJF_X6DsyUUC1En8R8LlTPrM
Requested by
Host: enormousearth.com
URL: https://enormousearth.com/v2rgfDdndpl66h9VM1zLygfc-9xi0cneh2WrNivwmFGh1e6l2nA4mPoRTI_Qg4Mfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.74.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ab79308610ccbd255a20d6b3634d52ff71a8c52e8d745df516159453c518ca33
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Wed, 04 Aug 2021 06:04:03 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://win.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
94ecd830
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Wed, 04 Aug 2021 06:04:02 GMT
primisslate.css
live.primis.tech/content/video/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30382D30345F30397D7B7331343830393231367D7B4335377D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=610a2dd2d60d7&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed211firpglwsz&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
gzip
last-modified
Tue, 18 Aug 2020 10:07:25 GMT
server
nginx
etag
W/"5f3ba85d-45c8"
content-type
text/css
apstag.js
c.amazon-adsystem.com/aax2/ Frame 6CE8 		123 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30382D30345F30397D7B7331343830393231367D7B4335377D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=610a2dd2d60d7&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed211firpglwsz&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 05:53:06 GMT
content-encoding
gzip
server
Server
age
657
etag
f8520ea4ebd91256d6b4f461d472242a
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
cdBhoWYDE8U.miXtMaq72_QdUztpgDZw
x-amz-cf-id
7nTyOJhdRbtilXrURe1y7CtNpB241MHgyhxaCL52b5qmCDw4iwofbQ==
css
fonts.googleapis.com/ Frame 1C23 		2 KB
644 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
ESF /
Resource Hash
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 05:07:53 GMT
server
ESF
date
Wed, 04 Aug 2021 06:04:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 Aug 2021 06:04:03 GMT
css
fonts.googleapis.com/ 		2 KB
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30382D30345F30397D7B7331343830393231367D7B4335377D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=610a2dd2d60d7&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed211firpglwsz&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
ESF /
Resource Hash
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 05:02:41 GMT
server
ESF
date
Wed, 04 Aug 2021 06:04:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 Aug 2021 06:04:03 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F63C 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D610a2dd2d60d7%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30382D30345F30397D7B7331343830393231367D7B4335377D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=610a2dd2d60d7&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed211firpglwsz&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D610a2dd2d60d7%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://win.gg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://win.gg/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=91608
expires
Thu, 05 Aug 2021 07:30:51 GMT
date
Wed, 04 Aug 2021 06:04:03 GMT
vary
Accept-Encoding
liveCS.php
live.primis.tech/live/ Frame 46A4
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D610a2dd2d60d7%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D610a2dd2d60d7%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=94&advUuid=c4d94cf8-f4e9-11eb-8527-1d21b9eb0306
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=94&advUuid=c4d94cf8-f4e9-11eb-8527-1d21b9eb0306
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30382D30345F30397D7B7331343830393231367D7B4335377D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=610a2dd2d60d7&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed211firpglwsz&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
live.primis.tech
:scheme
https
:path
/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=94&advUuid=c4d94cf8-f4e9-11eb-8527-1d21b9eb0306
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://win.gg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://win.gg/

Response headers

server
nginx
date
Wed, 04 Aug 2021 06:04:03 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 04 Aug 2021 06:04:03 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Set-Cookie
audience=c4d94cf8-f4e9-11eb-8527-1d21b9eb0306; expires=Thu, 04-Aug-2022 07:10:43 GMT; path=/; domain=.spotxchange.com; SameSite=none; Secure
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=94&advUuid=c4d94cf8-f4e9-11eb-8527-1d21b9eb0306
X-fe
141
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
liveCS.php
live.primis.tech/live/ Frame 4752
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D610a2dd2d60d7%26pixel%3D%26advId%3D98%26advU...
  • https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D610a2dd2d60d7%26pixel%3D%26advId%3D98%2...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=98&advUuid=d21d07de-f9e0-48d8-9bad-de93137959ae
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=98&advUuid=d21d07de-f9e0-48d8-9bad-de93137959ae
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30382D30345F30397D7B7331343830393231367D7B4335377D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=610a2dd2d60d7&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed211firpglwsz&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
live.primis.tech
:scheme
https
:path
/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=98&advUuid=d21d07de-f9e0-48d8-9bad-de93137959ae
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://win.gg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://win.gg/

Response headers

server
nginx
date
Wed, 04 Aug 2021 06:04:02 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

vary
Accept, Accept-Encoding
set-cookie
i=f614de37-1c21-4fdc-851e-80589b162946|1628057043; Version=1; Expires=Thu, 04-Aug-2022 06:04:03 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.211.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=98&advUuid=d21d07de-f9e0-48d8-9bad-de93137959ae
date
Wed, 04 Aug 2021 06:04:03 GMT
content-type
text/html
content-length
0
content-encoding
gzip
via
1.1 google
alt-svc
clear
sync.html
s.console.adtarget.com.tr/ Frame 75E3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30382D30345F30397D7B7331343830393231367D7B4335377D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=610a2dd2d60d7&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed211firpglwsz&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
401332272d60ca3c294a022966a96c4d342059269e4590d5967c8f515838e2cf

Request headers

Host
s.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://win.gg/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://win.gg/

Response headers

Server
VertaMedia 1.0
Date
Wed, 04 Aug 2021 06:04:03 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
847
Access-Control-Allow-Origin
https://win.gg
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
liveView.php
live.primis.tech/live/ Frame 6CE8 		72 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=1&vid_content_url=https%3A%2F%2Fvideo.primis.tech%2Fuploads%2Fcn22%2Fvideo%2Fusers%2Fconverted%2F29909%2Fvideo_5f6af001aae1b264352045%2Fvid60c56ade4d173540578578.mp4&vid_content_id=1603907&vid_content_desc=These+are+our+TOP+5+Fortnite+skins%21+Do+you+agree%3F&vid_content_title=These+are+our+TOP+5+Fortnite+skins%21+Do+you+agree%3F&vid_content_duration=92&debugInformation=&x=466&y=262&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&ri=6C69766553746174737C736B317B54307D7B64323032312D30382D30345F30397D7B7331343830393231367D7B4335377D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&isApp=0&geoLati=52.5196&geoLong=13.4069&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&playerApiId=&csuuid=610a2dd2d60d7&cbuster=1628057043114&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30382D30345F30397D7B7331343830393231367D7B4335377D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=610a2dd2d60d7&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed211firpglwsz&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
30bfbfd2afd72145b4358d0f30e7a4448e849e1822f36b399f6c5870675d1668

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://win.gg
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
6249
liveView.php
live.primis.tech/live/ Frame 6CE8 		72 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=1&vid_content_url=https%3A%2F%2Fvideo.primis.tech%2Fuploads%2Fcn22%2Fvideo%2Fusers%2Fconverted%2F29909%2Fvideo_5f6af001aae1b264352045%2Fvid60c56ade4d173540578578.mp4&vid_content_id=1603907&vid_content_desc=These+are+our+TOP+5+Fortnite+skins%21+Do+you+agree%3F&vid_content_title=These+are+our+TOP+5+Fortnite+skins%21+Do+you+agree%3F&vid_content_duration=92&debugInformation=&x=400&y=225&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&ri=6C69766553746174737C736B317B54307D7B64323032312D30382D30345F30397D7B7331343830393231367D7B4335377D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&isApp=0&geoLati=52.5196&geoLong=13.4069&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&playerApiId=&csuuid=610a2dd2d60d7&cbuster=1628057043114&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30382D30345F30397D7B7331343830393231367D7B4335377D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=610a2dd2d60d7&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed211firpglwsz&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e678cde7350814ec8bf4d9bcd0de234b7bff4969de09bef80449d382a68301aa

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://win.gg
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
6246
liveView.php
live.primis.tech/live/ Frame 6CE8 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=0&vid_content_url=https%3A%2F%2Fvideo.primis.tech%2Fuploads%2Fcn22%2Fvideo%2Fusers%2Fconverted%2F29909%2Fvideo_5f6af001aae1b264352045%2Fvid60c56ade4d173540578578.mp4&vid_content_id=1603907&vid_content_desc=These+are+our+TOP+5+Fortnite+skins%21+Do+you+agree%3F&vid_content_title=These+are+our+TOP+5+Fortnite+skins%21+Do+you+agree%3F&vid_content_duration=92&debugInformation=&x=466&y=262&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&ri=6C69766553746174737C736B317B54307D7B64323032312D30382D30345F30397D7B7331343830393231367D7B4335377D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&isApp=0&geoLati=52.5196&geoLong=13.4069&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&playerApiId=&csuuid=610a2dd2d60d7&cbuster=1628057043117&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30382D30345F30397D7B7331343830393231367D7B4335377D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=610a2dd2d60d7&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed211firpglwsz&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
adbedd1d88f252f9055d6186522f64804906fc6f7ea3ef64caac174c14c0032e

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://win.gg
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
2800
chunklist_480.m3u8
video.primis.tech/uploads/cn22/video/users/hls/29909/video_5f6af001aae1b264352045/vid60c56ade4d173540578578.mp4/ 		641 B
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn22/video/users/hls/29909/video_5f6af001aae1b264352045/vid60c56ade4d173540578578.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.57.179 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
6f7c000701966d628a19cb8a3e1e864731d2a5776f441283b3fc100b456be1e1

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
last-modified
Sun, 13 Jun 2021 02:54:02 GMT
server
Tengine
etag
"60c5734a-281"
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
expires
Wed, 18 Aug 2021 06:04:03 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
641
x-proxy-cache
HIT, HIT
vid60c56ade4d173540578578_thumb.jpg
video.primis.tech/uploads/cn22/video/users/converted/29909/video_5f6af001aae1b264352045/ Frame 1C23 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn22/video/users/converted/29909/video_5f6af001aae1b264352045/vid60c56ade4d173540578578_thumb.jpg?cbuster=1623552741
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.57.179 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
208ce5794c5c322f94795bc511e84e5b0b91f9cb69edd4040a95a15b7eb08357
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
last-modified
Sun, 13 Jun 2021 02:52:46 GMT
server
Tengine
etag
"60c572fe-119b"
x-cache-status
HIT
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 16 Aug 2021 20:11:51 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
4507
x-proxy-cache
MISS
vid60c0294a31200274307110_thumb.jpg
video.primis.tech/uploads/cn18/video/users/converted/29909/video_5f6af001aae1b264352045/ Frame 1C23 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn18/video/users/converted/29909/video_5f6af001aae1b264352045/vid60c0294a31200274307110_thumb.jpg?cbuster=1623212470
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.57.179 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
bc205ce5f18ada1fed59fad658ec3217ab686311da788fd979d3af2efb27f45d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
last-modified
Wed, 09 Jun 2021 04:23:03 GMT
server
Tengine
etag
"60c04227-dd4"
x-cache-status
MISS
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 18 Aug 2021 06:04:03 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
3540
x-proxy-cache
HIT
vid60b1cb93404ad648133220_thumb.jpg
video.primis.tech/uploads/cn7/video/users/converted/29909/video_5f6af001aae1b264352045/ Frame 1C23 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn7/video/users/converted/29909/video_5f6af001aae1b264352045/vid60b1cb93404ad648133220_thumb.jpg?cbuster=1622390117
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.57.179 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
8db003c434d44c22e939bf281767bca1e915c54bc01111a699f175d1a49fa82b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
last-modified
Sun, 30 May 2021 15:56:53 GMT
server
Tengine
etag
"60b3b5c5-15b6"
x-cache-status
MISS
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 18 Aug 2021 06:04:03 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
5558
x-proxy-cache
HIT
vid61041e6cb356f927068758_thumb.jpg
video.primis.tech/uploads/cn19/video/users/converted/28588/video_609bb9cfd2073362450294/ Frame 1C23 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn19/video/users/converted/28588/video_609bb9cfd2073362450294/vid61041e6cb356f927068758_thumb.jpg?cbuster=1627659969
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.57.179 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
6bd30b645d14cfaa8ef20b925cc399988632a40302e19a75dd4f1773915acff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
last-modified
Fri, 30 Jul 2021 15:55:16 GMT
server
Tengine
etag
"610420e4-fd9"
x-cache-status
HIT
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 16 Aug 2021 19:49:45 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
4057
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=50&serverTime=1628057043&vid_playerVer=3.1.0&s=104669&sta=0&x=750&y=424&vid_passDomain=win.gg&subId=win.gg&debugInformation=&isApp=0&ri=6C69766553746174737C736B317B54307D7B64323032312D30382D30345F30397D7B7331343830393231367D7B4335377D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&diaid=&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=610a2dd2d60d7&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1628057043110&uid=SekindoSPlayer610a2dd2f4056&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
sync
x.bidswitch.net/ Frame 6CE8 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&user_id=610a2dd2d60d7&custom_data=610a2dd2d60d7;live.primis.tech&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.168.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-168-25.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
liveCS.php
live.primis.tech/live/ Frame 6CE8
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D610a2dd2d60d7%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=93&advUuid=2cc034d5-8308-4c9e-80d2-03dc6ff36fa2
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=93&advUuid=2cc034d5-8308-4c9e-80d2-03dc6ff36fa2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=93&advUuid=2cc034d5-8308-4c9e-80d2-03dc6ff36fa2
date
Wed, 04 Aug 2021 06:04:03 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame 6CE8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D610a2dd2d60d7%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D610a2dd2d60d7%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=99&advUuid=YQot09KJFv55nvrxBBPb5QAABJgAAAAB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=99&advUuid=YQot09KJFv55nvrxBBPb5QAABJgAAAAB
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:03 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=99&advUuid=YQot09KJFv55nvrxBBPb5QAABJgAAAAB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Wed, 04 Aug 2021 06:04:03 GMT
liveCS.php
live.primis.tech/live/ Frame 6CE8
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D610a2dd2d60d7%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D610a2dd2d60d7%2526pixel%253D%2526advId%253D105%2526ad...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=105&advUuid=9038827357018361317
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=105&advUuid=9038827357018361317
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:03 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:03 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
69b1bcb7-efda-416c-b5b8-bd522a217560
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=610a2dd2d60d7&pixel=&advId=105&advUuid=9038827357018361317
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vid60c56ade4d173540578578.jpg
video.primis.tech/uploads/cn22/video/users/converted/29909/video_5f6af001aae1b264352045/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn22/video/users/converted/29909/video_5f6af001aae1b264352045/vid60c56ade4d173540578578.jpg?cbuster=1623552741
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.57.179 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
b20330f8362b22a7e6000f711335331a79e0917bb1d3675e235cefd568376fb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
last-modified
Sun, 13 Jun 2021 02:52:46 GMT
server
Tengine
etag
"60c572fe-7f16"
x-cache-status
HIT
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 16 Aug 2021 20:36:10 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
32534
x-proxy-cache
HIT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://win.gg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 18:26:24 GMT
x-content-type-options
nosniff
age
128259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 18:26:24 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=930610526&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&ul=en-us&de=UTF-8&dt=Nickmercs%20reveals%20that%20he%20is%20now%20a%20FaZe%20Clan%20co-owner%20-%20FORTNITE%20News%20-%20WIN.gg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=10&el=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&_u=aCDAAEADQAAAAC~&jid=&gjid=&cid=1279408773.1628057043&tid=UA-125662552-1&_gid=2110887804.1628057043&gtm=2wg820598L2T6&cg1=FORTNITE&cd2=FORTNITE&cd3=13666&cd4=FaZe&z=825200684
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 11:01:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68566
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 1C23 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://win.gg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 18:26:24 GMT
x-content-type-options
nosniff
age
128259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 18:26:24 GMT
v2ihgwU0LATay-UW4AxB8YSUxuf8jj1ZsXe6WyEtW6vorQT65wW5KQTzRJM_ubvFVl6dHbr5mRBBQFuBJ
enormousearth.com/ 		2 KB
780 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://enormousearth.com/v2ihgwU0LATay-UW4AxB8YSUxuf8jj1ZsXe6WyEtW6vorQT65wW5KQTzRJM_ubvFVl6dHbr5mRBBQFuBJ
Requested by
Host: enormousearth.com
URL: https://enormousearth.com/v2rgfDdndpl66h9VM1zLygfc-9xi0cneh2WrNivwmFGh1e6l2nA4mPoRTI_Qg4Mfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.74.190.35.bc.googleusercontent.com
Software
/
Resource Hash
005e8f1bfdd65e243061b1f178c32894ce558d94a3e01b06e6887b612addb3bc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
x-datacenter
gce-europe-west1
date
Wed, 04 Aug 2021 06:04:03 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://win.gg
access-control-allow-credentials
true
x-hostname
94ecd830
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
740
v1
prg.smartadserver.com/prebid/ Frame 6CE8 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:02 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://win.gg
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 6CE8 		67 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11961761&componentId=prebid&componentSubId=mustang&timestamp=1628057043218&pKey=-476276237&_fw_gdpr_consent=&_fw_gdpr=true&loc=https%3A%2F%2Fwin.gg%2F&playerSize=466x262&schain=1.0,1!primis.tech,29909,1,,,
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:03 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://win.gg
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1628057043129066-522
Expires
Wed, 04 Aug 2021 06:04:03 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 6CE8 		173 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.136.38 Frankfurt am Main, Germany, ASN (),
Reverse DNS
ec2-52-59-136-38.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bc109aaa04ac88347286c49c508f732357a2d075032ff059575df1a77687434e

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:03 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://win.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
169
expires
0
openrtb
ads.adaptv.advertising.com/rtb/ Frame 6CE8 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.211.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-211-246.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://win.gg
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
avjp
primis-d.openx.net/v/1.0/ Frame 6CE8 		106 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f4f72eae-c071-4c49-8c43-080dd70e55eb&nocache=1628057043223&gdpr_consent=&gdpr=1&schain=1.0,1!primis.tech,29909,1,,,&skip=1&auid=540289187&vwd=466&vht=262&aumfs=2600
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:03 GMT
via
1.1 google
server
OXGW/16.211.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://win.gg
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
171621
search.spotxchange.com/openrtb/2.3/dados/ Frame 6CE8 		0
975 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/171621?src_sys=prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 04 Aug 2021 06:04:03 GMT
X-SpotX-Timing-Transform
0.000282
X-SpotX-Timing-SpotMarket
0.037850
X-SpotX-Timing-Page-Mux
0.000344
X-SpotX-Timing-Page-Require
0.000406
X-fe
142
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.041286
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000506
Last-Modified
Wed, 04 Aug 2021 06:04:03 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.017679
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://win.gg
X-SpotX-Timing-Page-Misc
0.001881
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.020171
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 6CE8 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://win.gg
date
Wed, 04 Aug 2021 06:04:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
w_480_00000.ts
video.primis.tech/uploads/cn22/video/users/hls/29909/video_5f6af001aae1b264352045/vid60c56ade4d173540578578.mp4/ 		491 KB
492 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn22/video/users/hls/29909/video_5f6af001aae1b264352045/vid60c56ade4d173540578578.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.57.179 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
9d5d37ac5c4b6d58f047b3f1afa99b6af61380bab3b52f6eab4d5dbdba423e24

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
last-modified
Sun, 13 Jun 2021 02:53:56 GMT
server
Tengine
etag
"60c57344-7adec"
content-type
video/mp2t
access-control-allow-origin
*
expires
Wed, 18 Aug 2021 06:04:03 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
503276
x-proxy-cache
HIT, HIT
vid60c56ade4d173540578578.jpg
video.primis.tech/uploads/cn22/video/users/converted/29909/video_5f6af001aae1b264352045/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn22/video/users/converted/29909/video_5f6af001aae1b264352045/vid60c56ade4d173540578578.jpg?cbuster=1623552741
Requested by
Host: win.gg
URL: https://win.gg/news/7962/nickmercs-reveals-that-he-is-now-a-faze-clan-co-owner
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.57.179 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
b20330f8362b22a7e6000f711335331a79e0917bb1d3675e235cefd568376fb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
last-modified
Sun, 13 Jun 2021 02:52:46 GMT
server
Tengine
etag
"60c572fe-7f16"
x-cache-status
HIT
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 16 Aug 2021 20:36:10 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
32534
x-proxy-cache
HIT
5332643d-c975-420f-a596-fa8045df2304
https://win.gg/ 		65 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://win.gg/5332643d-c975-420f-a596-fa8045df2304
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
66258
Content-Type
text/javascript
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 6CE8 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
4502
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 01 Jul 2021 22:05:10 GMT
server
AmazonS3
date
Wed, 04 Aug 2021 05:10:02 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
TPTlwimoTi8bR1i5kk2kFl6FcErNfPVRFxQXir_3CC25Atjrh_v7og==
PugMaster
image6.pubmatic.com/AdServer/ Frame F63C 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65034852&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D610a2dd2d60d7%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
content-length
0
Cookie set csync
sync.console.adtarget.com.tr/ Frame 7AF9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=mD2EWlc7Ed7etGUCLVjf&pi=admatic&tc=1
86 B
547 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=mD2EWlc7Ed7etGUCLVjf&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN (),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Wed, 04 Aug 2021 06:04:03 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=6673940fbdff552e; expires=Tue, 05 Oct 2021 06:04:03 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None a307080=mD2EWlc7Ed7etGUCLVjf; expires=Tue, 05 Oct 2021 06:04:03 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None

Redirect headers

date
Wed, 04 Aug 2021 06:04:03 GMT Wed, 04 Aug 2021 06:04:03 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=mD2EWlc7Ed7etGUCLVjf&pi=admatic&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
/
ads.us.e-planning.net/uspd/1/ Frame CA08
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN (),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
d63553c951a49b1f765f223a658cdec09bb5b8e8d59d083e8c4d753b3ee07542

Request headers

:method
GET
:authority
ads.us.e-planning.net
:scheme
https
:path
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
CT=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Wed, 04 Aug 2021 06:04:03 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
set-cookie
E=ABLmvu77u7hmfiPe; path=/; domain=e-planning.net; expires=Wed, 02-Aug-2028 06:04:03 GMT; SameSite=None; Secure
expires
Wed, 04 Aug 2021 06:04:03 GMT
x-sid
AMS-738
content-encoding
gzip

Redirect headers

server
openresty
date
Wed, 04 Aug 2021 06:04:03 GMT
content-type
text/html; charset=iso-8859-1
set-cookie
CT=1; path=/; SameSite=None; Secure
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid
AMS-738
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1CA9 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=91608
expires
Thu, 05 Aug 2021 07:30:51 GMT
date
Wed, 04 Aug 2021 06:04:03 GMT
vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame 4B5E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:4600:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

:method
GET
:authority
js.adscale.de
:scheme
https
:path
/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Sat, 10 Jul 2021 00:26:53 GMT
x-amz-version-id
hy_fFu8qNpEDI6UTfMKTr1yfvGXGTHog
server
AmazonS3
content-encoding
gzip
date
Wed, 04 Aug 2021 04:27:45 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 449f2b51e83bf8ba5fa5e65ce60bc277.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
og9KGMZA04FvHPeC4eS007EXIRQz-C-Q7BCPUknmmibX4cSgmgurkA==
age
5778
cookie
cm.adform.net/ Frame 8791 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

:method
GET
:authority
cm.adform.net
:scheme
https
:path
/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Wed, 04 Aug 2021 06:04:03 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame DEDC 		251 B
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN (),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

:method
GET
:authority
cdn.admatic.com.tr
:scheme
https
:path
/user
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-756
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
DE
cdn-edgestorageid
755
cdn-storageserver
DE-51
cache-control
public, max-age=3600
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-cachedat
2021-07-24 14:37:09
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-requestid
49c5d4b82d64c75b85357e34280e82d2
cdn-cache
HIT
content-encoding
gzip
sync.html
s.adtelligent.com/ Frame E9C5 		1 KB
975 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=609724
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
449574733a518865245e30da571351ee5474f17dae2eb6831d4dc64fce74ac74

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Wed, 04 Aug 2021 06:04:03 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
682
Access-Control-Allow-Origin
https://s.console.adtarget.com.tr
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 75E3 		86 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?redir=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN (),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif
get
odb.outbrain.com/utils/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&idx=0&rand=11598&key=NANOWDGT01&widgetJSId=GS_1&va=true&et=true&format=html&pdobuid=-1&api_user_id=null&adblck=false&abwl=false&clss=rZvnkrffX2v%2BnJ4XMStNwArq%2FKyFSUGg5WXS0DuE9AUpZcwwneG%2FQeD8DUFL%2Bsw%2BStBMTpUJcNF6E17C&px=270&py=4430&vpd=3230&cw=670&settings=true&recs=true&version=2000402&sig=xTc7Q7ZT&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=1&ccpaStat=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
/
Resource Hash
c27df45175a03e1c61ee0b5d4e223a3e4a3ab08c7783f8bae33cfb1838b924c6

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1628057043.353877,VS0,VE105
accept-ranges
bytes
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
backend-ip
157.52.117.27
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits
0, 0
x-traceid
860dfd79db3baa856f185f5746a194af
content-encoding
gzip
content-length
1496
x-served-by
cache-lga21927-LGA, cache-fra19177-FRA
w_480_00001.ts
video.primis.tech/uploads/cn22/video/users/hls/29909/video_5f6af001aae1b264352045/vid60c56ade4d173540578578.mp4/ 		498 KB
499 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn22/video/users/hls/29909/video_5f6af001aae1b264352045/vid60c56ade4d173540578578.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.57.179 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
701784f8c4d3cd32c8ed24b6cab20adeadc8fb4e5104b33ed184ee9c1f2f9779

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
last-modified
Sun, 13 Jun 2021 02:53:57 GMT
server
Tengine
etag
"60c57345-7c85c"
content-type
video/mp2t
access-control-allow-origin
*
expires
Wed, 18 Aug 2021 06:04:03 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
510044
x-proxy-cache
HIT, HIT
uu
ih.adscale.de/ Frame 4B5E
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1628057043
  • https://ih.adscale.de/uu?cbfn=receive&t=1628057043&nut&uu=db8064d0861c4f9991cd68092d16136a
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1628057043&nut&uu=db8064d0861c4f9991cd68092d16136a
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.44.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-44-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
817c9e26e899e1a15f05f61538c4176b0d4d2af2fa873724165734784a430116

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1628057043&nut&uu=db8064d0861c4f9991cd68092d16136a
date
Wed, 04 Aug 2021 06:04:03 GMT
content-length
0
um
u-ams02.e-planning.net/ Frame CA08
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dd8722cea88f59622
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=d8722cea88f59622
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=d8722cea88f59622
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:03 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=d8722cea88f59622
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame CA08 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 03 Aug 2026 06:04:02 GMT
tm60118.js
tag.navdmp.com/ Frame CA08 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm60118.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 18 Nov 2020 16:32:07 GMT
server
cloudflare
age
2069
etag
W/"5fb54c87-2ef4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
679596094e424e61-FRA
content-type
application/javascript
expires
Wed, 04 Aug 2021 06:29:34 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame CA08 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 03 Aug 2026 06:04:02 GMT
um
u-ams02.e-planning.net/ Frame CA08
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dd8722cea88f59622%26uid%3D%24%7BUID%7D
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=d8722cea88f59622&uid=1c666ea1-0c39-43c2-b444-88a57e6ad836
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=d8722cea88f59622&uid=1c666ea1-0c39-43c2-b444-88a57e6ad836
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:02 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=d8722cea88f59622&uid=1c666ea1-0c39-43c2-b444-88a57e6ad836
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
32b3eapd8r85os66bdnm5u6dguq8invp
ptag
a.audrte.com/ Frame CA08 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.106.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-106-87.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
ec280066bf73144ca489e17349293da20108290ebfde1e1b8840e3435f53ad12

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:06 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1682
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame CA08 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 03 Aug 2026 06:04:02 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame CA08 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3Dd8722cea88f59622%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:03 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame CA08
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Dd8722cea88f59622
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.79.119.168.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Wed, 04 Aug 2021 06:04:04 GMT
server
nginx/1.10.3
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame CA08
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dd8722cea88f59622%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=d8722cea88f59622&uid=9038827357018361317
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=d8722cea88f59622&uid=9038827357018361317
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:03 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
05aafed5-b69c-4a27-a230-1cb32af88568
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=d8722cea88f59622&uid=9038827357018361317
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame CA08 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3Dd8722cea88f59622%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:06 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame CA08
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-7goVqiZE2uEuDLNW198FdYqEv_jjex9y2ONx54k-~A
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-7goVqiZE2uEuDLNW198FdYqEv_jjex9y2ONx54k-~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN (),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Wed, 04 Aug 2021 06:04:04 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-7goVqiZE2uEuDLNW198FdYqEv_jjex9y2ONx54k-~A
Connection
keep-alive
Content-Length
0
um
u-ams02.e-planning.net/ Frame CA08
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3Dd8722cea88f59622%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=d8722cea88f59622&uid=61c065ec1696f79439e719708577bce141ab5263
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=d8722cea88f59622&uid=61c065ec1696f79439e719708577bce141ab5263
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=d8722cea88f59622&uid=61c065ec1696f79439e719708577bce141ab5263
Date
Wed, 04 Aug 2021 06:04:03 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
um
u-ams02.e-planning.net/ Frame CA08
Redirect Chain
  • https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3Dd8722cea88f59622
  • https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=d8722cea88f59622&uid=02000000C32D0A61A424EF48024694A1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=d8722cea88f59622&uid=02000000C32D0A61A424EF48024694A1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=d8722cea88f59622&uid=02000000C32D0A61A424EF48024694A1
date
Wed, 04 Aug 2021 06:03:47 GMT
server
nginx/1.20.1
content-type
text/html
content-length
145
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
usync.html
eus.rubiconproject.com/ Frame 8C00
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 04 Aug 2021 06:04:06 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Wed, 04 Aug 2021 06:04:06 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7F2C 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dd8722cea88f59622%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dd8722cea88f59622%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=91608
expires
Thu, 05 Aug 2021 07:30:51 GMT
date
Wed, 04 Aug 2021 06:04:03 GMT
vary
Accept-Encoding
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 6CE8 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30382D30345F30397D7B7331343830393231367D7B4335377D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=610a2dd2d60d7&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed211firpglwsz&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Wed, 04 Aug 2021 06:04:03 GMT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=49&serverTime=1628057043&vid_playerVer=3.1.0&s=104669&sta=0&x=750&y=424&vid_passDomain=win.gg&subId=win.gg&debugInformation=&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=610a2dd2d60d7&vImpOpportunityMultiplier=1&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1628057043385&uid=SekindoSPlayer610a2dd2f4056&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:03 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
liveView.php
live.primis.tech/live/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=6&serverTime=1628057043&vid_playerVer=3.1.0&s=58057&sta=11403165&x=466&y=262&msta=14809216&vid_vastType=3&vid_viewabilityState=1&vid_passDomain=win.gg&subId=win.gg&debugInformation=&isApp=0&vid_ati=MidMLprerollsdk&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=610a2dd2d60d7&rvn=5200&attemptMultiplier=10&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1628057043386&uid=SekindoSPlayer610a2dd2f4056&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:03 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
content-type
image/gif
expires
Thu, 31 Dec 2037 23:55:55 GMT
1px-matching-adtelligent.gif
t.trafmag.com/images/images/ Frame E9C5
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=6f11c13c4feba312
35 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=6f11c13c4feba312
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN (),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:11 GMT
server
nginx
content-type
image/gif
content-length
35
p3p
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=6f11c13c4feba312
Date
Wed, 04 Aug 2021 06:04:10 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
csync
sync.console.adtarget.com.tr/ Frame E9C5
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D322988%26extuid%3D%7Buid%7D
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=6f11c13c4feba312
86 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=6f11c13c4feba312
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN (),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Location
https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=6f11c13c4feba312
Date
Wed, 04 Aug 2021 06:04:10 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
ConsentManager,Sticky2
enormousearth.com/v2xngqwKqYBHI3T8pqzAFAN3LujtFOoCFr4ioFGjOOBi3zf63orxkzYWMXz9A94uWACmJ7GHyI69RoLVL/ 		274 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://enormousearth.com/v2xngqwKqYBHI3T8pqzAFAN3LujtFOoCFr4ioFGjOOBi3zf63orxkzYWMXz9A94uWACmJ7GHyI69RoLVL/ConsentManager,Sticky2
Requested by
Host: enormousearth.com
URL: https://enormousearth.com/v2rgfDdndpl66h9VM1zLygfc-9xi0cneh2WrNivwmFGh1e6l2nA4mPoRTI_Qg4Mfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.74.190.35.bc.googleusercontent.com
Software
/
Resource Hash
de85970b58c6156d5ae8460d92d7a94a64de75beff38e332a329b5cdb8428fd0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Origin
https://win.gg
Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"6cbaf75b38e37833a1345bdc46a51a052d8113772c52260a1050120f647cdcde"
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://win.gg
cache-control
private, must-revalidate, max-age=21600
access-control-allow-credentials
true
x-hostname
94ecd830
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
date
Wed, 04 Aug 2021 06:04:03 GMT
bundle.js
cdn.admatic.com.tr/user/ Frame DEDC 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN (),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
content-encoding
br
cdn-edgestorageid
601
cdn-storageserver
DE-51
cdn-cachedat
2021-08-02 18:52:36
cdn-pullzone
266102
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
server
BunnyCDN-DE1-756
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
8d2088c0713c3563b5c107f533bfc6cd
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
w_480_00002.ts
video.primis.tech/uploads/cn22/video/users/hls/29909/video_5f6af001aae1b264352045/vid60c56ade4d173540578578.mp4/ 		437 KB
437 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn22/video/users/hls/29909/video_5f6af001aae1b264352045/vid60c56ade4d173540578578.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.57.179 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
7172ea5ef19238dbec97b33822c3fbaa182c14eef9a493f67d9de7e641029030

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
last-modified
Sun, 13 Jun 2021 02:53:57 GMT
server
Tengine
etag
"60c57345-6d314"
content-type
video/mp2t
access-control-allow-origin
*
expires
Wed, 18 Aug 2021 06:04:03 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
447252
x-proxy-cache
HIT, HIT
userconnect.js
js.adscale.de/ Frame 4B5E 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:4600:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
PU2jw1UpXYdxb7_s5N9z9C2Wbpw_NRZJ
content-encoding
br
last-modified
Sat, 10 Jul 2021 00:26:53 GMT
server
AmazonS3
age
5055
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 449f2b51e83bf8ba5fa5e65ce60bc277.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Wed, 04 Aug 2021 04:39:49 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
I7SxZrKFiDeDTnzHTdqLN5MT-cgB9pJEWwiIXpxvgHydsjXGe44K4A==
csync
sync.console.adtarget.com.tr/ Frame 4B5E 		86 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=db8064d0861c4f9991cd68092d16136a
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN (),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif
userconnect
ih.adscale.de/ Frame 4B5E 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1628057043457&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.44.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-44-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
content-length
149
content-type
application/javascript
bridge3.473.0_en.html
imasdk.googleapis.com/js/core/ Frame A216 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.473.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://win.gg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://win.gg/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194074
date
Thu, 29 Jul 2021 08:18:39 GMT
expires
Fri, 29 Jul 2022 08:18:39 GMT
last-modified
Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
510324
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 6CE8 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Wed, 04 Aug 2021 06:04:03 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=97902712f309e8aae96b168f0b96b192&pvId=97902712f309e8aae96b168f0b96b192&sid=6858278&pid=46845&idx=0&wId=829&pad=0&org=0&tm=1750&eT=0&cnsnt=no_consent&widgetWidth=670&widgetHeight=0&widgetX=270&widgetY=4430&tpcs=0&wRV=2000402&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=173&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:03 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
c98e31a4e799bcf85fd7a9cfb6e61347
Content-Length
4
Expires
0
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 3E3D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c8fc071d9c5e81cb429cf5177c5f761b378562e2738ac17c7d194c5779849afc

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/widgetOBUserSync/obUserSync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://win.gg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://win.gg/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"a9529bf1947e35dcc091aba9c945a135:1627814605.982279"
last-modified
Sun, 01 Aug 2021 10:43:15 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=86400
expires
Thu, 05 Aug 2021 06:04:03 GMT
date
Wed, 04 Aug 2021 06:04:03 GMT
content-length
5559
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1628057043~rv=63~id=020128557f3c2386171b21e8f606dd87; path=/; Expires=Wed, 04 Aug 2021 06:04:03 GMT; Secure; SameSite=None
map
ih.adscale.de/ Frame 4A9E 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.44.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-44-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3c883583b648ed37d07a85607a13036f04d6513a2c82fdddbf38eddbe4b35a8c

Request headers

:method
GET
:authority
ih.adscale.de
:scheme
https
:path
/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.adscale.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uu=db8064d0861c4f9991cd68092d16136a; cct=1628057043402
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js.adscale.de/

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2792
set-cookie
tu=4#52609053#48~~452238~452238~1#101~~452238~452238~1#38~~452238~452238~1#39~~452238~452238~1#40~~452238~452238~1#42~~452238~452238~1#108~~452238~452238~1#63~~452238~452238~1; Max-Age=31336000; Domain=ih.adscale.de; Path=/; Secure; SameSite=None cct=1628057043519; Max-Age=31336000; Domain=.adscale.de; Path=/; Secure; SameSite=None
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 32C1 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 05:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 04 Aug 2021 06:09:36 GMT
w_480_00003.ts
video.primis.tech/uploads/cn22/video/users/hls/29909/video_5f6af001aae1b264352045/vid60c56ade4d173540578578.mp4/ 		385 KB
386 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn22/video/users/hls/29909/video_5f6af001aae1b264352045/vid60c56ade4d173540578578.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.57.179 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
ef20eda843e84e75529a1c8394834dfe45c6523918be2fdf437759a14cfd415f

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
last-modified
Sun, 13 Jun 2021 02:53:58 GMT
server
Tengine
etag
"60c57346-60574"
content-type
video/mp2t
access-control-allow-origin
*
expires
Wed, 18 Aug 2021 06:04:03 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
394612
x-proxy-cache
MISS, HIT
match.js
js.adscale.de/ Frame 4A9E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:4600:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
w7posiEOdDsV4fA8cMvB1saOlh6.Szzy
content-encoding
br
last-modified
Sat, 10 Jul 2021 00:26:53 GMT
server
AmazonS3
age
2939
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 449f2b51e83bf8ba5fa5e65ce60bc277.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Wed, 04 Aug 2021 05:15:05 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
tZp59kYhiwpxY0JLXC8KBy82HS2BPZ6DgZ-u2Se91Cus2nB4_lnLug==
img
ih.adscale.de/sium/018d4457cc884b8eb463b518434052bf/1628057043519/0/ Frame 4A9E
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=db8064d0861c4f9991cd68092d16136a&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F018d4457cc884b8eb463b518434052bf%2F1628057043519%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/018d4457cc884b8eb463b518434052bf/1628057043519/0/img?tpid=101&tpuid=BBID-01-03027710436897767-16358076
49 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/018d4457cc884b8eb463b518434052bf/1628057043519/0/img?tpid=101&tpuid=BBID-01-03027710436897767-16358076
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.44.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-44-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 04 Aug 2021 06:04:03 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/018d4457cc884b8eb463b518434052bf/1628057043519/0/img?tpid=101&tpuid=BBID-01-03027710436897767-16358076
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
w_480_00004.ts
video.primis.tech/uploads/cn22/video/users/hls/29909/video_5f6af001aae1b264352045/vid60c56ade4d173540578578.mp4/ 		431 KB
432 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn22/video/users/hls/29909/video_5f6af001aae1b264352045/vid60c56ade4d173540578578.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.57.179 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
931ca5354842490663ba178423a8e05a5c29eb015e070a372810892721b59a8a

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
last-modified
Sun, 13 Jun 2021 02:53:58 GMT
server
Tengine
etag
"60c57346-6bb94"
content-type
video/mp2t
access-control-allow-origin
*
expires
Wed, 18 Aug 2021 06:04:03 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
441236
x-proxy-cache
HIT, HIT
css2
fonts.googleapis.com/ 		7 KB
652 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
Requested by
Host: enormousearth.com
URL: https://enormousearth.com/v2xngqwKqYBHI3T8pqzAFAN3LujtFOoCFr4ioFGjOOBi3zf63orxkzYWMXz9A94uWACmJ7GHyI69RoLVL/ConsentManager,Sticky2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
ESF /
Resource Hash
2ab9c263d57a65fc6ace46c35ad658615e57cd06b8c11e8667b211b3d5184388
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 04:47:54 GMT
server
ESF
date
Wed, 04 Aug 2021 06:04:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 Aug 2021 06:04:03 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v3/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v3/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://win.gg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 01:25:24 GMT
x-content-type-options
nosniff
age
103119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37056
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:48:53 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 01:25:24 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v3/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v3/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://win.gg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 01:25:24 GMT
x-content-type-options
nosniff
age
103119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37056
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:48:53 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 01:25:24 GMT
MiwwOWE3MWMyODc4N2Y
images.getadmiral.com/ 		763 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.getadmiral.com/MiwwOWE3MWMyODc4N2Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4466 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2880fbb26ad5becd41ec25a5c37da351ac77225bbf30d5a9ab8accf5728591cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
763
server
cloudflare
x-datacenter
gce-europe-west1
etag
"2c607cb7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOV8IrJ1UUiKF8OUKkntVeFuO%2FfW1R5LkD%2F5P7R%2B15gQFaKUHAjAcGaRpzOotbwkW%2FablOPEXQ5ovM%2BbW75Fm8J9zm3E0AIWZ%2FE3yhGOj%2Fh4ytsDAfR78d7WTSV3Nya527r8KH5VicRSrfhPDyua80Z0H4s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
private, must-revalidate, max-age=300
x-hostname
icarus
cf-ray
6795960b88624ac3-FRA
Cookie set usermatch
ssum.casalemedia.com/ Frame 7035 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd8722cea88f59622%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
74031ac6c7c47c1e2d12ce939fbbe21847af9aa873da008045b5b4d1e1901eb0

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YQot09KJFv55nvrxBBPb5QAA; CMPS=5182; CMPRO=1176; CMST=YQot02EKLdMA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|39|241|230|195|64|40|4
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1806
Expires
Wed, 04 Aug 2021 06:04:04 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:04 GMT
Connection
keep-alive
Set-Cookie
CMID=YQot09KJFv55nvrxBBPb5QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 04 Aug 2022 06:04:04 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Nov 2021 06:04:04 GMT CMPRO=1176;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Nov 2021 06:04:04 GMT CMRUM3=04610a2dd405a0&f1610a2dd405a0&c3610a2dd405a00&27610a2dd40b40&e6610a2dd42760&40610a2dd405a0&28610a2dd405a00&2d610a2dd405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 04 Aug 2022 06:04:04 GMT CMST=YQot02EKLdQA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 05 Aug 2021 06:04:04 GMT
/
spl.zeotap.com/ Frame 0401 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
327e3c503d6de35b3318ced6ec369528d6bafc66d89b37da106340e3b128687a

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
set-cookie
zc=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%B5%3B6%F1E%87%06%AC%FA%97J%837%27%3Cg%F6%D1%CD%D2%F4%B3%B1%A0X%A2%A8_Z%D0Y%001%22%A2%FF%E2%BA%A39X%8F%F1%5E%D8%A3%3F%26%E6%29%169S%8A%BA%B4%A6%11.Pe%03%E0%D9%01%22Q%8Al%E5%FB%E2%2B%BB%11%0D%21%AF%3E%E4%7D%AAQ%8F%DD%A0%C2%0B%EE%E5s%D4%AD%FC%CD%09%D2_%B1%A0%CF%DBm%D8%E8%5Dl%11%26%DE%3C%8B%B5%1A%F6%13%0Fs%9B%24%23q%D6%07V%25%5C%97%DD%06%C7%AD%19%D9%C6%A1%85%07M9%29%B8f%DD%2C%FC%90%5E%29%96%8A%15%13%E3%90%24%D4%C3%1E%DF%91Be%91%8C%E3qo; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6795960b7c454ec8-FRA
content-encoding
br
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 4A9E
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=e3e9afba65c1f3b7e97bcbfe9...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YQot09KJFv55nvrxBBPb5QAA%261176
49 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YQot09KJFv55nvrxBBPb5QAA%261176
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.44.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-44-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YQot09KJFv55nvrxBBPb5QAA%261176
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Wed, 04 Aug 2021 06:04:04 GMT
w_480_00005.ts
video.primis.tech/uploads/cn22/video/users/hls/29909/video_5f6af001aae1b264352045/vid60c56ade4d173540578578.mp4/ 		475 KB
476 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn22/video/users/hls/29909/video_5f6af001aae1b264352045/vid60c56ade4d173540578578.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.57.179 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
2156c9b64b81e943cba8562608e5169ad905494259731ebe07c8d70472456593

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
last-modified
Sun, 13 Jun 2021 02:53:58 GMT
server
Tengine
etag
"60c57346-76d4c"
content-type
video/mp2t
access-control-allow-origin
*
expires
Wed, 18 Aug 2021 06:04:03 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
486732
x-proxy-cache
HIT, HIT
getuid
ib.adnxs.com/ Frame 0401 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame 0401
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-67...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEAp9UjSuCkKc8tglAyvBtGQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b39...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEAp9UjSuCkKc8tglAyvBtGQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6795960c4ddf4ec8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEAp9UjSuCkKc8tglAyvBtGQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 0401
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=33231e33-1b7d-4266-8574-43f603483a4d&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=33231e33-1b7d-4266-8574-43f603483a4d&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6795960cdf024ec8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=33231e33-1b7d-4266-8574-43f603483a4d&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
date
Wed, 04 Aug 2021 06:04:03 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 0401 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:06 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 0401
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7be3dfbc-79f0-47a5-7d08-566fbe1a44e6%26reqId%3Df...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7be3dfbc-79f0-47a5-7d08-566fbe1a44e6%26reqId%3Df...
  • https://mwzeom.zeotap.com/mw?cid=c8036eb7-2df9-4d94-845d-4a3bab6854ab&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d...
95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=c8036eb7-2df9-4d94-845d-4a3bab6854ab&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
679596237e3c4ec8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:07 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=c8036eb7-2df9-4d94-845d-4a3bab6854ab&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 0401 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::300 , United States, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Wed, 04 Aug 2021 06:04:03 GMT
via
1.1 varnish
server
nginx
x-timer
S1628057044.821904,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19136-FRA
u
dmp.v.fwmrm.net/ad/ Frame 0401 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:128:1::49 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:04 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 0401 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7be3dfbc-79f0-47a5-7d08-566fbe1a44e6%26reqId%3Dff2b3918-5440-4d0d-6742-ae39efa3e3ed%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 0401
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=ecf51656-bb44-4fcc-ae2a-35c163761ee7&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=ecf51656-bb44-4fcc-ae2a-35c163761ee7&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6795960c9e934ec8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:03 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=ecf51656-bb44-4fcc-ae2a-35c163761ee7&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 0401
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=73522639935570750572091841601929039849&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-...
95 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=73522639935570750572091841601929039849&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:11 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
67959639d92b4ec8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v012-000436e77.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Nxo1m1coTl0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=73522639935570750572091841601929039849&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 0401 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:11 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 0401
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021080408-90875-0.764164001628057055-3b75994a4c79592278a0cc20673a159c&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2021080408-90875-0.764164001628057055-3b75994a4c79592278a0cc20673a159c&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
67959612fbf94ec8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2021080408-90875-0.764164001628057055-3b75994a4c79592278a0cc20673a159c&zdid=533&env=mWeb
Date
Wed, 04 Aug 2021 06:04:15 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 0401
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=6992451760022812823&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6992451760022812823&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
679596129b464ec8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=6992451760022812823&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Date
Wed, 04 Aug 2021 06:04:04 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 0401
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6
95 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN (),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6
date
Wed, 04 Aug 2021 06:04:03 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 0401
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=D0qBXIaw0WARwiVTMc7bhO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d...
95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=D0qBXIaw0WARwiVTMc7bhO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6795960d1fb84ec8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 google
last-modified
Wed, 04 Aug 2021 06:04:04 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=D0qBXIaw0WARwiVTMc7bhO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 0401 		36 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.107 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:04 GMT
server
nginx
p3p
CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 0401
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=c2d52a1455cf78e0a258bdca2b96497d&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-54...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=c2d52a1455cf78e0a258bdca2b96497d&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6795960f7c524ec8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:04 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=c2d52a1455cf78e0a258bdca2b96497d&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
cache-control
no-cache
x-server
10.45.10.33
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 0401
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-FlbIoBdE2or6kGJvRI7NkOnB0SqNh.XdOg--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-FlbIoBdE2or6kGJvRI7NkOnB0SqNh.XdOg--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:11 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6795963afb854ec8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Wed, 04 Aug 2021 06:04:11 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-FlbIoBdE2or6kGJvRI7NkOnB0SqNh.XdOg--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 0401
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=tKr7P5R%2FMpGhrQKPZzWj4OktzehU4wju%2BS41iYitP1U%3D
95 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=tKr7P5R%2FMpGhrQKPZzWj4OktzehU4wju%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6795960f0b8e4ec8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:04 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=tKr7P5R%2FMpGhrQKPZzWj4OktzehU4wju%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 0401 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN (),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:05 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 0401 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.228.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-228-134.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
cache-control
private, no-cache, no-store
x-request-time
D=48 t=1628057044
x-served-by
beacon-n005-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 0401 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.79.119.168.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 0401
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YQot1QADWoovTAAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae3...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YQot1QADWoovTAAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361&_test=YQot1QADWoovTAAC
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:05 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
679596181e454ec8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:05 GMT
via
1.1 varnish
server
Varnish
x-timer
S1628057046.772561,VS0,VE0
x-served-by
cache-fra19144-FRA
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YQot1QADWoovTAAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361&_test=YQot1QADWoovTAAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 0401
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=aea3610a-2dd4-4600-9f07-e9ecf9a77538&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b391...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=aea3610a-2dd4-4600-9f07-e9ecf9a77538&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
67959611f9e54ec8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Wed, 04 Aug 2021 06:04:04 GMT
Server
MT3 3820 7698daf master cdg-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=aea3610a-2dd4-4600-9f07-e9ecf9a77538&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Wed, 04 Aug 2021 06:06:13 GMT
usermatch.gif
beacon.krxd.net/ Frame 0401
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OR8XtAiD&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=b4a1a241-2d2e-49b2-659a-0ddaaa9fcefc
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=b4a1a241-2d2e-49b2-659a-0ddaaa9fcefc
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.228.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-228-134.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:05 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1628057045
x-served-by
beacon-n005-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 04 Aug 2021 06:04:05 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://spl.zeotap.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html; charset=utf-8
location
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=b4a1a241-2d2e-49b2-659a-0ddaaa9fcefc
access-control-allow-credentials
true
cf-ray
67959615991c4ec8-FRA
access-control-allow-headers
*
dcm
aax-eu.amazon-adsystem.com/s/ Frame 0401
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d0...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d0...
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:05 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:05 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 0401
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:05 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
67959615e9dd4ec8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Wed, 04 Aug 2021 06:04:05 GMT
Connection
keep-alive
Content-Length
0
BK-Server
e40d
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 0401
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7be...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:05 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
67959615f9e64ec8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
date
Wed, 04 Aug 2021 06:04:05 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 0401 		557 B
473 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
be1bd62aa178384fbd113383416ba4bc6c5ba02f3d9701e88d8b453d51f3ade7

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
6795960bccf34ec8-FRA
date
Wed, 04 Aug 2021 06:04:03 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
v2swfL7V4PlfIZLN0JUhFAUo0WLBNhcXuj-LB_dm9JaaBJ5RDlovDOQp0DJF_X6DsyUUC1En8R8LlTPrM
enormousearth.com/ 		272 B
308 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://enormousearth.com/v2swfL7V4PlfIZLN0JUhFAUo0WLBNhcXuj-LB_dm9JaaBJ5RDlovDOQp0DJF_X6DsyUUC1En8R8LlTPrM
Requested by
Host: enormousearth.com
URL: https://enormousearth.com/v2rgfDdndpl66h9VM1zLygfc-9xi0cneh2WrNivwmFGh1e6l2nA4mPoRTI_Qg4Mfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.74.190.35.bc.googleusercontent.com
Software
/
Resource Hash
a14096bc82695a2e1cc6ddcbd350f7b01da21ba0193ceeea1b67423a2587c701
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Wed, 04 Aug 2021 06:04:03 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://win.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
94ecd830
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
272
expires
Wed, 04 Aug 2021 06:04:02 GMT
cmp
spl.zeotap.com/ Frame 0401 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6&reqId=ff2b3918-5440-4d0d-6742-ae39efa3e3ed&zdid=1361&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=7be3dfbc-79f0-47a5-7d08-566fbe1a44e6; zsc=%B5%3B6%F1E%87%06%AC%FA%97J%837%27%3Cg%F6%D1%CD%D2%F4%B3%B1%A0X%A2%A8_Z%D0Y%001%22%A2%FF%E2%BA%A39X%8F%F1%5E%D8%A3%3F%26%E6%29%169S%8A%BA%B4%A6%11.Pe%03%E0%D9%01%22Q%8Al%E5%FB%E2%2B%BB%11%0D%21%AF%3E%E4%7D%AAQ%8F%DD%A0%C2%0B%EE%E5s%D4%AD%FC%CD%09%D2_%B1%A0%CF%DBm%D8%E8%5Dl%11%26%DE%3C%8B%B5%1A%F6%13%0Fs%9B%24%23q%D6%07V%25%5C%97%DD%06%C7%AD%19%D9%C6%A1%85%07M9%29%B8f%DD%2C%FC%90%5E%29%96%8A%15%13%E3%90%24%D4%C3%1E%DF%91Be%91%8C%E3qo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6795960c0d5f4ec8-FRA
integrator.js
adservice.google.com/adsid/ Frame 6CE8 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=win.gg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 04 Aug 2021 06:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame A216 		0
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F21734706084%2FMidMLprerollsdk&description_url=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&env=vp&correlator=1503771919966874&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1&unviewed_position_start=1&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=3423158834&sdk_apis=2%2C8&sid=0811CFA8-1703-484A-96AA-2E7EB29F0A2E&eid=420706098%2C44725355&url=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&dlt=1628057042933&idt=637&dt=1628057044033&cookie_enabled=1&scor=3101236709617743&ged=ve4_td1_tt0_pd1_la1000_er881.-2700.1034.-2400_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 7607 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://win.gg/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://win.gg/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 04 Aug 2021 06:04:04 GMT
Connection
keep-alive
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8CFB 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://win.gg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://win.gg/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=91607
expires
Thu, 05 Aug 2021 07:30:51 GMT
date
Wed, 04 Aug 2021 06:04:04 GMT
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 0B83
Redirect Chain
  • https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
  • https://u.openx.net/w/1.0/pd?cc=1&gdpr=1&gdpr_consent=
668 B
723 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?cc=1&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash
4474a3d7ba46486c040385a3c5d220a302c60c09a5ebd3a361cf495d8eecf460

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://win.gg/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=ecc5312b-2aac-412f-8843-b16295636507|1628057044
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://win.gg/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=ecc5312b-2aac-412f-8843-b16295636507|1628057044; Version=1; Expires=Thu, 04-Aug-2022 06:04:04 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1628057044|gekin0vNiygu; Version=1; Expires=Thu, 19-Aug-2021 06:04:04 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.211.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 04 Aug 2021 06:04:04 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=ecc5312b-2aac-412f-8843-b16295636507|1628057044; Version=1; Expires=Thu, 04-Aug-2022 06:04:04 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.211.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u.openx.net/w/1.0/pd?cc=1&gdpr=1&gdpr_consent=
date
Wed, 04 Aug 2021 06:04:04 GMT
content-length
0
via
1.1 google
alt-svc
clear
sync
ups.analytics.yahoo.com/ups/57304/ Frame 6CE8
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPc5b7182f-f4e9-11eb-a2d8-06dbf28d7f76
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBjNWI3MTgyZi1mNGU5LTExZWItYTJkOC0wNmRiZjI4ZDdmNzY%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEKsEhhOjHkaqA8umpC5fV3k&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEKsEhhOjHkaqA8umpC5fV3k&google_cver=1&apid=UPc5b7182f-f4e9-11eb-a2d8-06dbf28d7f76
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEKsEhhOjHkaqA8umpC5fV3k&google_cver=1&apid=UPc5b7182f-f4e9-11eb-a2d8-06dbf28d7f76
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN (),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:04 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEKsEhhOjHkaqA8umpC5fV3k&google_cver=1&apid=UPc5b7182f-f4e9-11eb-a2d8-06dbf28d7f76
date
Wed, 04 Aug 2021 06:04:04 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55953/ Frame 6CE8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=c8036eb7-2df9-4d94-845d-4a3bab6854ab&_origin=1&gdpr=1&gdpr_consent=
0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=c8036eb7-2df9-4d94-845d-4a3bab6854ab&_origin=1&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN (),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:07 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:07 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=c8036eb7-2df9-4d94-845d-4a3bab6854ab&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
m7y5t93k
sync-tm.everesttech.net/ct/upi/pid/ Frame 6CE8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_...
85 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_test=YQot1QADWlYvTwAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:05 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
3306
x-served-by
cache-fra19144-FRA
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1628057046.771806,VS0,VE0
content-length
85
x-cache-hits
6907

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:05 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1628057046.669693,VS0,VE93
x-served-by
cache-fra19144-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_test=YQot1QADWlYvTwAC
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
auto-user-sync
ads.stickyadstv.com/ Frame 6CE8 		43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:04 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1628057044305034-552
Expires
Wed, 04 Aug 2021 06:04:04 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 8CFB 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=84041370&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:03 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame 7607 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
54b869755b710428c09c6750917039e1ab75a5ee635dcbd7d1ccadd0ed90b62e

Request headers

Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 17:07:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14881
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9360
Expires
Wed, 04 Aug 2021 10:12:05 GMT
sd
eu-u.openx.net/w/1.0/ Frame 0B83
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=66c4610a-2dd5-4400-9a5b-70b1e374516b
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=66c4610a-2dd5-4400-9a5b-70b1e374516b
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:05 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 04 Aug 2021 06:03:54 GMT
Server
MT3 3820 7698daf master zrh-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=66c4610a-2dd5-4400-9a5b-70b1e374516b
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 04 Aug 2021 06:03:53 GMT
sd
us-u.openx.net/w/1.0/ Frame 0B83
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=BaE9ZwH0aTMeoD5iA6YgNVDxb2AeoD9lB6BckZzb
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=BaE9ZwH0aTMeoD5iA6YgNVDxb2AeoD9lB6BckZzb
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:05 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=BaE9ZwH0aTMeoD5iA6YgNVDxb2AeoD9lB6BckZzb
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 0B83
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5129030013448688590
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5129030013448688590
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:07 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:07 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5129030013448688590
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 0B83 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=3f690e72-832b-7ed8-d295-798af14456fa&gdpr=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 0B83
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTMwNmRkYjgtNGE1Yy0yMDdjLWM3NzUtMjMzMzNiYTY5ODlh
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTMwNmRkYjgtNGE1Yy0yMDdjLWM3NzUtMjMzMzNiYTY5ODlh&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTMwNmRkYjgtNGE1Yy0yMDdjLWM3NzUtMjMzMzNiYTY5ODlh&google_tc=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&gdpr=1&gdpr_consent=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTMwNmRkYjgtNGE1Yy0yMDdjLWM3NzUtMjMzMzNiYTY5ODlh&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0B83
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEK7YYkl0VTlmCdYvf7uR0TQ&google_cver=1
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEK7YYkl0VTlmCdYvf7uR0TQ&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:04 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEK7YYkl0VTlmCdYvf7uR0TQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame 7607 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/jpg
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 4A9E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=a54fb64b06f76df88a98147...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=4d98610a-2dd5-4c00-b853-aa00e9903c25&gdpr=0&gdpr_consent=
49 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=4d98610a-2dd5-4c00-b853-aa00e9903c25&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.44.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-44-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:05 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 04 Aug 2021 06:03:54 GMT
Server
MT3 3820 7698daf master zrh-pixel-x13
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=4d98610a-2dd5-4c00-b853-aa00e9903c25&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 04 Aug 2021 06:03:53 GMT
crum
dsum-sec.casalemedia.com/ Frame 7035
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQot09KJFv55nvrxBBPb5QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF-SYEfT9UHhxqSO9iKZG3o&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF-SYEfT9UHhxqSO9iKZG3o&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd8722cea88f59622%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 2021 06:04:05 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF-SYEfT9UHhxqSO9iKZG3o&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 7035 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YQot09KJFv55nvrxBBPb5QAA&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd8722cea88f59622%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 7035
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQot09KJFv55nvrxBBPb5QAABJgAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQot09KJFv55nvrxBBPb5QAABJgAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQot09KJFv55nvrxBBPb5QAABJgAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd8722cea88f59622%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:05 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KWEN1M74VST8C2BHEQ8V
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:05 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GEXNSNAEK5059DZK26GB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQot09KJFv55nvrxBBPb5QAABJgAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 7035
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQot09KJFv55nvrxBBPb5QAABJgAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAU909PicW8_VLxfx9r4Ecs&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAU909PicW8_VLxfx9r4Ecs&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd8722cea88f59622%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 04 Aug 2021 06:04:04 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAU909PicW8_VLxfx9r4Ecs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7035
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a5dbdc03-b3c0-48bc-84be-bfae24b2be82
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a5dbdc03-b3c0-48bc-84be-bfae24b2be82
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd8722cea88f59622%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 2021 06:04:06 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a5dbdc03-b3c0-48bc-84be-bfae24b2be82
date
Wed, 04 Aug 2021 06:04:06 GMT
server
Apache-Coyote/1.1
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 7035
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1630649044
43 B
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1630649044
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd8722cea88f59622%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 2021 06:04:04 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:04 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1630649044
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
rum
dsum-sec.casalemedia.com/ Frame 7035
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4492411835778968300
43 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4492411835778968300
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd8722cea88f59622%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 2021 06:04:05 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4492411835778968300
pragma
no-cache
date
Wed, 04 Aug 2021 06:04:03 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
um
u-ams02.e-planning.net/ Frame 7035 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=d8722cea88f59622&uid=YQot09KJFv55nvrxBBPb5QAA%261176
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd8722cea88f59622%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:04 GMT
server
openresty
content-type
image/gif
cs&eq_cc=1
um2.eqads.com/um/ Frame 2050
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd8722cea88f59622%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.17.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-17-21.compute-1.amazonaws.com
Software
/
Resource Hash
76c5a7aba79b325febdd7958f4fc8ab5b2ef0444c074ac3f9a684c1561cce291

Request headers

:method
GET
:authority
um2.eqads.com
:scheme
https
:path
/um/cs&eq_cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ssum.casalemedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
EQUser=UID=13bfbf17-6c5b-430b-850c-4fceaf38085e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ssum.casalemedia.com/

Response headers

date
Wed, 04 Aug 2021 06:04:06 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Wed, 04 Aug 2021 06:04:06 GMT
pragma
no-cache

Redirect headers

date
Wed, 04 Aug 2021 06:04:06 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
set-cookie
EQUser=UID=13bfbf17-6c5b-430b-850c-4fceaf38085e; Path=/; Domain=eqads.com; Expires=Thu, 04 Nov 2021 06:04:06 GMT; Secure; SameSite=None
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=36&serverTime=1628057043&vid_playerVer=3.1.0&s=104669&sta=0&x=750&y=424&vid_passDomain=win.gg&subId=win.gg&debugInformation=&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=610a2dd2d60d7&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1628057045174&uid=SekindoSPlayer610a2dd2f4056&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:04 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
img
ih.adscale.de/sium/018d4457cc884b8eb463b518434052bf/1628057043519/0/ Frame 4A9E
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=675fa32fc7a65d11b0891d5bb96b46bc973ad8eab6ee8cd3fbdefe0b477bfa73&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F018d4457cc884b8eb463b5...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=675fa32fc7a65d11b0891d5bb96b46bc973ad8eab6ee8cd3fbdefe0b477bfa73&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F018d4457cc884b8eb...
  • https://ih.adscale.de/sium/018d4457cc884b8eb463b518434052bf/1628057043519/0/img?tpid=42&gdpr=0&tpuid=5129030013448688590
49 B
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/018d4457cc884b8eb463b518434052bf/1628057043519/0/img?tpid=42&gdpr=0&tpuid=5129030013448688590
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.44.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-44-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:08 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:08 GMT
server
nginx
location
https://ih.adscale.de/sium/018d4457cc884b8eb463b518434052bf/1628057043519/0/img?tpid=42&gdpr=0&tpuid=5129030013448688590
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usync.js
eus.rubiconproject.com/ Frame 8C00 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
54b869755b710428c09c6750917039e1ab75a5ee635dcbd7d1ccadd0ed90b62e

Request headers

Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 17:07:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14879
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9360
Expires
Wed, 04 Aug 2021 10:12:05 GMT
crum
dsum-sec.casalemedia.com/ Frame 2050 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=13bfbf17-6c5b-430b-850c-4fceaf38085e&expiration=1636005846
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 2021 06:04:06 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 4A9E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=20d250ab-40d4-4087-bf4c-1005faaf63c1&gdpr=0
49 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=20d250ab-40d4-4087-bf4c-1005faaf63c1&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.44.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-44-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:06 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=20d250ab-40d4-4087-bf4c-1005faaf63c1&gdpr=0
cache-control
no-cache
date
Wed, 04 Aug 2021 06:04:06 GMT
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2062
content-type
text/html; charset=utf-8
content-length
248
expires
Wed, 04 Aug 2021 00:00:00 GMT
cc.js
tags.crwdcntrl.net/c/15238/ Frame CA08 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-104.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 23:55:21 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
22127
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
q-BvK3TwhspiR4qt6YrTVj_AxvxmUk1OhnMQLRiBhO11Aqq3jCZ3kA==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 527C 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method
GET
:authority
s.e-planning.net
:scheme
https
:path
/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Wed, 04 Aug 2021 06:04:06 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Mon, 03 Aug 2026 06:04:06 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
e-planning
sync.quantumdex.io/usersync/ Frame 0E23 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
20ce1e31d8c3d5b345bd930bc92e447bcc0a218f796616ff02ce28bccdd71195

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/e-planning
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 04 Aug 2021 06:04:06 GMT
content-type
text/html
set-cookie
uid=47a95042-11ec-4dda-9e1b-20e5bcc475bf; expires=Tue, 24 Aug 2021 06:04:06 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHYHU3%2BM5DhkR1MIhgSmCuoPFE8gvEW6RJLjWuiCz7T9OFwX8hW%2FYkmJPjDu%2F9d6osUju84Zv2xg%2Brx3YOdIFNaoBKQ%2FYaAMbfSbHqCSwebN1qhp8bBpZNH7zvgmTpV4I63MfbDACDKmrBEJMrvZzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6795961ebc9b4ed3-FRA
content-encoding
br
Cookie set csync
sync.console.adtarget.com.tr/ Frame 777A 		86 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=ABLmvu77u7hmfiPe
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN (),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
a307080=mD2EWlc7Ed7etGUCLVjf; vmuid=3141c4429465ef59; a307565=db8064d0861c4f9991cd68092d16136a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
VertaMedia 1.0
Date
Wed, 04 Aug 2021 06:04:06 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=3141c4429465ef59; expires=Tue, 05 Oct 2021 06:04:06 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None a307442=ABLmvu77u7hmfiPe; expires=Tue, 05 Oct 2021 06:04:06 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None
GS.d
js.cookieless-data.com/ Frame 527C 		0
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1628057046836
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.112 , France, ASN (),
Reverse DNS
212-129-3-112.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:07 GMT
server
nginx/1.11.3
strict-transport-security
max-age=15724800; includeSubDomains; preload
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
0
expires
Tue, 01 Jan 2000 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 4A9E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=c14c428bc7d82afb8a70d85f...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=4d98610a-2dd5-4c00-b853-aa00e9903c25&gdpr=0&gdpr_consent=
49 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=4d98610a-2dd5-4c00-b853-aa00e9903c25&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.44.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-44-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:06 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 04 Aug 2021 06:03:55 GMT
Server
MT3 3820 7698daf master zrh-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=4d98610a-2dd5-4c00-b853-aa00e9903c25&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 04 Aug 2021 06:03:54 GMT
img
ih.adscale.de/sium/018d4457cc884b8eb463b518434052bf/1628057043519/0/ Frame 4A9E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=46e8796b7e00d9a800d64d783247692767c4b31fdd224dc675702edf839fa517&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F018...
  • https://ih.adscale.de/sium/018d4457cc884b8eb463b518434052bf/1628057043519/0/img?uid=46e8796b7e00d9a800d64d783247692767c4b31fdd224dc675702edf839fa517&tpid=38&gdpr=0&tpuid=CAESEGdchOwImmC_VmecipeSkCc...
49 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/018d4457cc884b8eb463b518434052bf/1628057043519/0/img?uid=46e8796b7e00d9a800d64d783247692767c4b31fdd224dc675702edf839fa517&tpid=38&gdpr=0&tpuid=CAESEGdchOwImmC_VmecipeSkCc&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.44.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-44-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:06 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/018d4457cc884b8eb463b518434052bf/1628057043519/0/img?uid=46e8796b7e00d9a800d64d783247692767c4b31fdd224dc675702edf839fa517&tpid=38&gdpr=0&tpuid=CAESEGdchOwImmC_VmecipeSkCc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
ih.adscale.de/sium/018d4457cc884b8eb463b518434052bf/1628057043519/0/ Frame 4A9E
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=d4cea2cbef1bc6f28b1477a6dc68c298d092742bcbd9ca03a8c024423a9dcf3d&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F018d4457cc884b...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=d4cea2cbef1bc6f28b1477a6dc68c298d092742bcbd9ca03a8c024423a9dcf3d&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F018d4457cc884b...
  • https://ih.adscale.de/sium/018d4457cc884b8eb463b518434052bf/1628057043519/0/js?tpid=48&tpuid=1fcdce5c41960303677050cce5d77882
44 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/018d4457cc884b8eb463b518434052bf/1628057043519/0/js?tpid=48&tpuid=1fcdce5c41960303677050cce5d77882
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.44.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-44-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a6e7f301865dbc0799e97f2aafdf2f2b9bbe5ddfdfa2812917e1d3474ba6fafe

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:08 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Wed, 04 Aug 2021 06:04:08 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/018d4457cc884b8eb463b518434052bf/1628057043519/0/js?tpid=48&tpuid=1fcdce5c41960303677050cce5d77882
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
khaos.jpg
token.rubiconproject.com/ Frame 8C00 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/jpg
setuid
sync.quantumdex.io/ Frame 0E23
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7goVqiZE2uEuDLNW198FdYqEv_jjex9y2ONx54k-~A
43 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7goVqiZE2uEuDLNW198FdYqEv_jjex9y2ONx54k-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BH3cSgelG00lhWnKJJl7fR94UpNJoSkt6r2EEUsI6DRRdAH3Hw1TyKzRHWXPbqrg%2BCUOIZGwfxDfjl23IGmJtkmYXTIcBRqT%2FA0hUB%2BDX%2F903Vu504dT954x59AmMI3hHDvtkK5qP1%2Fj1ecPniFWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6795961fef4a4ed3-FRA
content-length
43

Redirect headers

Date
Wed, 04 Aug 2021 06:04:07 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7goVqiZE2uEuDLNW198FdYqEv_jjex9y2ONx54k-~A
Connection
keep-alive
Content-Length
0
1.gif
id5-sync.com/c/495/0/0/ Frame 0E23
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.47 , France, ASN (),
Reverse DNS
p02.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:06 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Wed, 04 Aug 2021 06:04:06 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 0E23
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2458628405783015084
43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2458628405783015084
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAyssSlJq9hj%2BkKEyphW%2FgN6k4nqM%2FwMSyYIUN%2Bj%2F5VhZ6qywRNH5jn%2FWq11225bUcXuEueA%2FM%2FbWPNbstZ4xwH87YSRUuKF%2B4Ps3N4m2kLoi56NTS7vImOtIKRwyyrAa47te08Yb7974HNdfHdVbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67959621ba884ed3-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:07 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7033eb84-baf6-41cb-a530-481acc6db3d0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2458628405783015084
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 0E23
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=611fe2a4-a812-4486-8503-9477058e7f3e
43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=611fe2a4-a812-4486-8503-9477058e7f3e
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:08 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3iT6RE5E%2BXj186Bd2VlkGs7kuj7XWZgm6xsWSIWynIcX09iqQs3YeWPpytcesVo%2F%2FybU9E5VbLINweW%2BN29fUi6NO62aV%2FP8ER6qF2sbbT%2FELM3A%2FBUFDDthRgziqT6j30mjOJ0w6MinL1%2BqCNc%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
679596263a894ed3-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=611fe2a4-a812-4486-8503-9477058e7f3e
date
Wed, 04 Aug 2021 06:04:08 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 0E23
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7477611067365133009
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7477611067365133009
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9y1bmP62Aaxjlhtl41AChyBGpaBu1%2Bd52ixqSX5wmR49k%2FsTiBsxgbXT7vb1DVTNNWdac19qIF9lOOGBZWTVIKeE3q%2BN8JlPOjke0KcDCEr21ML1hlgMTvd0F5SHS5hTsttYoIgjCdkaN8hf0901FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67959621ba954ed3-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:07 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b34fc856-8ba5-479f-bba1-abad2694be56
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7477611067365133009
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame 0E23 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:06 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame 0E23 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=47a95042-11ec-4dda-9e1b-20e5bcc475bf
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN (),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:07 GMT
server
openresty
content-type
image/gif
/
onetag-sys.com/usync/ Frame EA94 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 1561 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4c77c8a40140006a30cd7142556f9d36ba4621bdd52e0ebf32fcb062f937768

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YQot09KJFv55nvrxBBPb5QAA; CMPS=5182; CMPRO=1176; CMST=YQot02EKLdYA; CMRUM3=e6610a2dd42760&27610a2dd40b40&c3610a2dd62760av-a5dbdc03-b3c0-48bc-84be-bfae24b2be82&04610a2dd405a0&f1610a2dd405a0&2d610a2dd52760CAESEF-SYEfT9UHhxqSO9iKZG3o&28610a2dd6276013bfbf17-6c5b-430b-850c-4fceaf38085e&40610a2dd405a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|206|130|111|13|4|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1545
Expires
Wed, 04 Aug 2021 06:04:06 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:06 GMT
Connection
keep-alive
Set-Cookie
CMID=YQot09KJFv55nvrxBBPb5QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 04 Aug 2022 06:04:06 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Nov 2021 06:04:06 GMT CMPRO=1176;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Nov 2021 06:04:06 GMT CMRUM3=c4610a2dd605a0&49610a2dd605a0&e6610a2dd42760&6f610a2dd605a0&27610a2dd40b40&c3610a2dd62760av-a5dbdc03-b3c0-48bc-84be-bfae24b2be82&0d610a2dd605a0&04610a2dd605a0&f1610a2dd405a0&2e610a2dd605a0&82610a2dd6a8c0&2d610a2dd52760CAESEF-SYEfT9UHhxqSO9iKZG3o&28610a2dd6276013bfbf17-6c5b-430b-850c-4fceaf38085e&ce610a2dd605a0&40610a2dd405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 04 Aug 2022 06:04:06 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame 44AA 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Wed, 04 Aug 2021 06:04:06 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YQot2; path=/; domain=.go.sonobi.com
YQot09KJFv55nvrxBBPb5QAABJgAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1561 		43 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YQot09KJFv55nvrxBBPb5QAABJgAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:07 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 1561 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync
ups.analytics.yahoo.com/ups/55940/ Frame 1561 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YQot09KJFv55nvrxBBPb5QAABJgAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN (),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:07 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ie
match.prod.bidr.io/cookie-sync/ Frame 1561 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.13.173 Dublin, Ireland, ASN (),
Reverse DNS
ec2-54-246-13-173.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:08 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 1561 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:07 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 1561
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=068c220402d288306837278c&expiration=[EXPIRATION]&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=068c220402d288306837278c&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 2021 06:04:08 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=068c220402d288306837278c&expiration=[EXPIRATION]&gdpr=1
Date
Wed, 04 Aug 2021 06:04:08 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
rum
dsum-sec.casalemedia.com/ Frame 1561
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4492411835778968300
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4492411835778968300
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 2021 06:04:07 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4492411835778968300
pragma
no-cache
date
Wed, 04 Aug 2021 06:04:07 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 1561
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 04 Aug 2021 06:04:08 GMT

Redirect headers

date
Wed, 04 Aug 2021 06:04:08 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
setuid
sync.quantumdex.io/ Frame 1561 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YQot09KJFv55nvrxBBPb5QAABJgAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:07 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQuWkRmEeJuBBENajHQDIH4oFS61Lm3daDfo46EPhCyvOqGHYYymCuQolnuMPWAIgdhE69fEJJt0E%2BE%2FkTlbvuqLcFchPN6Bo3h2%2FU6sYQVnubSsng4MkD5YLYc2LgC8wTHip12kWvx%2BtSkW9biUHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6795961fef3e4ed3-FRA
content-length
43
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-916JLHZYLF&gtm=2oe820&_p=930610526&sr=1600x1200&ul=en-us&cid=1279408773.1628057043&dl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&dt=Nickmercs%20reveals%20that%20he%20is%20now%20a%20FaZe%20Clan%20co-owner%20-%20FORTNITE%20News%20-%20WIN.gg&sid=1628057042&sct=1&seg=0&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-916JLHZYLF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveMatching.php
live.primis.tech/live/ Frame 6CE8 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveMatching.php
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30382D30345F30397D7B7331343830393231367D7B4335377D7B5364326C754C6D646E7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583735307D7B593432347D7B66317D7B4C383535367DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=610a2dd2d60d7&debugInfo=14809216_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14809216&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed211firpglwsz&secondaryContent=&x=750&y=424&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=110&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=8556&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:08 GMT
content-encoding
gzip
server
nginx
age
0
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1628057043&vid_playerVer=3.1.0&s=104669&sta=0&x=750&y=424&vid_passDomain=win.gg&subId=win.gg&debugInformation=&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=610a2dd2d60d7&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=500&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1628057048174&uid=SekindoSPlayer610a2dd2f4056&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:08 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
sium
ih.adscale.de/ Frame 4A9E 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.44.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-44-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Wed, 04 Aug 2021 06:04:08 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 6CE8 		67 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11961761&componentId=prebid&componentSubId=mustang&timestamp=1628057051095&pKey=-475413975&_fw_gdpr_consent=&_fw_gdpr=true&loc=https%3A%2F%2Fwin.gg%2F&playerSize=466x262&schain=1.0,1!primis.tech,29909,1,,,
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:11 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://win.gg
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1628057051025053-532
Expires
Wed, 04 Aug 2021 06:04:11 GMT
171621
search.spotxchange.com/openrtb/2.3/dados/ Frame 6CE8 		0
975 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/171621?src_sys=prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 04 Aug 2021 06:04:11 GMT
X-SpotX-Timing-Transform
0.000374
X-SpotX-Timing-SpotMarket
0.039901
X-SpotX-Timing-Page-Mux
0.000261
X-SpotX-Timing-Page-Require
0.000370
X-fe
137
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.043002
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000292
Last-Modified
Wed, 04 Aug 2021 06:04:11 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.015996
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://win.gg
X-SpotX-Timing-Page-Misc
0.001788
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.023905
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 6CE8 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.211.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-211-246.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://win.gg
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 6CE8 		173 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.136.38 Frankfurt am Main, Germany, ASN (),
Reverse DNS
ec2-52-59-136-38.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c9ab6b561a6aeddeaf8dcacafaae45c4d55fe4aa0a04b248c13839c1374180fd

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:11 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://win.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
167
expires
0
avjp
primis-d.openx.net/v/1.0/ Frame 6CE8 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=de17ad1b-62ed-462a-b45c-64c891dec194&nocache=1628057051099&gdpr_consent=&gdpr=1&schain=1.0,1!primis.tech,29909,1,,,&skip=1&auid=540289187&vwd=466&vht=262&aumfs=2340
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:11 GMT
via
1.1 google
server
OXGW/16.211.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://win.gg
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 6CE8 		0
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://win.gg
date
Wed, 04 Aug 2021 06:04:10 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 6CE8 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:10 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://win.gg
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
liveView.php
live.primis.tech/live/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=6&serverTime=1628057043&vid_playerVer=3.1.0&s=58057&sta=10715708&x=466&y=262&msta=14809216&vid_vastType=3&vid_viewabilityState=1&vid_passDomain=win.gg&subId=win.gg&debugInformation=&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=610a2dd2d60d7&rvn=${VP_RVN_MACRO}&attemptMultiplier=10&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1628057051089&uid=SekindoSPlayer610a2dd2f4056&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:10 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
content-type
image/gif
expires
Thu, 31 Dec 2037 23:55:55 GMT
bridge3.473.0_en.html
imasdk.googleapis.com/js/core/ Frame FC83 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.473.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://win.gg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://win.gg/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194074
date
Thu, 29 Jul 2021 08:18:39 GMT
expires
Fri, 29 Jul 2022 08:18:39 GMT
last-modified
Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
510332
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=49&serverTime=1628057043&vid_playerVer=3.1.0&s=104669&sta=0&x=750&y=424&vid_passDomain=win.gg&subId=win.gg&debugInformation=&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=610a2dd2d60d7&vImpOpportunityMultiplier=1&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1628057051210&uid=SekindoSPlayer610a2dd2f4056&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:10 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7BFA 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 05:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3275
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 04 Aug 2021 06:09:36 GMT
ptrack
a.audrte.com/ Frame CA08 		368 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=89.249.64.171&p=M1353665098&artime=2021-08-04T06:04:11.389Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ciUyRmNzeW5jJTNGdCUzRGElMjZlcCUzRDMwNzQ0MiUyNmV4dHVpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ci8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.106.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-106-87.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
dd043cd3a5d933300bc2d1b327840ba55246ae3ffe65aca8c6f6ccdfb4b39b4f

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:11 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
263
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=15238/rand=530791046/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/ Frame 7413
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=15238/rand=530791046/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
  • https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=530791046/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=530791046/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
5f5decd331382bd4a417d637036ac58d352288a4bf12f21f772ea86eca7ccbba

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/5/ct=y/c=15238/rand=530791046/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_cc_cc=ctst
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 04 Aug 2021 06:04:11 GMT
content-type
text/html;charset=utf-8
content-length
1165
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.10.60
set-cookie
_cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 01-May-2022 06:05:00 GMT;SameSite=None;Secure _cc_id=c2d52a1455cf78e0a258bdca2b96497d;Path=/;Domain=crwdcntrl.net;Expires=Sun, 01-May-2022 06:05:00 GMT;SameSite=None;Secure _cc_cc="ACZ4XmNQSDZKMTVKNDQxNU1OM7dINUg0MrVISklONEqyNDOxNE9hAIJELt3bP%2F%2F%2F%2F88P4kAAALbGDos%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 01-May-2022 06:05:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4XmNgYGBI5NK9DaSgAAARZwF0";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 01-May-2022 06:05:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin
*
server
Jetty(9.4.38.v20210224)

Redirect headers

date
Wed, 04 Aug 2021 06:04:11 GMT
content-length
0
location
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=530791046/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.15.138
set-cookie
_cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
server
Jetty(9.4.38.v20210224)
qmap
sync.crwdcntrl.net/ Frame 7413
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=2e92610a-2ddb-4500-862d-798fdf8e41c6
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=2e92610a-2ddb-4500-862d-798fdf8e41c6
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=530791046/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:11 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.29.188
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Wed, 04 Aug 2021 06:03:59 GMT
Server
MT3 3820 7698daf master zrh-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=2e92610a-2ddb-4500-862d-798fdf8e41c6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 04 Aug 2021 06:03:58 GMT
tpid=4139657704722061062
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 7413
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/c2d52a1455cf78e0a258bdca2b96497d/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4139657704722061062
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4139657704722061062
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=530791046/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:11 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.6.58
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4139657704722061062
pragma
no-cache
date
Wed, 04 Aug 2021 06:04:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
generic
match.adsrvr.org/track/cmf/ Frame 7413 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=530791046/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tpid=73522639935570750572091841601929039849
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 7413
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=c2d52a1455cf78e0a258bdca2b96497d&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=73522639935570750572091841601929039849
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=73522639935570750572091841601929039849
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=530791046/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:11 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.3.157
content-type
image/gif
content-length
49
expires
0

Redirect headers

DCS
dcs-prod-irl1-1-v012-037293239.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
dL5qj8pCQCQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=73522639935570750572091841601929039849
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
pixel
cm.g.doubleclick.net/ Frame 7413
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YzJkNTJhMTQ1NWNmNzhlMGEyNThiZGNhMmI5NjQ5N2Q
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YzJkNTJhMTQ1NWNmNzhlMGEyNThiZGNhMmI5NjQ5N2Q&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YzJkNTJhMTQ1NWNmNzhlMGEyNThiZGNhMmI5NjQ5N2Q&google_tc=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=530791046/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YzJkNTJhMTQ1NWNmNzhlMGEyNThiZGNhMmI5NjQ5N2Q&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
image.sbxx
global.ib-ibi.com/ Frame 7413 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=c2d52a1455cf78e0a258bdca2b96497d
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=530791046/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
HTTP/1.0
Security
TLS 1.2, RSA, AES_256_CBC
Server
69.169.85.6 Cranford, United States, ASN (),
Reverse DNS
Software
BigIP /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
close
Content-Length
0
Server
BigIP
pixel
ps.eyeota.net/ Frame CA08 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=4m1Su-jqg1HTUiWJh10eDuWLQ&gdpr=0&gdpr_consent=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.121.27.153 Frankfurt am Main, Germany, ASN (),
Reverse DNS
ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:11 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame CA08
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=4m1Su-jqg1HTUiWJh10eDuWLQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=4m1Su-jqg1HTUiWJh10eDuWLQ&gdpr=0&gdpr_consent=&google_gid=CAESEB2Ol3i883NDHYnxb5H-kNo&google_cver=1
  • https://a.audrte.com/p
68 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.106.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-106-87.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:11 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 04 Aug 2021 06:04:11 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
ps.eyeota.net/ Frame CA08
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=3901544780403911500
  • https://ps.eyeota.net/match?bid=kh51m51&uid=4m1Su-jqg1HTUiWJh10eDuWLQ&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=4m1Su-jqg1HTUiWJh10eDuWLQ&gdpr=0&gdpr_consent=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.121.27.153 Frankfurt am Main, Germany, ASN (),
Reverse DNS
ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 06:04:11 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Wed, 04 Aug 2021 06:04:11 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=4m1Su-jqg1HTUiWJh10eDuWLQ&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
integrator.js
adservice.google.com/adsid/ Frame 6CE8 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=win.gg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 04 Aug 2021 06:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame FC83 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F21734706084%2FMidMLprerollsdk&description_url=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&env=vp&correlator=3775166602613508&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1&unviewed_position_start=1&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=3423158834&sdk_apis=2%2C8&sid=0811CFA8-1703-484A-96AA-2E7EB29F0A2E&eid=420706098%2C44725355&url=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&dlt=1628057042933&idt=8317&dt=1628057051723&cookie_enabled=1&scor=4251354426297811&ged=ve4_td9_tt8_pd9_la9000_er881.-2700.1034.-2400_vi0.0.1200.1600_vp0_ts8_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:11 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=25&serverTime=1628057043&vid_playerVer=3.1.0&s=104669&sta=0&x=750&y=424&vid_passDomain=win.gg&subId=win.gg&debugInformation=&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=610a2dd2d60d7&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=1000&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1628057053132&uid=SekindoSPlayer610a2dd2f4056&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:12 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 6CE8 		173 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.136.38 Frankfurt am Main, Germany, ASN (),
Reverse DNS
ec2-52-59-136-38.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
530477aeab67350870f5aa03dd5ecfee55eff113a7fca2fc46ba3dd9877dc801

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:13 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://win.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
169
expires
0
translator
hbopenbid.pubmatic.com/ Frame 6CE8 		0
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://win.gg
date
Wed, 04 Aug 2021 06:04:12 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 6CE8 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:13 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://win.gg
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
171621
search.spotxchange.com/openrtb/2.3/dados/ Frame 6CE8 		0
975 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/171621?src_sys=prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 04 Aug 2021 06:04:13 GMT
X-SpotX-Timing-Transform
0.000280
X-SpotX-Timing-SpotMarket
0.014541
X-SpotX-Timing-Page-Mux
0.000254
X-SpotX-Timing-Page-Require
0.000305
X-fe
134
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.019283
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000446
Last-Modified
Wed, 04 Aug 2021 06:04:13 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.014541
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://win.gg
X-SpotX-Timing-Page-Misc
0.003443
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 6CE8 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.211.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-211-246.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://win.gg
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 6CE8 		67 B
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11961761&componentId=prebid&componentSubId=mustang&timestamp=1628057053184&pKey=-475353464&_fw_gdpr_consent=&_fw_gdpr=true&loc=https%3A%2F%2Fwin.gg%2F&playerSize=466x262&schain=1.0,1!primis.tech,29909,1,,,
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 06:04:13 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://win.gg
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1628057053092054-573
Expires
Wed, 04 Aug 2021 06:04:13 GMT
avjp
primis-d.openx.net/v/1.0/ Frame 6CE8 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b96eb7fe-c868-48d7-92dc-e249cc879ccd&nocache=1628057053184&gdpr_consent=&gdpr=1&schain=1.0,1!primis.tech,29909,1,,,&skip=1&auid=540289187&vwd=466&vht=262&aumfs=2080
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:13 GMT
via
1.1 google
server
OXGW/16.211.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://win.gg
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
liveView.php
live.primis.tech/live/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=6&serverTime=1628057043&vid_playerVer=3.1.0&s=58057&sta=13398078&x=466&y=262&msta=14809216&vid_vastType=3&vid_viewabilityState=1&vid_passDomain=win.gg&subId=win.gg&debugInformation=&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=610a2dd2d60d7&rvn=${VP_RVN_MACRO}&attemptMultiplier=10&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1628057053178&uid=SekindoSPlayer610a2dd2f4056&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:13 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
content-type
image/gif
expires
Thu, 31 Dec 2037 23:55:55 GMT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1628057043&vid_playerVer=3.1.0&s=104669&sta=0&x=750&y=424&vid_passDomain=win.gg&subId=win.gg&debugInformation=&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=610a2dd2d60d7&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=501&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1628057053188&uid=SekindoSPlayer610a2dd2f4056&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:12 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
bridge3.473.0_en.html
imasdk.googleapis.com/js/core/ Frame 06C5 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.473.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://win.gg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://win.gg/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194074
date
Thu, 29 Jul 2021 08:18:39 GMT
expires
Fri, 29 Jul 2022 08:18:39 GMT
last-modified
Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
510334
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=49&serverTime=1628057043&vid_playerVer=3.1.0&s=104669&sta=0&x=750&y=424&vid_passDomain=win.gg&subId=win.gg&debugInformation=&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=610a2dd2d60d7&vImpOpportunityMultiplier=1&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1628057053295&uid=SekindoSPlayer610a2dd2f4056&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:13 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D406 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 05:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 04 Aug 2021 06:09:36 GMT
integrator.js
adservice.google.com/adsid/ Frame 6CE8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=win.gg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 04 Aug 2021 06:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 06C5 		0
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F21734706084%2FMidMLprerollsdk&description_url=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&env=vp&correlator=164727212081790&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1&unviewed_position_start=1&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=3423158834&sdk_apis=2%2C8&sid=0811CFA8-1703-484A-96AA-2E7EB29F0A2E&eid=420706098%2C44725355&url=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&dlt=1628057042933&idt=10413&dt=1628057053808&cookie_enabled=1&scor=612943284382410&ged=ve4_td11_tt10_pd11_la11000_er881.-2700.1034.-2400_vi0.0.1200.1600_vp0_ts2_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 06:04:13 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=16&serverTime=1628057043&vid_playerVer=3.1.0&s=0&sta=14809216&x=466&y=262&vid_passDomain=win.gg&subId=win.gg&debugInformation=&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=610a2dd2d60d7&contentFileId=1603907&mediaPlayListId=8479&mediaListId=16567&contentMatchType=&isExcludeFromOpt=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1628057053854&uid=SekindoSPlayer610a2dd2f4056&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:13 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1628057043&vid_playerVer=3.1.0&s=104669&sta=0&x=750&y=424&vid_passDomain=win.gg&subId=win.gg&debugInformation=&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=610a2dd2d60d7&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=499&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1628057058174&uid=SekindoSPlayer610a2dd2f4056&pubUrl=https%3A%2F%2Fwin.gg%2Fnews%2F7962%2Fnickmercs-reveals-that-he-is-now-a-faze-clan-co-owner&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 06:04:17 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| adUnitPath object| didna function| admiral object| googletag function| __tcfapi function| __uspapi object| google_tag_manager object| dataLayer object| google_optimize object| twttr object| __twttrll object| __twttr object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState function| 4dm1r11545242527 object| __ctcg_65349_0_exec object| webpackJsonp_N_E undefined| _N_E object| regeneratorRuntime object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next function| hj object| _hjSettings function| onYouTubeIframeAPIReady object| google_tag_data object| ensightenOptions object| __BUILD_MANIFEST object| __SSG_MANIFEST object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| __NEXT_PRELOADREADY object| __NEXT_REDUX_WRAPPER_STORE__ boolean| sekindoFlowingPlayerOn object| ezstandalone string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent873 object| freewheelssp_cache object| closure_lm_818826 object| admrlWpJsonP

7 Cookies

Domain/Path Name / Value
.win.gg/ Name: _gat_UA-125662552-1
Value: 1
.win.gg/ Name: _ga_916JLHZYLF
Value: GS1.1.1628057042.1.1.1628057042.60
.win.gg/ Name: _gid
Value: GA1.2.2110887804.1628057043
.win.gg/ Name: _hjFirstSeen
Value: 1
.win.gg/ Name: _hjid
Value: dcc8e9b3-7ddb-41fd-b525-c90e49f54734
.win.gg/ Name: _ga
Value: GA1.2.1279408773.1628057043
win.gg/ Name: usprivacy
Value: 1---

4 Console Messages

Source Level URL
Text
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 127)
Message:
arResponse->{"pxcalls":"https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=4m1Su-jqg1HTUiWJh10eDuWLQ&gdpr=0&gdpr_consent=|https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=4m1Su-jqg1HTUiWJh10eDuWLQ&gdpr=0&gdpr_consent=|https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent="}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aa.agkn.com
aax-eu.amazon-adsystem.com
abs-0.twimg.com
ad.turn.com
ads.adaptv.advertising.com
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
adservice.google.com
analytics.google.com
api-data.win.gg
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
bn01.er.bemail.it
c.amazon-adsystem.com
c1.adform.net
cdn-images.win.gg
cdn.admatic.com.tr
cdn.syndication.twimg.com
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
creativecdn.com
cs.admanmedia.com
csync.loopme.me
d.turn.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
enormousearth.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
googleads.g.doubleclick.net
gu.dyntrk.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
ih.adscale.de
image6.pubmatic.com
images.getadmiral.com
imasdk.googleapis.com
js.adscale.de
js.cookieless-data.com
live.primis.tech
live.sekindo.com
loadeu.exelator.com
log.outbrainimg.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mwzeom.zeotap.com
nep.advangelists.com
nexus.ensighten.com
ob.cheqzone.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
obs.cheqzone.com
odb.outbrain.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.quantserve.com
pixel.sitescout.com
pixel.tapad.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid-server.rubiconproject.com
prg.smartadserver.com
primis-d.openx.net
ps.eyeota.net
rtb.openx.net
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s0.2mdn.net
script.hotjar.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adotmob.com
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
sync.search.spotxchange.com
sync.tidaltv.com
syndication.twitter.com
t.trafmag.com
tag.navdmp.com
tags.bluekai.com
tags.crwdcntrl.net
tcheck.outbrainimg.com
token.rubiconproject.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
u-ams02.e-planning.net
u.openx.net
ufo.approximity.com
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
vars.hotjar.com
video.primis.tech
widget-pixels.outbrain.com
widgets.outbrain.com
win.gg
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
x.bidswitch.net
104.109.78.125
104.111.215.191
104.244.42.8
104.244.43.131
13.224.90.44
13.224.96.104
13.224.96.22
13.224.96.3
13.224.96.61
13.224.96.63
142.250.186.66
142.250.74.194
143.204.98.95
151.1.205.165
151.101.14.132
151.101.14.49
162.55.6.212
168.119.79.223
178.162.133.149
178.250.2.151
18.156.0.31
18.184.122.71
18.184.95.242
18.197.253.20
185.183.112.148
185.184.8.65
185.220.204.204
185.29.132.245
185.33.220.145
185.64.189.112
185.64.189.115
185.86.139.96
185.94.180.124
185.94.180.126
193.200.65.5
2.18.232.28
2.18.233.180
2.18.233.201
2.18.234.190
2.18.234.21
2.18.234.233
2.19.35.65
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
212.129.3.112
212.82.100.182
2600:1f18:e8a:cd02:882c:d916:bae1:7722
2600:9000:2190:4600:f:4f64:8940:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::ac43:db6
2606:4700:20::681a:24e
2606:4700:3034::6815:4466
2606:4700::6810:cf3
2607:ae80:128:1::49
2a00:1288:110:c305::8000
2a00:1450:4001:808::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
2a00:1450:4001:827::2006
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9b
2a00:7c80:0:120::2
2a02:fa8:8806:16::1370
2a04:4e42:3::300
2a05:d018:24:b002:2591:850:d183:b9b4
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.120.211.246
3.120.44.238
3.121.27.153
3.90.195.16
34.98.67.61
35.157.168.25
35.176.195.187
35.186.253.211
35.190.74.49
35.201.81.244
35.227.248.159
35.244.159.8
37.157.2.236
37.157.4.24
37.157.4.39
46.249.52.249
5.178.65.245
5.178.65.253
51.178.20.139
51.89.9.254
52.17.37.134
52.206.55.189
52.208.103.128
52.24.213.82
52.31.176.223
52.35.68.139
52.46.130.91
52.51.228.134
52.59.136.38
52.70.17.21
52.95.124.170
54.205.106.87
54.246.13.173
54.36.109.47
54.78.254.47
62.149.0.72
62.209.227.211
63.250.57.179
63.34.109.205
64.202.112.159
66.155.71.25
69.169.85.6
69.173.144.139
72.251.244.142
76.223.111.131
85.114.159.118
88.214.206.247
89.163.159.107
89.187.169.47
91.228.74.189
005e8f1bfdd65e243061b1f178c32894ce558d94a3e01b06e6887b612addb3bc
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
033db15aa10648d707f79283aea15cff71c69fdd958c364a1886d1eb76b91eb0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07349829f72d9d95e5c985dbc1acb5e876272721c4b5f00700ec1053d6e297ee
09dae33c582394eed951c555509767c9a6dd115bf0fa4c59904eab718508e360
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11358d2115817389c001cc4e11e470ded0caa3999b0cc923c4c7c1459d36c345
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
14e47404c7ddf75fd3864c395ff69a83dba34fed682c29cb4f44c5210e913336
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
16111e76e07f9ad6bcabb5db5c092a7fdc7f35a75899e1b95eb9bca1849609bd
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
18de98eb4055c8ea53a6556a321c48b2b95b1137eb5e04724a586e5db016a532
1cc563d8358c3274ab7db0b7af5ab39f89ce81b5d8f9427169ef295522b2491e
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
208ce5794c5c322f94795bc511e84e5b0b91f9cb69edd4040a95a15b7eb08357
20ce1e31d8c3d5b345bd930bc92e447bcc0a218f796616ff02ce28bccdd71195
2156c9b64b81e943cba8562608e5169ad905494259731ebe07c8d70472456593
2179619d4ea1daa8e9dd10fadee9f787ac5fbab3b50ad2d8020c94b89c534e59
2212a2b2e78ff9aba6061ccad0f85b2a7cb899d17b36f9764dd2a9efec6fdf46
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
22b16769a41b564d450d644ba9b9e7189f65b8649df8f8bfe1b00e3328e2b931
267893f9fbc3c75119da25e5d96ee58e9c5cb43baed64724d50673cb3c4f77fb
26d788a2a593ee53a9126a76e00b1085b83c238ac207d89666ab75f855231f14
2880fbb26ad5becd41ec25a5c37da351ac77225bbf30d5a9ab8accf5728591cf
29126b49d2d42bd5d93e0dc093987fe2a2c6b572db6cdbc5ad9a727c18b54629
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ab9c263d57a65fc6ace46c35ad658615e57cd06b8c11e8667b211b3d5184388
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30bfbfd2afd72145b4358d0f30e7a4448e849e1822f36b399f6c5870675d1668
311b721d77428a51ccce1f2abdb54772d8b75b052ee2bcda088436bd8683c098
327e3c503d6de35b3318ced6ec369528d6bafc66d89b37da106340e3b128687a
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
37552af4a72f8b5b6c2e9d9f86c01cdaf27ff2f31b4257b56de5c52705b7ae82
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3b6d83d05ea7d9daf5347aab70f49c0e56a72514211e3a84018503f5ebb0c76a
3c883583b648ed37d07a85607a13036f04d6513a2c82fdddbf38eddbe4b35a8c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
401332272d60ca3c294a022966a96c4d342059269e4590d5967c8f515838e2cf
401d6d33be4bacd7816e48664acff8ecb9db32679f9068115a6b128aa72cdc34
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43319981414ac41f7d63edd19c7fac61d63b8ff6ddb66710f03f34b4a852c7e6
4474a3d7ba46486c040385a3c5d220a302c60c09a5ebd3a361cf495d8eecf460
449574733a518865245e30da571351ee5474f17dae2eb6831d4dc64fce74ac74
454e0aa8c5a3f313841100fe4cd9b93f94b0a04ad943de2321500d0ee8dffee3
4608d28254aa44ec2ffd9fdd3c30c92dd9e0dde76321d6c6169400808f81b310
4703e74548d17725c6b19435dea7c5a6360637bb7da29bba1cffb492a6021a36
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4bdfb79288321fe816d8e3e70c46bbba6fc703993b83f2d64a150439517a2dbd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e962fb036597ef2218da6584c918a2fd01c058d56b2323b40ae9d8b76e7a330
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5
51459bc6ffe473ac67f7b4a7342c9450f7a2958256f07e8c544f08d923041761
530477aeab67350870f5aa03dd5ecfee55eff113a7fca2fc46ba3dd9877dc801
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b869755b710428c09c6750917039e1ab75a5ee635dcbd7d1ccadd0ed90b62e
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5a5ab8a24329a106185ec8a5c028d77ec64d65ce9d7f90ef87e0b1ff9dfcdf70
5b5b3be5cad9f0035eac9efb0bbb7068d9fb710f698d1d12be9ed44d780638b5
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
5e0aeb27ad5ec940a7b1049848d9ac96fcc00a34653745b7796d695f9f25f508
5ef6ddbd1b8cd92a3e8717f00cacd3f22d743ff1a2bb635604f8b7291b07f471
5f5decd331382bd4a417d637036ac58d352288a4bf12f21f772ea86eca7ccbba
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
66cb5f472f7ebe23910758c6734dbc34fa7368c058f9d7ff5a5faa487f4c753b
676c93703ba03e337c79220b9eb51b31271d61d9cf75d48db31e8daa2315ccd2
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bd30b645d14cfaa8ef20b925cc399988632a40302e19a75dd4f1773915acff1
6bd82341efc9433c5b3508adcc7fe2e7ff798f547c264e1cf33a2c8358d4408a
6e6319374a8dc59b7bdbe554d655765c87d141192555234aea61a744a7da457f
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
6f7c000701966d628a19cb8a3e1e864731d2a5776f441283b3fc100b456be1e1
701784f8c4d3cd32c8ed24b6cab20adeadc8fb4e5104b33ed184ee9c1f2f9779
7172ea5ef19238dbec97b33822c3fbaa182c14eef9a493f67d9de7e641029030
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
74031ac6c7c47c1e2d12ce939fbbe21847af9aa873da008045b5b4d1e1901eb0
76c5a7aba79b325febdd7958f4fc8ab5b2ef0444c074ac3f9a684c1561cce291
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
782a87bd18241cdd7b1e30f3502d78d342c47dd564333ab5f775c22e8dfbf0e9
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7b0470c903d0fd5548f9603db3468b8494bbd75d4aeb5776db4de0eedbc06cab
7bad3757a05d7c6a22c30127a3be33478dd8fc8cef294a96a38487e1f8dad179
817c9e26e899e1a15f05f61538c4176b0d4d2af2fa873724165734784a430116
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856ab159a9a6cbdc7beb72fc35086e839adb48361d197135a92809e95b875345
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db003c434d44c22e939bf281767bca1e915c54bc01111a699f175d1a49fa82b
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
90805ba88e5c4c373b911c96d62b1d6a8bd6f496fa8ae838d600a4fb71618877
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
931ca5354842490663ba178423a8e05a5c29eb015e070a372810892721b59a8a
93c29ce6cc3f4160c09b068ac26e521c51950c41d336b6cf01742c3608da7f4a
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99d80f532327095f773bc1c082ccb44ffe5c8eed237bf2b5682c909534c3f1d0
9a006d898f97d3e99147e94a9af12df0b7ae91402c7f66d6b9017f0a361dacd2
9c3500c6354d6cca5ebe517dfad92ce8a1204579f9467cca0edd1a6d7a5b692e
9d5d37ac5c4b6d58f047b3f1afa99b6af61380bab3b52f6eab4d5dbdba423e24
9e2604c6dd17e24abb1fb6cc89b3ca24d6acc9a4ea33587198839686692aa4c1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e15885d6d7e1694c5d7cdaff3ed800baabe7359ddf0e70f632b903ec624fb9
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a14096bc82695a2e1cc6ddcbd350f7b01da21ba0193ceeea1b67423a2587c701
a1a7fda10c2e6661b80fd360916f9400af18a40fa6ee5ebb06064a21cbf81e16
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c77c8a40140006a30cd7142556f9d36ba4621bdd52e0ebf32fcb062f937768
a69c0de1cea125db41c1d1006d96df811952b87f283ff2f05c2a8421f82cf989
a6c31832e3de9bcade7f798071335a9d5cdb442e5d75a17d4b6445b7bf15bad3
a6e7f301865dbc0799e97f2aafdf2f2b9bbe5ddfdfa2812917e1d3474ba6fafe
a70847ac6d115607d96811480afe2786869edb9a9b292a0a5b2ed497e3b914e3
a751fe51dbc872521b7aa68bbaae29e857f0da3bb8667617bdf95223d00b6c8e
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab79308610ccbd255a20d6b3634d52ff71a8c52e8d745df516159453c518ca33
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adbedd1d88f252f9055d6186522f64804906fc6f7ea3ef64caac174c14c0032e
ae33dd22d81c7494fa59404d4dcb6e28dd2bc0346494efde5bbc630301d1592a
afaf030770c2cf3a5366c70816938f1d4e3530c8abeefbba4c4a738455533a56
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b20330f8362b22a7e6000f711335331a79e0917bb1d3675e235cefd568376fb5
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5f671f47fbef406042ec6fc6695021e4ce80a181cd4e0d7e8fdda046a8c3cdb
bc109aaa04ac88347286c49c508f732357a2d075032ff059575df1a77687434e
bc205ce5f18ada1fed59fad658ec3217ab686311da788fd979d3af2efb27f45d
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bde0e574a13019b31209cdaf12d997d181de16fd71bf1cdec0df758b04fef5e8
be1bd62aa178384fbd113383416ba4bc6c5ba02f3d9701e88d8b453d51f3ade7
bfe1c96d2b61be1e17839f9e3d734ba10701c7be4a38faff1a63f4aedc3d31de
c0040779f88cf461e73c11276dab124cf7211abb09c5e1d3d70339432086f664
c21cb0a9213d90cdbba376f8fae4c8b62239fd685202b6a21dd358eeb51192c8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c27df45175a03e1c61ee0b5d4e223a3e4a3ab08c7783f8bae33cfb1838b924c6
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7b7075df53dbdd01d1a0b0108b5f213d3f621f0f541ed3e838ab4239d8e7e7a
c8fc071d9c5e81cb429cf5177c5f761b378562e2738ac17c7d194c5779849afc
c9ab6b561a6aeddeaf8dcacafaae45c4d55fe4aa0a04b248c13839c1374180fd
cc33742f4eab551d4e76af8a2da85c3d2304d8252171d16a3e56207c0c073e93
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2675e89e82517fce2ec2237adaaa69475c7bc90c02084d9fd985dc1fef53692
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af
d32bd9f51b2a54f620f9693e833935c5e2cb2304cbf89aab75fd10f054711ce5
d47daf7894302e50f7b27a9f607cd2f18374631cae5182f3e44c6128c6949402
d4853ae6b057920b3b70a90949e268ad1bc488b95bc280e1d2a6dd58ba595cff
d63553c951a49b1f765f223a658cdec09bb5b8e8d59d083e8c4d753b3ee07542
d797964d6a83cb900b91942488c80147265bcdcd7011285f55698a6590e13914
d7ef12f5141b24238008cc55bd42ec04393d94072a91f8de29e4ff2bf15d08d7
dbb098b8d65e7422473cb1a73abf837a5b622d3b1c44af69cb738d7be8dd6b78
dca18eb730e3977305cdb36680103281682133622b49458399bc539727da487a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd043cd3a5d933300bc2d1b327840ba55246ae3ffe65aca8c6f6ccdfb4b39b4f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de85970b58c6156d5ae8460d92d7a94a64de75beff38e332a329b5cdb8428fd0
e2679a03abad1a4b61c41a3f39ea558d811bd68cbd9ac19a3217071a76db497a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c8cfe628899742b1717332ff98e584ed9d447a5ab7286dc09e0a70200cc803
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e678cde7350814ec8bf4d9bcd0de234b7bff4969de09bef80449d382a68301aa
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624
eabf38020de4da8165ab2763f43ee7f0bd88fdfe108adfe99bed02b1ce8dff4e
ec280066bf73144ca489e17349293da20108290ebfde1e1b8840e3435f53ad12
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ed02ce1d0bf58b6ea7e0b73f7d02493efeda20231da1992586311c6fceb618f4
eda59077110bb4dbfce02ce5acc0c70f587447df6a90ef2933d5b0e01b367258
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef20eda843e84e75529a1c8394834dfe45c6523918be2fdf437759a14cfd415f
f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac
f8600af365253367eb2aa286046845891806a10cf1ae337068fa331663a43cea
fa902e9c0a1ce118fa59f898fe9b4509e16172d7bf2dc86c9d629dbc3921ddad
fb046ae31caa2ca462183ad2c714ece6d905e0fb79fc463ad339946ec1c4f886
fb1283e3f33f34befc3708faa4e40927a2119e369d90b8fb234709f0265f2c8e
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5
fc57e92d2e36700dae12e71b5d6bda0529af71454b6cde671e7ba75f8f959a7b
ffdd35d15d7c994f9ec3ef787be1438de07081f4d5440cbb7b8562124b25ba8e