urlscan.io logo urlscan.io
SecurityTrails logo

www.monetti.se Open in urlscan Pro
143.204.209.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bmailer.link/t/c/5f5f5d4f-c9e2-4d7a-a193-2fbe75485873/630a90ae-e592-481e-bed4-c15c561ab45a
Effective URL: https://www.monetti.se/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=2683B77F098691D09DBA1F595A09...
Submission: On April 14 via api from IE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 7 countries across 34 domains to perform 46 HTTP transactions. The main IP is 143.204.209.111, located in United States and belongs to AMAZON-02, US. The main domain is www.monetti.se.
TLS certificate: Issued by Amazon on October 23rd 2020. Valid for: a year.
This is the only time www.monetti.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.161.249.143 14618 (AMAZON-AES)
1 1 13.48.168.251 16509 (AMAZON-02)
7 143.204.209.111 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 216.58.212.130 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 34.96.102.137 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 7 193.0.160.128 54312 (ROCKETFUEL)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 142.250.185.66 15169 (GOOGLE)
1 2 185.33.221.13 29990 (ASN-APPNEX)
1 2 23.45.110.176 16625 (AKAMAI-AS)
1 69.173.144.138 26667 (RUBICONPR...)
1 2 52.18.91.199 16509 (AMAZON-02)
1 2 184.30.20.241 16625 (AKAMAI-AS)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 3 35.244.174.68 15169 (GOOGLE)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 52.28.42.15 16509 (AMAZON-02)
1 52.48.18.249 16509 (AMAZON-02)
1 2 52.57.142.16 16509 (AMAZON-02)
1 2 3.124.210.90 16509 (AMAZON-02)
2 2 151.101.114.49 54113 (FASTLY)
1 104.108.144.24 16625 (AKAMAI-AS)
1 1 82.199.68.72 15830 (EQUINIX-C...)
1 1 99.84.156.42 16509 (AMAZON-02)
1 34.192.69.218 14618 (AMAZON-AES)
1 2a03:2880:f11... 32934 (FACEBOOK)
46 30
1    54.161.249.143 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-249-143.compute-1.amazonaws.com
bmailer.link
1    13.48.168.251 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-48-168-251.eu-north-1.compute.amazonaws.com
track.adtraction.com
7    143.204.209.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-111.fra53.r.cloudfront.net
www.monetti.se
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:20::681a:bdf (United States)

ASN13335 (CLOUDFLARENET, US)
www.datocms-assets.com
1    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net
www.googleadservices.com
3    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
ampcid.google.com
2    34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    2600:9000:20e8:d600:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)
c1.rfihub.net
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
7    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
20758032p.rfihub.com
a.rfihub.com
p.rfihub.com
2    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
2    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    23.45.110.176 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-110-176.deploy.static.akamaitechnologies.com
stags.bluekai.com
x.dlx.addthis.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    52.18.91.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-91-199.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    184.30.20.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2600:1f18:612b:4216:e85c:6960:b4aa:d253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
1    52.28.42.15 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-42-15.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    52.48.18.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-18-249.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    52.57.142.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-142-16.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
ps.eyeota.net
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    104.108.144.24 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-24.deploy.static.akamaitechnologies.com
contextual.media.net
1    82.199.68.72 (Zwolle, Netherlands)

ASN15830 (EQUINIX-CONNECT, GB)
bs.serving-sys.com
1    99.84.156.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-42.txl52.r.cloudfront.net
live.rezync.com
1    34.192.69.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-69-218.compute-1.amazonaws.com
bpi.rtactivate.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
7 rfihub.com
20758032p.rfihub.com
a.rfihub.com
p.rfihub.com
10 KB
7 monetti.se
www.monetti.se
226 KB
4 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
3 KB
3 rlcdn.com
idsync.rlcdn.com
983 B
3 google.de
www.google.de
ampcid.google.de
660 B
3 google.com
ampcid.google.com
www.google.com
731 B
2 everesttech.net
sync-tm.everesttech.net
607 B
2 eyeota.net
ps.eyeota.net
1 KB
2 bidswitch.net
x.bidswitch.net
863 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 casalemedia.com
dsum-sec.casalemedia.com
2 KB
2 demdex.net
dpm.demdex.net
2 KB
2 adnxs.com
ib.adnxs.com
2 KB
2 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com
2 KB
2 google-analytics.com
www.google-analytics.com
19 KB
1 facebook.com
www.facebook.com
259 B
1 rtactivate.com
bpi.rtactivate.com
109 B
1 rezync.com
live.rezync.com
786 B
1 serving-sys.com
bs.serving-sys.com
835 B
1 media.net
contextual.media.net
697 B
1 krxd.net
beacon.krxd.net
338 B
1 agkn.com
aa.agkn.com
238 B
1 tremorhub.com
partners.tremorhub.com
183 B
1 addthis.com
x.dlx.addthis.com
191 B
1 yahoo.com
ads.yahoo.com
446 B
1 rubiconproject.com
pixel.rubiconproject.com
743 B
1 bluekai.com
stags.bluekai.com
815 B
1 rfihub.net
c1.rfihub.net
6 KB
1 googleadservices.com
www.googleadservices.com
14 KB
1 datocms-assets.com
www.datocms-assets.com
230 KB
1 googletagmanager.com
www.googletagmanager.com
38 KB
1 googleapis.com
ajax.googleapis.com
32 KB
1 adtraction.com
track.adtraction.com
519 B
1 bmailer.link
bmailer.link
163 B
46 34
Domain Requested by
7 www.monetti.se www.monetti.se
5 p.rfihub.com 2 redirects
3 idsync.rlcdn.com 1 redirects
2 sync-tm.everesttech.net 2 redirects
2 ps.eyeota.net 1 redirects
2 x.bidswitch.net 1 redirects
2 sync.search.spotxchange.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 dpm.demdex.net 1 redirects
2 ib.adnxs.com 1 redirects
2 cm.g.doubleclick.net 2 redirects
2 www.google.de
2 www.google.com
2 dev.visualwebsiteoptimizer.com www.monetti.se
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.facebook.com
1 bpi.rtactivate.com
1 live.rezync.com 1 redirects
1 bs.serving-sys.com 1 redirects
1 contextual.media.net
1 beacon.krxd.net
1 aa.agkn.com
1 partners.tremorhub.com
1 x.dlx.addthis.com
1 ads.yahoo.com
1 pixel.rubiconproject.com
1 stags.bluekai.com 1 redirects
1 a.rfihub.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ampcid.google.de www.google-analytics.com
1 20758032p.rfihub.com c1.rfihub.net
1 googleads.g.doubleclick.net www.googleadservices.com
1 ampcid.google.com www.google-analytics.com
1 c1.rfihub.net www.monetti.se
1 www.googleadservices.com www.googletagmanager.com
1 www.datocms-assets.com www.monetti.se
1 www.googletagmanager.com www.monetti.se
1 ajax.googleapis.com www.monetti.se
1 track.adtraction.com 1 redirects
1 bmailer.link 1 redirects
46 40

This site contains links to these domains. Also see Links.

Domain
www.hallakonsument.se
Subject Issuer Validity Valid
monetti.se
Amazon		 2020-10-23 -
2021-11-22		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-06 -
2021-08-06		 a year crt.sh
www.googleadservices.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2020-06-19 -
2022-07-06		 2 years crt.sh
*.rfihub.net
Sectigo RSA Domain Validation Secure Server CA		 2021-02-10 -
2022-02-10		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2022-06-18		 2 years crt.sh
www.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-05-05		 a month crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-03-24 -
2022-03-30		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.eyeota.net
R3		 2021-02-28 -
2021-05-29		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
rtactivate.com
Amazon		 2020-06-11 -
2021-07-11		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.monetti.se/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=2683B77F098691D09DBA1F595A098A5C9D8D588D
Frame ID: B2FF33729C18A795934F41CDFC8CA8AF
Requests: 24 HTTP requests in this frame

Frame: https://20758032p.rfihub.com/ca.html?ver=9&rb=29222&ca=20758032&_o=29222&_t=20758032&pe=https%3A%2F%2Fwww.monetti.se%2F%3Futm_source%3Dadtraction%26utm_medium%3Dcpa%26utm_campaign%3Dadtraction%26at_gd%3D2683B77F098691D09DBA1F595A098A5C9D8D588D&pf=&ra=7329442342364401
Frame ID: A546361A06B325C2ADE1939320C91A7F
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bmailer.link/t/c/5f5f5d4f-c9e2-4d7a-a193-2fbe75485873/630a90ae-e592-481e-bed4-c15c561ab45a HTTP 302
    https://track.adtraction.com/t/t?a=23696960&as=1567858693&t=2&tk=1 HTTP 302
    https://www.monetti.se/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=2683B77F... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /dev\.visualwebsiteoptimizer\.com/i

Page Statistics

46
Requests

100 %
HTTPS

36 %
IPv6

34
Domains

40
Subdomains

30
IPs

7
Countries

587 kB
Transfer

1500 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bmailer.link/t/c/5f5f5d4f-c9e2-4d7a-a193-2fbe75485873/630a90ae-e592-481e-bed4-c15c561ab45a HTTP 302
    https://track.adtraction.com/t/t?a=23696960&as=1567858693&t=2&tk=1 HTTP 302
    https://www.monetti.se/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=2683B77F098691D09DBA1F595A098A5C9D8D588D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=ODc1NzM5MDI1OTM1NTY4MTA4&forward= HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEHM1rIcarQgDnUYyWQwrOSY&google_cver=1
Request Chain 25
  • https://ib.adnxs.com/setuid?entity=18&code=875739025935568108 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D875739025935568108
Request Chain 26
  • https://stags.bluekai.com/site/4722?id=875739025935568108&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
  • https://p.rfihub.com/cm?bk_uuid=m%2BZ4B99999YOiUjQ&forward=
Request Chain 28
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=875739025935568108&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=875739025935568108&redir=
Request Chain 29
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=875739025935568108&forward= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=875739025935568108&forward=&C=1
Request Chain 33
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=875739025935568108&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=875739025935568108&img=1&__user_check__=1&sync_id=66923424-9cf4-11eb-8036-1e1d47873506
Request Chain 37
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=875739025935568108&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=875739025935568108&expires=30
Request Chain 38
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=875739025935568108&bid=omt9pi0 HTTP 302
  • https://ps.eyeota.net/match/bounce/?uid=875739025935568108&bid=omt9pi0
Request Chain 39
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YHab8wAADj5z7QAC HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=YHab8wAADj5z7QAC&_test=YHab8wAADj5z7QAC
Request Chain 41
  • https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=17945&userid=865d3218-059e-47b8-8b18-61551b5916d5
Request Chain 42
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=875739025935568108&referrer=https%3A%2F%2Fwww.monetti.se%2F%3Futm_source%3Dadtraction%26utm_medium%3Dcpa%26utm_campaign%3Dadtraction%26at_gd%3D2683B77F098691D09DBA1F595A098A5C9D8D588D HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=11b53bd9-ceeb-4ef2-8c24-fd2a8a390c1e%3A1618385907.5&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D11b53bd9-ceeb-4ef2-8c24-fd2a8a390c1e%253A1618385907.5 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=11b53bd9-ceeb-4ef2-8c24-fd2a8a390c1e%3A1618385907.5 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESENYpF0i-zsmy72a2fI8EI_s&google_cver=1

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.monetti.se/
Redirect Chain
  • https://bmailer.link/t/c/5f5f5d4f-c9e2-4d7a-a193-2fbe75485873/630a90ae-e592-481e-bed4-c15c561ab45a
  • https://track.adtraction.com/t/t?a=23696960&as=1567858693&t=2&tk=1
  • https://www.monetti.se/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=2683B77F098691D09DBA1F595A098A5C9D8D588D
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.monetti.se/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=2683B77F098691D09DBA1F595A098A5C9D8D588D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-111.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ffde944ba27eb02becb34b6965e4f8dac314b77b8873f4fbea27c97ee407c0d

Request headers

:method
GET
:authority
www.monetti.se
:scheme
https
:path
/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=2683B77F098691D09DBA1F595A098A5C9D8D588D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html
last-modified
Mon, 15 Mar 2021 09:14:02 GMT
server
AmazonS3
content-encoding
gzip
date
Tue, 13 Apr 2021 19:55:48 GMT
etag
W/"19226f9fa5244dbc15815428315df7f5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
3Z8JR1ps_TDDL6vrfKO_b_Gk677g8_T0uo7WyUnBK8O-YylMfYC2Ow==
age
42159

Redirect headers

X-TraceId
4b42cc8d-0f7c-44a3-92ba-3dc7780479e4
Cache-Control
no-cache
Pragma
no-cache
Expires
-1
Access-Control-Allow-Origin
*
Set-Cookie
at_gd=2683B77F098691D09DBA1F595A098A5C9D8D588D; Max-Age=94608000; Path=/; Domain=track.adtraction.com; SameSite=None; Secure
Location
https://www.monetti.se/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=2683B77F098691D09DBA1F595A098A5C9D8D588D
Transfer-Encoding
chunked
Date
Wed, 14 Apr 2021 07:38:25 GMT
Connection
close
application-eeeb73c1.css
www.monetti.se/static-assets/stylesheets/ 		267 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.monetti.se/static-assets/stylesheets/application-eeeb73c1.css
Requested by
Host: www.monetti.se
URL: https://www.monetti.se/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=2683B77F098691D09DBA1F595A098A5C9D8D588D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-111.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e09bb0d6154df945ed241657501cba3946fa36eb99c1cc531b11d4755004bd0

Request headers

Referer
https://www.monetti.se/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=2683B77F098691D09DBA1F595A098A5C9D8D588D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 20:51:43 GMT
content-encoding
gzip
last-modified
Mon, 15 Mar 2021 09:14:03 GMT
server
AmazonS3
age
38804
etag
W/"993b0397bf37e18604af672f7edda12e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
Yk9MYqlcWFVPXKp0EE_QevylHdTvcxsYcuTFQdVU8tEewPs4x9bJzQ==
modernizr.custom-6a03e2c5.js
www.monetti.se/static-assets/javascripts/lib/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.monetti.se/static-assets/javascripts/lib/modernizr.custom-6a03e2c5.js
Requested by
Host: www.monetti.se
URL: https://www.monetti.se/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=2683B77F098691D09DBA1F595A098A5C9D8D588D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-111.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f06eb3219d3823bf808b72a98755c0ccbafac1a0e90facc834899ff3f249de3

Request headers

Referer
https://www.monetti.se/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=2683B77F098691D09DBA1F595A098A5C9D8D588D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 20:51:43 GMT
content-encoding
gzip
last-modified
Mon, 15 Mar 2021 09:14:03 GMT
server
AmazonS3
age
38804
etag
W/"989cf0a3c0b525bdcb89ea3a060af527"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
Ar3X97qDaL5fGQFquPhpxxndulj59zO0I2G7yTp7mYh4vA8l-MaH-Q==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: www.monetti.se
URL: https://www.monetti.se/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=2683B77F098691D09DBA1F595A098A5C9D8D588D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.monetti.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 06:47:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3061
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 06:47:25 GMT
application-6842826f.js
www.monetti.se/static-assets/javascripts/ 		645 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.monetti.se/static-assets/javascripts/application-6842826f.js
Requested by
Host: www.monetti.se
URL: https://www.monetti.se/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=2683B77F098691D09DBA1F595A098A5C9D8D588D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-111.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d989ea48fa553e1f055f2ca1ed087b3d0d3873754dcda6de3e573d73bc29d029

Request headers

Referer
https://www.monetti.se/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=2683B77F098691D09DBA1F595A098A5C9D8D588D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 20:51:43 GMT
content-encoding
gzip
last-modified
Mon, 15 Mar 2021 09:14:02 GMT
server
AmazonS3
age
38804
etag
W/"7691729b8be5b7316fb350998d9afdd5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
ConzmODuaGSLTWySG23tU-KxEJtWv2RDDko1K7Bz5ddriLKlI7brOg==
gtm.js
www.googletagmanager.com/ 		115 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WWCVFCG
Requested by
Host: www.monetti.se
URL: https://www.monetti.se/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=2683B77F098691D09DBA1F595A098A5C9D8D588D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f39c4c72241cc99bb559a5647d9582b679aa399a909732c5c83b3cb94a7fe5b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.monetti.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 07:38:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39219
x-xss-protection
0
last-modified
Wed, 14 Apr 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Apr 2021 07:38:26 GMT
brand-33ee7ca1.svg
www.monetti.se/static-assets/images/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.monetti.se/static-assets/images/brand-33ee7ca1.svg
Requested by
Host: www.monetti.se
URL: https://www.monetti.se/static-assets/stylesheets/application-eeeb73c1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-111.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
963fbf67ba19c1af5819d3caa41943387e96fb3a8eb592bc8d2625ddcf104ffc

Request headers

Referer
https://www.monetti.se/static-assets/stylesheets/application-eeeb73c1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 15:36:41 GMT
content-encoding
gzip
last-modified
Mon, 15 Mar 2021 09:14:02 GMT
server
AmazonS3
age
57706
etag
W/"fa017b58bf80a3ab95bef4f608e9f14e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
9I_Wx_EQMS7r0RHEXgLHreoArJ51jDeA_8gPwhsha2etxCqFJ-P4pg==
1527845142-deathtostockphotographyvibrant-10of20-1.jpg
www.datocms-assets.com/5784/ 		229 KB
230 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.datocms-assets.com/5784/1527845142-deathtostockphotographyvibrant-10of20-1.jpg?w=1920&auto=compression&q=50
Requested by
Host: www.monetti.se
URL: https://www.monetti.se/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=2683B77F098691D09DBA1F595A098A5C9D8D588D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33ab50b2aec17636074261cab34ea6b1d91d3e5868a3185a4bc16b65671947c3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.monetti.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-version
2
date
Wed, 14 Apr 2021 07:38:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
166460
x-cache
HIT, MISS
x-imgix-id
0632f95c7dd3cf28ab4a91d591a0d063b590c65b
x-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
234779
cf-request-id
0970ea436c00000625a5017000000001
x-served-by
cache-sjc10073-SJC, cache-fra19120-FRA
last-modified
Thu, 08 Apr 2021 15:14:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wIzro9u8K9qomUE8bvd5q5R6tuQ%2FToFBi3tNRBdcNVWs8J6Tr1TL8X6c3iX0kOvXfIrLrPciSNzL3gnvsoOl6tQEG8cZ99eEBiem9xyiklIQdEa5hkylTOgJD2ZFbib8bRGn"}],"group":"cf-nel"}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63fb464bdf650625-FRA
cf-bgj
h2pri
folkia-8e6f695a.woff
www.monetti.se/static-assets/fonts/oslo/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.monetti.se/static-assets/fonts/oslo/folkia-8e6f695a.woff
Requested by
Host: www.monetti.se
URL: https://www.monetti.se/static-assets/stylesheets/application-eeeb73c1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-111.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ce1738c27474a4c0c75267ce4a5a0ac1fbe49bde24a5a82124ef3891b154212

Request headers

Origin
https://www.monetti.se
Referer
https://www.monetti.se/static-assets/stylesheets/application-eeeb73c1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 20:51:43 GMT
via
1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
last-modified
Mon, 15 Mar 2021 09:14:02 GMT
server
AmazonS3
age
38804
etag
"9ff29c862aa94e92958497912eedd3ff"
x-cache
Hit from cloudfront
content-type
application/x-font-woff
x-amz-cf-pop
FRA53-C1
content-length
11956
x-amz-cf-id
Qmq1TXBHCTdHE3eF7JW-uf79PuzkAWAw_TRf0zhKyo7g2lYFSwQfsw==
folkiase-fe407bc3.woff
www.monetti.se/static-assets/fonts/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.monetti.se/static-assets/fonts/folkiase-fe407bc3.woff
Requested by
Host: www.monetti.se
URL: https://www.monetti.se/static-assets/stylesheets/application-eeeb73c1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-111.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7e7621719df406ffb1d9255b062fa1f35bee586f8ba32a72268ae8f729c792c

Request headers

Origin
https://www.monetti.se
Referer
https://www.monetti.se/static-assets/stylesheets/application-eeeb73c1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 20:51:43 GMT
via
1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
last-modified
Mon, 15 Mar 2021 09:14:02 GMT
server
AmazonS3
age
38804
etag
"e1ec47366e519fc035b5e12a71a84513"
x-cache
Hit from cloudfront
content-type
application/x-font-woff
x-amz-cf-pop
FRA53-C1
content-length
2196
x-amz-cf-id
wgjSKu3C-CwF5aJenrBOnJNp-_VDFp9GIUCyK_VTPxRkw5bwvaMpeg==
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WWCVFCG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
b0263231f63c5ab8511cb1af42a7347fbf17bd4c955b37cdec2ae48a66ed556c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.monetti.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 07:38:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13878
x-xss-protection
0
server
cafe
etag
605660838073198883
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 14 Apr 2021 07:38:26 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WWCVFCG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.monetti.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
6410
date
Wed, 14 Apr 2021 05:51:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Wed, 14 Apr 2021 07:51:36 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=40842&u=https%3A%2F%2Fwww.monetti.se%2F%3Futm_source%3Dadtraction%26utm_medium%3Dcpa%26utm_campaign%3Dadtraction%26at_gd%3D2683B77F098691D09DBA1F595A098A5C9D8D588D&r=0.0445884438205566
Requested by
Host: www.monetti.se
URL: https://www.monetti.se/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=2683B77F098691D09DBA1F595A098A5C9D8D588D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
d5e8218f8bf0f01360b621b5f9631d22da04b1f55a66b668cc27b2c43217d4a6

Request headers

Referer
https://www.monetti.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Apr 2021 07:38:26 GMT
via
1.1 google
server
gfra1
content-encoding
gzip
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
tc.min.js
c1.rfihub.net/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: www.monetti.se
URL: https://www.monetti.se/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=2683B77F098691D09DBA1F595A098A5C9D8D588D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:d600:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Referer
https://www.monetti.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 06:58:11 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 06:58:01 GMT
server
Jetty(9.3.29.v20201019)
age
2415
x-cache
Hit from cloudfront
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via
1.1 41232b1248b5064ae14550b383a46695.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
TXL52-C1
content-type
application/x-javascript
content-length
6162
x-amz-cf-id
pY67RhGAs9PAR52ld7O1YjBj7oXE3_LF8mL_GmT7rCmFEwDxTp5KCA==
expires
Wed, 14 Apr 2021 07:58:11 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.monetti.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Apr 2021 07:38:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.monetti.se
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1020640922/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1020640922/?random=1618385906860&cv=9&fst=1618385906860&num=1&label=e5tPCKz2tgIQmv3W5gM&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3v0&sendb=1&ig=1&data=conversion_language%3Den%3Bconversion_format%3D3%3Bconversion_color%3Dffffff%3Bconversion_value%3D0&frm=0&url=https%3A%2F%2Fwww.monetti.se%2F%3Futm_source%3Dadtraction%26utm_medium%3Dcpa%26utm_campaign%3Dadtraction%26at_gd%3D2683B77F098691D09DBA1F595A098A5C9D8D588D&tiba=Sms%20L%C3%A5n%20Snabbl%C3%A5n%20Mobill%C3%A5n%20%7C%20Monetti.se%20%E2%80%93%20L%C3%A5na%20pengar%20med%20smsl%C3%A5n&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf373308250fb7ec8135fbe1eea0b33769d4d0f96ec155657bdcfa6681922f3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.monetti.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 07:38:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1232
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set ca.html
20758032p.rfihub.com/ Frame A546 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20758032p.rfihub.com/ca.html?ver=9&rb=29222&ca=20758032&_o=29222&_t=20758032&pe=https%3A%2F%2Fwww.monetti.se%2F%3Futm_source%3Dadtraction%26utm_medium%3Dcpa%26utm_campaign%3Dadtraction%26at_gd%3D2683B77F098691D09DBA1F595A098A5C9D8D588D&pf=&ra=7329442342364401
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.1, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
d609eba16d2d6cafb2c1cad132765cb0504d157be2d67b0827ef238e9ce533e3

Request headers

Host
20758032p.rfihub.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.monetti.se/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.monetti.se/

Response headers

Date
Wed, 14 Apr 2021 07:38:27 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
eud=H4sIAAAAAAAAAJvFyGtoZmhhbGFqaWBuYGS4Co1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwuN_wldPwsq_xYafxMrmnncaO5H4y8SRuU_QuMDAFtghtYwAQAA; Path=/; Domain=.rfihub.com; Expires=Mon, 9 May 2022 07:38:27 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSsjA3NTe2NDAytTQ2NTWzMDSwEOIz1C0JdE30L680zfGOKpLiNTQztDC2MLU0MDcwtAAA1R_efjMAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 9 May 2022 07:38:27 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSsjA3NTe2NDAytTQ2NTWzMDSwEOIz1C0JdE30L680zfGOKgIAuHVsUSQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Cache-Control
no-cache
Content-Type
text/html;charset=utf-8
Content-Length
3229
Server
Jetty(9.3.29.v20201019)
/
www.google.com/pagead/1p-user-list/1020640922/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1020640922/?random=1618385906860&cv=9&fst=1618383600000&num=1&label=e5tPCKz2tgIQmv3W5gM&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3v0&sendb=1&data=conversion_language%3Den%3Bconversion_format%3D3%3Bconversion_color%3Dffffff%3Bconversion_value%3D0&frm=0&url=https%3A%2F%2Fwww.monetti.se%2F%3Futm_source%3Dadtraction%26utm_medium%3Dcpa%26utm_campaign%3Dadtraction%26at_gd%3D2683B77F098691D09DBA1F595A098A5C9D8D588D&tiba=Sms%20L%C3%A5n%20Snabbl%C3%A5n%20Mobill%C3%A5n%20%7C%20Monetti.se%20%E2%80%93%20L%C3%A5na%20pengar%20med%20smsl%C3%A5n&async=1&fmt=3&is_vtc=1&random=610014468&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.monetti.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 07:38:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1020640922/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1020640922/?random=1618385906860&cv=9&fst=1618383600000&num=1&label=e5tPCKz2tgIQmv3W5gM&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3v0&sendb=1&data=conversion_language%3Den%3Bconversion_format%3D3%3Bconversion_color%3Dffffff%3Bconversion_value%3D0&frm=0&url=https%3A%2F%2Fwww.monetti.se%2F%3Futm_source%3Dadtraction%26utm_medium%3Dcpa%26utm_campaign%3Dadtraction%26at_gd%3D2683B77F098691D09DBA1F595A098A5C9D8D588D&tiba=Sms%20L%C3%A5n%20Snabbl%C3%A5n%20Mobill%C3%A5n%20%7C%20Monetti.se%20%E2%80%93%20L%C3%A5na%20pengar%20med%20smsl%C3%A5n&async=1&fmt=3&is_vtc=1&random=610014468&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.monetti.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 07:38:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.monetti.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Apr 2021 07:38:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.monetti.se
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=40842&d=www.monetti.se&u=DB057907C7C6567476895AB19D63C5C1F&h=0d6b385fb6bb83f1ae6767e732ff98e1&t=false&r=0.26780997064848977
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.monetti.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 07:38:26 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
collect
www.google-analytics.com/j/ 		2 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1982227206&t=pageview&_s=1&dl=https%3A%2F%2Fwww.monetti.se%2F%3Futm_source%3Dadtraction%26utm_medium%3Dcpa%26utm_campaign%3Dadtraction%26at_gd%3D2683B77F098691D09DBA1F595A098A5C9D8D588D&ul=en-us&de=UTF-8&dt=Sms%20L%C3%A5n%20Snabbl%C3%A5n%20Mobill%C3%A5n%20%7C%20Monetti.se%20%E2%80%93%20L%C3%A5na%20pengar%20med%20smsl%C3%A5n&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAQCAC~&jid=528393749&gjid=395757309&cid=306956667.1618385907&tid=UA-15257579-1&_gid=1729130500.1618385907&_r=1&gtm=2wg3v0WWCVFCG&z=1878378028
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.monetti.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 07:38:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.monetti.se
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-15257579-1&cid=306956667.1618385907&jid=528393749&gjid=395757309&_gid=1729130500.1618385907&_u=YEBAAEAAAAQCAC~&z=265248782
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.monetti.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 14 Apr 2021 07:38:26 GMT
content-type
text/plain
access-control-allow-origin
https://www.monetti.se
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-15257579-1&cid=306956667.1618385907&jid=528393749&_u=YEBAAEAAAAQCAC~&z=20947507
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.monetti.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 07:38:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-15257579-1&cid=306956667.1618385907&jid=528393749&_u=YEBAAEAAAAQCAC~&z=20947507
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.monetti.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 07:38:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
a.rfihub.com/ Frame A546
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=ODc1NzM5MDI1OTM1NTY4MTA4&forward=
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEHM1rIcarQgDnUYyWQwrOSY&google_cver=1
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEHM1rIcarQgDnUYyWQwrOSY&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.1, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://20758032p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Apr 2021 07:38:27 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 14 Apr 2021 07:38:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEHM1rIcarQgDnUYyWQwrOSY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame A546
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=18&code=875739025935568108
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D875739025935568108
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D875739025935568108
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://20758032p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Apr 2021 07:38:27 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 729.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.51:80
AN-X-Request-Uuid
662f212a-d85c-4ddd-899c-50db16ffaf87
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 14 Apr 2021 07:38:27 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 729.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.39:80
AN-X-Request-Uuid
64ee5c26-7ee3-47ad-aa9e-24a1c4ac8471
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D875739025935568108
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
p.rfihub.com/ Frame A546
Redirect Chain
  • https://stags.bluekai.com/site/4722?id=875739025935568108&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D
  • https://p.rfihub.com/cm?bk_uuid=m%2BZ4B99999YOiUjQ&forward=
42 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?bk_uuid=m%2BZ4B99999YOiUjQ&forward=
Protocol
HTTP/1.1
Security
TLS 1.1, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://20758032p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Apr 2021 07:38:27 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://p.rfihub.com/cm?bk_uuid=m%2BZ4B99999YOiUjQ&forward=
Date
Wed, 14 Apr 2021 07:38:27 GMT
Connection
keep-alive
Content-Length
0
BK-Server
768c
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
tap.php
pixel.rubiconproject.com/ Frame A546 		42 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=875739025935568108
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://20758032p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
demconf.jpg
dpm.demdex.net/ Frame A546
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=875739025935568108&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=875739025935568108&redir=
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=875739025935568108&redir=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.91.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-91-199.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://20758032p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v090-0188ea238.edge-irl1.demdex.com 5.80.7.20210304103356 1ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
dcffR8J/SZA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
MuDXMbe2T9c=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=875739025935568108&redir=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A546
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=875739025935568108&forward=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=875739025935568108&forward=&C=1
43 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=875739025935568108&forward=&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://20758032p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Apr 2021 07:38:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 14 Apr 2021 07:38:27 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 14 Apr 2021 07:38:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=875739025935568108&forward=&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
294
Expires
Wed, 14 Apr 2021 07:38:27 GMT
v1
ads.yahoo.com/cms/ Frame A546 		0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~84c296ca4cae9f73fbcc48363a3cd4cd34be98f5&nwid=10000648372&sigv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://20758032p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 07:38:27 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
360947.gif
idsync.rlcdn.com/ Frame A546 		42 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/360947.gif?partner_uid=875739025935568108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://20758032p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Apr 2021 07:38:27 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
rocketfuel_sync
x.dlx.addthis.com/e/ Frame A546 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=875739025935568108
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.110.176 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-110-176.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

Referer
https://20758032p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 07:38:27 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 14 Apr 2021 07:38:27 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame A546
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=875739025935568108&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=875739025935568108&img=1&__user_check__=1&sync_id=66923424-9cf4-11eb-8036-1e1d47873506
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=875739025935568108&img=1&__user_check__=1&sync_id=66923424-9cf4-11eb-8036-1e1d47873506
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://20758032p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Apr 2021 07:38:27 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
85
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Wed, 14 Apr 2021 07:38:27 GMT
Server
nginx
Location
/partner?adv_id=7180&uid=875739025935568108&img=1&__user_check__=1&sync_id=66923424-9cf4-11eb-8036-1e1d47873506
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
104
Connection
keep-alive
Content-Length
0
sync
partners.tremorhub.com/ Frame A546 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIRF=875739025935568108&r=u58n6_A_VeOC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:e85c:6960:b4aa:d253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://20758032p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 07:38:27 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
g.pixel
aa.agkn.com/adscores/ Frame A546 		43 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=875739025935568108
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.42.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-42-15.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://20758032p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 07:38:27 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame A546 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=875739025935568108
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.18.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-18-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://20758032p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 07:38:27 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1618385907
x-served-by
beacon-n015-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ul_cb/ Frame A546
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=875739025935568108&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=875739025935568108&expires=30
43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=875739025935568108&expires=30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.142.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-142-16.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://20758032p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 07:38:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=875739025935568108&expires=30
date
Wed, 14 Apr 2021 07:38:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
ps.eyeota.net/match/bounce/ Frame A546
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=875739025935568108&bid=omt9pi0
  • https://ps.eyeota.net/match/bounce/?uid=875739025935568108&bid=omt9pi0
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match/bounce/?uid=875739025935568108&bid=omt9pi0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://20758032p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Apr 2021 07:38:27 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/match/bounce/?uid=875739025935568108&bid=omt9pi0
Date
Wed, 14 Apr 2021 07:38:27 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
cm
p.rfihub.com/ Frame A546
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YHab8wAADj5z7QAC
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=YHab8wAADj5z7QAC&_test=YHab8wAADj5z7QAC
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?in=1&pub=21653&userid=YHab8wAADj5z7QAC&_test=YHab8wAADj5z7QAC
Protocol
HTTP/1.1
Security
TLS 1.1, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://20758032p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Apr 2021 07:38:27 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 14 Apr 2021 07:38:27 GMT
via
1.1 varnish
server
Varnish
x-timer
S1618385907.413376,VS0,VE0
x-served-by
cache-hhn4072-HHN
x-cache
HIT
location
https://p.rfihub.com/cm?in=1&pub=21653&userid=YHab8wAADj5z7QAC&_test=YHab8wAADj5z7QAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cksync.php
contextual.media.net/ Frame A546 		46 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=875739025935568108
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.144.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://20758032p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 14 Apr 2021 07:38:27 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
46
x-mnet-hl2
E
expires
Wed, 14 Apr 2021 07:38:27 GMT
cm
p.rfihub.com/ Frame A546
Redirect Chain
  • https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
  • https://p.rfihub.com/cm?in=1&pub=17945&userid=865d3218-059e-47b8-8b18-61551b5916d5
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?in=1&pub=17945&userid=865d3218-059e-47b8-8b18-61551b5916d5
Protocol
HTTP/1.1
Security
TLS 1.1, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://20758032p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Apr 2021 07:38:27 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma
no-cache
Date
Wed, 14 Apr 2021 07:38:26 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
CP="NOI DEVa OUR BUS UNI"
Location
https://p.rfihub.com/cm?in=1&pub=17945&userid=865d3218-059e-47b8-8b18-61551b5916d5
Cache-Control
no-cache, no-store
Content-Type
text/html; charset=UTF-8
Content-Length
213
Expires
Sun, 05-Jun-2005 22:00:00 GMT
362358.gif
idsync.rlcdn.com/ Frame A546
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=875739025935568108&referrer=https%3A%2F%2Fwww.monetti.se%2F%3Futm_source%3Dadtraction%26utm_medium%3Dcpa%26utm_campaign%3Dadtrac...
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=11b53bd9-ceeb-4ef2-8c24-fd2a8a390c1e%3A1618385907.5&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D11b53bd9-ceeb-4ef2-8c24-fd2a8a390c1e%...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=11b53bd9-ceeb-4ef2-8c24-fd2a8a390c1e%3A1618385907.5
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESENYpF0i-zsmy72a2fI8EI_s&google_cver=1
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESENYpF0i-zsmy72a2fI8EI_s&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://20758032p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Apr 2021 07:38:27 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 14 Apr 2021 07:38:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESENYpF0i-zsmy72a2fI8EI_s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
bpi.rtactivate.com/tag/ Frame A546 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=11017&user_id=875739025935568108
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.69.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-69-218.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://20758032p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 07:38:27 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
tr
www.facebook.com/ Frame A546 		44 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=582796771920883&ev=PixelInitialized&ts=1618385907018&cd[aid]=20758032
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://20758032p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 07:38:27 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 14 Apr 2021 07:38:27 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| html5 object| Modernizr function| yepnope function| $ function| jQuery object| I18n object| _base object| handlebars object| errorProps object| jQuery1102011307681749544929 object| Folkia function| Spinner object| Handlebars object| SecondLevelDomains function| URI function| Cookies object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _vwo_code number| settings_timer number| _vwo_settings_timer function| _rfi object| gaplugins function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| vwo_iehack_queue object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
.monetti.se/ Name: AMP_TOKEN
Value: %24RETRIEVING
.monetti.se/ Name: _gcl_au
Value: 1.1.279134584.1618385907
.monetti.se/ Name: at_gd
Value: 2683B77F098691D09DBA1F595A098A5C9D8D588D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20758032p.rfihub.com
a.rfihub.com
aa.agkn.com
ads.yahoo.com
ajax.googleapis.com
ampcid.google.com
ampcid.google.de
beacon.krxd.net
bmailer.link
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
cm.g.doubleclick.net
contextual.media.net
dev.visualwebsiteoptimizer.com
dpm.demdex.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
live.rezync.com
p.rfihub.com
partners.tremorhub.com
pixel.rubiconproject.com
ps.eyeota.net
stags.bluekai.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
track.adtraction.com
www.datocms-assets.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.monetti.se
x.bidswitch.net
x.dlx.addthis.com
104.108.144.24
13.48.168.251
142.250.185.66
143.204.209.111
151.101.114.49
184.30.20.241
185.33.221.13
185.94.180.125
193.0.160.128
216.58.212.130
23.45.110.176
2600:1f18:612b:4216:e85c:6960:b4aa:d253
2600:9000:20e8:d600:1:76cf:fe80:93a1
2606:4700:20::681a:bdf
2a00:1288:80:800::7000
2a00:1450:4001:801::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:829::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:400c:c00::9b
2a03:2880:f11c:8183:face:b00c:0:25de
3.124.210.90
34.192.69.218
34.96.102.137
35.244.174.68
52.18.91.199
52.28.42.15
52.48.18.249
52.57.142.16
54.161.249.143
69.173.144.138
82.199.68.72
99.84.156.42
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1f06eb3219d3823bf808b72a98755c0ccbafac1a0e90facc834899ff3f249de3
33ab50b2aec17636074261cab34ea6b1d91d3e5868a3185a4bc16b65671947c3
3ffde944ba27eb02becb34b6965e4f8dac314b77b8873f4fbea27c97ee407c0d
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
6ce1738c27474a4c0c75267ce4a5a0ac1fbe49bde24a5a82124ef3891b154212
6e09bb0d6154df945ed241657501cba3946fa36eb99c1cc531b11d4755004bd0
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
963fbf67ba19c1af5819d3caa41943387e96fb3a8eb592bc8d2625ddcf104ffc
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
b0263231f63c5ab8511cb1af42a7347fbf17bd4c955b37cdec2ae48a66ed556c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7e7621719df406ffb1d9255b062fa1f35bee586f8ba32a72268ae8f729c792c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf373308250fb7ec8135fbe1eea0b33769d4d0f96ec155657bdcfa6681922f3b
d5e8218f8bf0f01360b621b5f9631d22da04b1f55a66b668cc27b2c43217d4a6
d609eba16d2d6cafb2c1cad132765cb0504d157be2d67b0827ef238e9ce533e3
d989ea48fa553e1f055f2ca1ed087b3d0d3873754dcda6de3e573d73bc29d029
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39c4c72241cc99bb559a5647d9582b679aa399a909732c5c83b3cb94a7fe5b0
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4