urlscan.io logo urlscan.io
SecurityTrails logo

dir.foundation Open in urlscan Pro
199.36.158.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://descuentosrata.com/redirect?url=http://dir.foundation
Effective URL: https://dir.foundation/
Submission: On January 09 via manual from FR — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 13 domains to perform 36 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is dir.foundation.
TLS certificate: Issued by GTS CA 1D4 on December 31st 2023. Valid for: 3 months.
This is the only time dir.foundation was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 52.152.143.207 8075 (MICROSOFT...)
1 2 199.36.158.100 54113 (FASTLY)
36 14
12    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
descuentosrata.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2606:4700:20::681a:66c (United States)

ASN13335 (CLOUDFLARENET, US)
tracker.metricool.com
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    52.152.143.207 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
o.clarity.ms
2    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
dir.foundation
Apex Domain
Subdomains		 Transfer
12 descuentosrata.com
descuentosrata.com
cerebro.descuentosrata.com Failed
509 KB
4 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1280
o.clarity.ms — Cisco Umbrella Rank: 13024
27 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4237
onesignal.com — Cisco Umbrella Rank: 1212
65 KB
2 dir.foundation
dir.foundation
1 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 79
69 KB
2 metricool.com
tracker.metricool.com — Cisco Umbrella Rank: 40449
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
2 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1695
255 B
1 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
137 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1429
7 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
29 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
90 KB
0 bing.com Failed
c.bing.com Failed
36 13
Domain Requested by
12 descuentosrata.com descuentosrata.com
static.cloudflareinsights.com
2 dir.foundation 1 redirects
2 o.clarity.ms www.clarity.ms
2 cdn.onesignal.com descuentosrata.com
cdn.onesignal.com
2 www.youtube.com descuentosrata.com
www.youtube.com
2 www.clarity.ms descuentosrata.com
www.clarity.ms
2 tracker.metricool.com descuentosrata.com
2 fonts.googleapis.com descuentosrata.com
1 onesignal.com cdn.onesignal.com
1 region1.google-analytics.com www.googletagmanager.com
1 securepubads.g.doubleclick.net www.googletagservices.com
1 static.cloudflareinsights.com descuentosrata.com
1 www.googletagservices.com descuentosrata.com
1 www.googletagmanager.com descuentosrata.com
0 c.bing.com Failed
0 cerebro.descuentosrata.com Failed descuentosrata.com
36 16

This site contains no links.

Subject Issuer Validity Valid
descuentosrata.com
GTS CA 1P5		 2023-12-03 -
2024-03-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
metricool.com
GTS CA 1P5		 2023-12-10 -
2024-03-09		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
auth.hacuna.io
GTS CA 1D4		 2023-12-31 -
2024-03-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dir.foundation/
Frame ID: 49C5749DA9B29A7F28A840C8B0C9E33D
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Site Under Maintenance

Page URL History Show full URLs

  1. https://descuentosrata.com/redirect?url=http://dir.foundation Page URL
  2. http://dir.foundation/ HTTP 301
    https://dir.foundation/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Page Statistics

36
Requests

86 %
HTTPS

85 %
IPv6

13
Domains

16
Subdomains

14
IPs

3
Countries

937 kB
Transfer

3481 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://descuentosrata.com/redirect?url=http://dir.foundation Page URL
  2. http://dir.foundation/ HTTP 301
    https://dir.foundation/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=78B6451AC0084BDB9CF7B5B2C1B05251&RedC=c.clarity.ms&MXFR=257AE2B95FCB69670758F6B85BCB67F8

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
redirect
descuentosrata.com/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://descuentosrata.com/redirect?url=http://dir.foundation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
207d187a58333863140eca6eb65113c830d9f969592cf45673bfbfd1db4858ee

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
842aeccefc680a7b-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 07:21:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Im%2B6bPlH42TFbpNrl%2BgaV4JVDMwNBkuNMbR0JB1qyN4tkJAUGQA2cCqvi8UNPmZNJFZOLJ4IVuozPAge6Z7p3FL8WAjo%2FWFuVYY9e1G5LtA5mTEKIZ1fxdwnlGRezqVL3Kb9jagSqgrnGZ%2FjjnSrmgc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-rata-status
MISS
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap
Requested by
Host: descuentosrata.com
URL: https://descuentosrata.com/redirect?url=http://dir.foundation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 09 Jan 2024 07:21:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 07:16:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Jan 2024 07:21:43 GMT
css2
fonts.googleapis.com/ 		3 KB
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;700&display=swap
Requested by
Host: descuentosrata.com
URL: https://descuentosrata.com/redirect?url=http://dir.foundation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b09a031a5d1c809144341f52fd845a5cf075cdafe805b9c0128961d2c219c532
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 09 Jan 2024 07:21:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 06:40:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Jan 2024 07:21:43 GMT
js
www.googletagmanager.com/gtag/ 		267 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4L4BD5W18G
Requested by
Host: descuentosrata.com
URL: https://descuentosrata.com/redirect?url=http://dir.foundation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
89cb1fe966934c7ba171b04045e12efd02052c16ed7c23d9cf9e1748f694dcd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:21:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91320
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 09 Jan 2024 07:21:44 GMT
ga.js
descuentosrata.com/ 		174 B
539 B 		Script
General
Check archive.org
Download Go to
Full URL
https://descuentosrata.com/ga.js?id=G-4L4BD5W18G
Requested by
Host: descuentosrata.com
URL: https://descuentosrata.com/redirect?url=http://dir.foundation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
632e28011a0b0a682b5f941523f9ffb667663b4c10e74620d60bc1a4ebd554c5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/redirect?url=http://dir.foundation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:21:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 28 Nov 2023 15:56:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"ae-18c16a5bd2e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yu0jvLvWwE6%2BujvbMu7ZgRu%2B0bucwDCg0UfUWKMsCipOPhw%2FcX%2FGuiomj5xTjEx3iT%2BCEuYWIJ5AE1c%2FFm5%2F7Bnq6erauuDK3Nq%2Bt5bAW7C7BTIFTg6y5q5TrKx0vZSnysclWygBs8FoPm6Jn%2FS4yHo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-rata-status
STALE
cache-control
max-age=345600
cf-ray
842aecd13f0f0a7b-AMS
alt-svc
h3=":443"; ma=86400
gpt.js
www.googletagservices.com/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: descuentosrata.com
URL: https://descuentosrata.com/redirect?url=http://dir.foundation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
905bdcd4898a9585dc7ac1d4b6e44eb25885bd9253cd66f4ed1a4da819fb55f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:21:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29294
x-xss-protection
0
server
cafe
etag
895 / 19731 / m202401020101 / config-hash: 6914489111508300537
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 09 Jan 2024 07:21:44 GMT
f688f5a.js
descuentosrata.com/_nuxt/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://descuentosrata.com/_nuxt/f688f5a.js
Requested by
Host: descuentosrata.com
URL: https://descuentosrata.com/redirect?url=http://dir.foundation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f8ed1c6daba47079cc52c71de8874476177271aa4f5e5c38ab9baaec824210b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/redirect?url=http://dir.foundation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:21:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 08 Jan 2024 15:50:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1a04-18ce9c4d8e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muHrE7OxcUfnSD69dnXIFPPwJY7XhAYhA22pIJWbGH82mHn38ewSKgRhNJB1e4B%2FOj40aa2DQ8d2aaRVZ%2FCgnMzJMJOSwMizSCjWrhojRS6axn34EG%2F%2BVV2j5yCoSiXdANEU8zgZGVhXl6XgM6V4SUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-rata-status
STALE
cache-control
max-age=345600
cf-ray
842aecd13f110a7b-AMS
alt-svc
h3=":443"; ma=86400
0dcaa55.js
descuentosrata.com/_nuxt/ 		268 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://descuentosrata.com/_nuxt/0dcaa55.js
Requested by
Host: descuentosrata.com
URL: https://descuentosrata.com/redirect?url=http://dir.foundation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19e612f1d0da3d04928a91633f88968ec412eabaccf1ee25db6801801740eb9a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/redirect?url=http://dir.foundation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:21:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 08 Jan 2024 15:50:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"42efc-18ce9c4cee8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stLLHayVsdizm9aXQIAFwEdtl1eCX7GjZlLL1XpmZrBKukx3whDdZRPt98TSu2RUXCPe0S06KV73sQVEqZpk9ixUPyvChxx%2FobmzvL%2BnkYm1ME6%2BhZOBW4DVVmUBoctCqweWX7ZOPf%2FLPZm9nnu0t%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-rata-status
STALE
cache-control
max-age=345600
cf-ray
842aecd13f140a7b-AMS
alt-svc
h3=":443"; ma=86400
8a4eb8d.css
descuentosrata.com/_nuxt/css/ 		214 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://descuentosrata.com/_nuxt/css/8a4eb8d.css
Requested by
Host: descuentosrata.com
URL: https://descuentosrata.com/redirect?url=http://dir.foundation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46f2ce6170d3fb1ab46c0e9b69ea8d4fdc9219ebfb86b4fdc55b8a562b67f956

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/redirect?url=http://dir.foundation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:21:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Mon, 08 Jan 2024 15:50:43 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"3563f-18ce9c4e1d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WY2Lf8oYeObjIl4dL5M1xiBLksu4j1akoRsfKj6nIFMclTBMdNpB%2FB7GRQOMEKhMOvfz%2FjUZYpU37ao%2BRBrdVi0rdxz7Dmf8o0v5qGGxUytGb4HgXXmfYAnUJ0sumFPuEE6RkIIYPnJO675As2dyAe8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
x-rata-status
STALE
cache-control
max-age=345600
cf-ray
842aecd13f0c0a7b-AMS
alt-svc
h3=":443"; ma=86400
993bebd.js
descuentosrata.com/_nuxt/ 		1 MB
323 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://descuentosrata.com/_nuxt/993bebd.js
Requested by
Host: descuentosrata.com
URL: https://descuentosrata.com/redirect?url=http://dir.foundation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c79ed1cc14b2155e02b16f86d20e00e51e1788f7fe1580b352a9a286d57c63f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/redirect?url=http://dir.foundation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:21:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 08 Jan 2024 15:50:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1644a7-18ce9c4db18"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6dWP0cUha7B9eM5Hn%2BbLy4MkPRcau0St7KGy5kpN8vUP03XPwntNBkLNOPIm%2FP5yH1bKyfyK0bksR6SN4TK%2F1D3YsxEIMZceTuPCB19OJaBstChdetxdykVs7ugJYnmMc9Upf1ZK2z6GM94k61Dfs8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-rata-status
STALE
cache-control
max-age=345600
cf-ray
842aecd13f170a7b-AMS
alt-svc
h3=":443"; ma=86400
3e48d41.css
descuentosrata.com/_nuxt/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://descuentosrata.com/_nuxt/css/3e48d41.css
Requested by
Host: descuentosrata.com
URL: https://descuentosrata.com/redirect?url=http://dir.foundation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b4407dc7310e326ecdeaa9e11acfa164b27b8d8ee9f4585c50ad8da72e2bd0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/redirect?url=http://dir.foundation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:21:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=21343
x-rata-status
STALE
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 Jan 2024 15:50:43 GMT
server
cloudflare
etag
W/"535f-18ce9c4e1a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1USrtqBsdA2Na3OAQO219ApIer6zPHghMpzJy3KNdShba3NDqhESh1qCvDN4KLXBdJl%2Bek4IBMqFGtbrmUN6UXVSV621gAI%2Fsl35zOMfh0mfvdRgQPoKwXfJobYToWKc%2BSZsiyLmgvmLQjj16Kpcys%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
max-age=345600
cf-ray
842aecd13f0d0a7b-AMS
6efe0b0.js
descuentosrata.com/_nuxt/ 		156 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://descuentosrata.com/_nuxt/6efe0b0.js
Requested by
Host: descuentosrata.com
URL: https://descuentosrata.com/redirect?url=http://dir.foundation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d4b1d3cac9301de736a954339603036307f048098162d3a61c9cfbf03897fe4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/redirect?url=http://dir.foundation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:21:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 08 Jan 2024 15:50:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2714c-18ce9c4d7f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Sy8KwQkSIxw4qQsh85In8qzmcKaRXjjdYDI5L6tWXk1uyUpQhu4YT5H3wnTX4yPMxPQKX3sXT2IELvcmENsbKkFpkCwGk9cxNKFiLIhCxIJNCxiQe18aCbUFKtoQPKbdy9V%2BcJvQjnWQc%2Bfu4LKnPw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-rata-status
STALE
cache-control
max-age=345600
cf-ray
842aecd13f180a7b-AMS
alt-svc
h3=":443"; ma=86400
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: descuentosrata.com
URL: https://descuentosrata.com/redirect?url=http://dir.foundation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://descuentosrata.com/
Origin
https://descuentosrata.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:21:44 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
842aecd3a8a90a5c-AMS
be.js
tracker.metricool.com/resources/ 		379 B
814 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.metricool.com/resources/be.js
Requested by
Host: descuentosrata.com
URL: https://descuentosrata.com/redirect?url=http://dir.foundation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e62a8daa779d16b2c25d343db85f6501e334632b0eeafd7d9f5bc5b8f96367
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:21:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
146204
alt-svc
h3=":443"; ma=86400
pragma
no-cache
cf-bgj
minify
last-modified
Fri, 05 Jan 2024 09:04:56 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pcw73aunOEjO9tfstfRaDQqfT6eOc6JrppRKBYPSnZ2YKUCkEuSKTmvWnWRzpPOyb5qcb1QJo3ULacBYAZ6%2Br4vTqILjVRkheNJcwX%2FSkad6UQbEwZLtjLTPs91P30BuE7DV9q5MxFCZC8nzp%2Byd5QqRbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800
cf-ray
842aecd3cf0306be-AMS
expires
Tue, 09 Jan 2024 14:45:00 GMT
9ephhlx5cb
www.clarity.ms/tag/ 		1018 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/9ephhlx5cb
Requested by
Host: descuentosrata.com
URL: https://descuentosrata.com/redirect?url=http://dir.foundation
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1dd500a81978d63772c5212b96a38129a336be1b31904e471b715c55703237c6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
-1
date
Tue, 09 Jan 2024 07:21:44 GMT
x-azure-ref
20240109T072144Z-xhe1zshatp3vt2dx6thrrk975s000000076g000000004yyh
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
1018
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
d094289.js
descuentosrata.com/_nuxt/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://descuentosrata.com/_nuxt/d094289.js
Requested by
Host: descuentosrata.com
URL: https://descuentosrata.com/_nuxt/f688f5a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c19e53f978ff7b02ef7e6b6c9598af5b445830dd7151115408f7fd3c9575742e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/redirect?url=http://dir.foundation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:21:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 08 Jan 2024 15:50:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1485-18ce9c4d250"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iv42y6OHLITfxqg9Dd0rLBwPFw1oql0vkhEMLHqLdH1H8mSKkcB0ozYgTg3%2FH0nTfpee6mrXiFQTXOKIdelZPGBU9wYUzsAftPVziFqTTxUei8KU1b6mSLw7uFAlQRVAy5RH9ACkkLQ6fsNm%2FHfr3Tc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-rata-status
STALE
cache-control
max-age=345600
cf-ray
842aecd46a8d0a7b-AMS
alt-svc
h3=":443"; ma=86400
player_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/player_api
Requested by
Host: descuentosrata.com
URL: https://descuentosrata.com/_nuxt/993bebd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0271e782d0e49674121fe3f5e703dfbff44ed8de8b8625a006eeb4a9702724d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:21:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Tue, 09 Jan 2024 07:21:44 GMT
OneSignalSDK.page.js
cdn.onesignal.com/sdks/web/v16/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js
Requested by
Host: descuentosrata.com
URL: https://descuentosrata.com/_nuxt/993bebd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd81fe3f6c530c586ebc23d23882c4476b4591ce7feeca8d8db0b4223f586361
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:21:44 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
522
etag
W/"ebe34e849ba21613f65a2259dce7b673"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
842aecd4c9d766bd-AMS
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 12 Jan 2024 07:21:44 GMT
9e5919c.js
descuentosrata.com/_nuxt/ 		275 B
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://descuentosrata.com/_nuxt/9e5919c.js
Requested by
Host: descuentosrata.com
URL: https://descuentosrata.com/_nuxt/f688f5a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21b7788b49bf44f4cd349300a530a113a0917e0a0c676de309227480c4f37bfd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/redirect?url=http://dir.foundation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:21:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 08 Jan 2024 15:50:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"113-18ce9c4e558"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUhNQzn7S1zNHExcUgvHzaQHEPwEUXsE0m5D7x%2B17UJjCfSLxdpXlFAKhiUTp9fL4yOQkND7Q2L7OI9nqBHAwOQcez%2FU9yKnx8poSYPSKdLi6Vs5hNwec%2ByPaJ%2BCF%2BwycmXlulaD8RRrTXjvAy3GwDM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-rata-status
STALE
cache-control
max-age=345600
cf-ray
842aecd48ab90a7b-AMS
alt-svc
h3=":443"; ma=86400
c3po.jpg
tracker.metricool.com/ 		70 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.metricool.com/c3po.jpg?hash=57249eb432b06a5b968cd29c78acd563&u=https%3A%2F%2Fdescuentosrata.com%2Fredirect%3Furl%3Dhttp%3A%2F%2Fdir.foundation&bw=1600&bh=1200
Requested by
Host: descuentosrata.com
URL: https://descuentosrata.com/redirect?url=http://dir.foundation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:21:44 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZW8%2B2OKeZyDlwL5dPwcFkbp0FA82KDDIQuc8B6fMbleNOXsJUmw2m4dKbH8yM%2B9nh28N78XDTi7t098H8CsQvzp7z%2B9deMngMmL5kzalUG1UE%2FDsrngKt8qYxnnzZ1stZreImIR5rScXxBNnWWo6Q8a2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
842aecd4a81a06be-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 22:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
32528
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140253
x-xss-protection
0
server
cafe
etag
11435206252018266965
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 07 Jan 2025 22:19:36 GMT
OneSignalSDK.page.es6.js
cdn.onesignal.com/sdks/web/v16/ 		256 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160101
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
447d27c231910c6b80a42fa6cc225db9d4a7997ac7f115a7fa1f36ea4e40043f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:21:44 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
519
etag
W/"46caafc4601e96e8ad41c658f1aa7a47"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
842aecd4fa1266bd-AMS
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 12 Jan 2024 07:21:44 GMT
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9ephhlx5cb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:21:44 GMT
content-encoding
br
last-modified
Mon, 08 Jan 2024 12:01:53 GMT
etag
W/"0x8DC10419AF46081"
vary
Accept-Encoding
x-azure-ref
20240109T072144Z-xhe1zshatp3vt2dx6thrrk975s000000076g000000004yyv
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
b18c7cc5-201e-0023-738d-42b418000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
www-widgetapi.js
www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/ 		216 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d772756f7f30b155def5b4c539d7883b69134c27e64be72d6e2fd98b37718843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:12:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68492
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 02:44:34 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 08 Jan 2025 07:12:41 GMT
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4L4BD5W18G&gtm=45je4130v9103037624&_p=1704784904216&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=96480482.1704784905&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704784904&sct=1&seg=0&dl=https%3A%2F%2Fdescuentosrata.com%2Fredirect%3Furl%3Dhttp%3A%2F%2Fdir.foundation&dt=Links%20DescuentosRata%20%E2%80%94%20Descuentos%20Rata&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1103
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4L4BD5W18G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 07:21:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://descuentosrata.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
o.clarity.ms/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://descuentosrata.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://descuentosrata.com
Date
Tue, 09 Jan 2024 07:21:44 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
06afd9b.js
descuentosrata.com/_nuxt/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://descuentosrata.com/_nuxt/06afd9b.js
Requested by
Host: descuentosrata.com
URL: https://descuentosrata.com/_nuxt/f688f5a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac1a9c8a2099c2f44ac37c2b662b281070475ae09475e024c31e2196154919ad

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/redirect?url=http://dir.foundation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:21:45 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 08 Jan 2024 15:50:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"247a-18ce9c4d5d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSvjeQiGbe2IVAQkuyfQ%2BHf2oAHcPookBT08dVumud06rVenkX0TM8kD1W70nJnpjazO8BQpepK%2FEfAfjBjCFC3Xxb4tc7lsb3mtrLnByflOhgWjyCO8QCvKJRXXFkvhP74jv6rQ8oBEXBv8E442knI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-rata-status
HIT
cache-control
max-age=345600
cf-ray
842aecd6bd230a7b-AMS
alt-svc
h3=":443"; ma=86400
collect
o.clarity.ms/ 		0
298 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://descuentosrata.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://descuentosrata.com
Date
Tue, 09 Jan 2024 07:21:45 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
web
onesignal.com/api/v1/sync/384d63bd-53bd-4369-9d86-7ac42b7dda07/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/384d63bd-53bd-4369-9d86-7ac42b7dda07/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c82911a69e8ce79f80ef244ce6d9f8ad78740c87a992a5413d70684431863714
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://descuentosrata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:21:45 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
7122fd5f-44f2-4f37-a01a-58e5df00306b
x-runtime
0.032378
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"c82911a69e8ce79f80ef244ce6d9f8ad"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
842aecd8f86e66bd-AMS
access-control-allow-headers
SDK-Version
expires
Tue, 09 Jan 2024 08:21:45 GMT
site_settings
cerebro.descuentosrata.com/api/v1/ 		0
0
c.gif
c.bing.com/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=78B6451AC0084BDB9CF7B5B2C1B05251&RedC=c.clarity.ms&MXFR=257AE2B95FCB69670758F6B85BCB67F8
0
0
rum
descuentosrata.com/cdn-cgi/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://descuentosrata.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://descuentosrata.com/redirect?url=http%3A%2F%2Fdir.foundation
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Tue, 09 Jan 2024 07:21:45 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://descuentosrata.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
842aecd988700a7b-AMS
Primary Request /
dir.foundation/
Redirect Chain
  • http://dir.foundation/
  • https://dir.foundation/
1 KB
708 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dir.foundation/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7d3a2080a6c34b08d2a443ab2a09cd1fb0d67cde6d4164518fb168e159dc5fd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://descuentosrata.com/redirect?url=http%3A%2F%2Fdir.foundation
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
362
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 07:21:45 GMT
etag
"f685db091e602a5db792e3df50a882d6a7f55ae4d8a8f42512cfda748cf73bc4-br"
last-modified
Thu, 21 Dec 2023 19:38:26 GMT
strict-transport-security
max-age=31556926
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-served-by
cache-ams21078-AMS
x-timer
S1704784905.283564,VS0,VE110

Redirect headers

Accept-Ranges
bytes
Connection
close
Content-Length
0
Date
Tue, 09 Jan 2024 07:21:45 GMT
Location
https://dir.foundation/
Retry-After
0
Server
Varnish
X-Cache
HIT
X-Cache-Hits
0
X-Served-By
cache-ams21063-AMS
X-Timer
S1704784905.228408,VS0,VE0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
collect
region1.google-analytics.com/g/ 		0
0
collect
o.clarity.ms/ 		0
0
rum
descuentosrata.com/cdn-cgi/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cerebro.descuentosrata.com
URL
https://cerebro.descuentosrata.com/api/v1/site_settings
Domain
c.bing.com
URL
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=78B6451AC0084BDB9CF7B5B2C1B05251&RedC=c.clarity.ms&MXFR=257AE2B95FCB69670758F6B85BCB67F8
Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4L4BD5W18G&gtm=45je4130v9103037624&_p=1704784904216&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=96480482.1704784905&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1704784904&sct=1&seg=0&dl=https%3A%2F%2Fdescuentosrata.com%2Fredirect%3Furl%3Dhttp%3A%2F%2Fdir.foundation&dt=Links%20DescuentosRata%20%E2%80%94%20Descuentos%20Rata&en=scroll&epn.percent_scrolled=90&_et=2&tfd=1951
Domain
o.clarity.ms
URL
https://o.clarity.ms/collect
Domain
descuentosrata.com
URL
https://descuentosrata.com/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

10 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: 0eb941213dab4bccb2909b52d855e683.20240109.20250108
.youtube.com/ Name: YSC
Value: 10-V-WfSRe4
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: HsLjRZvSlRE
.descuentosrata.com/ Name: _clck
Value: lr4led%7C2%7Cfi9%7C0%7C1469
.descuentosrata.com/ Name: _ga
Value: GA1.1.96480482.1704784905
.descuentosrata.com/ Name: _ga_4L4BD5W18G
Value: GS1.1.1704784904.1.0.1704784904.0.0.0
.c.clarity.ms/ Name: SM
Value: T
.clarity.ms/ Name: MUID
Value: 257AE2B95FCB69670758F6B85BCB67F8
.descuentosrata.com/ Name: _clsk
Value: 15q0mab%7C1704784905406%7C2%7C1%7Co.clarity.ms%2Fcollect
.onesignal.com/ Name: __cf_bm
Value: .WkKzZ7Xm2BCVpmLvISl1.PuwuZ8nlM9nRsefN8BsN0-1704784905-1-AdlAhtCwnCMNuZ2ExxJr6ATFAZ1pjS/rYNKs9G2vQI2h+SIggg9QcPAeMYXQkdHJR05D+xlVHH2cp7xYNtDTABk=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
cdn.onesignal.com
cerebro.descuentosrata.com
descuentosrata.com
dir.foundation
fonts.googleapis.com
o.clarity.ms
onesignal.com
region1.google-analytics.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
tracker.metricool.com
www.clarity.ms
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
c.bing.com
cerebro.descuentosrata.com
descuentosrata.com
o.clarity.ms
region1.google-analytics.com
199.36.158.100
2001:4860:4802:32::36
2606:4700:20::681a:66c
2606:4700::6810:3865
2606:4700::6812:d73b
2620:1ec:bdf::45
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:831::200a
2a06:98c1:3120::3
52.152.143.207
0271e782d0e49674121fe3f5e703dfbff44ed8de8b8625a006eeb4a9702724d7
0d4b1d3cac9301de736a954339603036307f048098162d3a61c9cfbf03897fe4
19e612f1d0da3d04928a91633f88968ec412eabaccf1ee25db6801801740eb9a
1dd500a81978d63772c5212b96a38129a336be1b31904e471b715c55703237c6
207d187a58333863140eca6eb65113c830d9f969592cf45673bfbfd1db4858ee
21b7788b49bf44f4cd349300a530a113a0917e0a0c676de309227480c4f37bfd
447d27c231910c6b80a42fa6cc225db9d4a7997ac7f115a7fa1f36ea4e40043f
46f2ce6170d3fb1ab46c0e9b69ea8d4fdc9219ebfb86b4fdc55b8a562b67f956
5f8ed1c6daba47079cc52c71de8874476177271aa4f5e5c38ab9baaec824210b
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
632e28011a0b0a682b5f941523f9ffb667663b4c10e74620d60bc1a4ebd554c5
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
89cb1fe966934c7ba171b04045e12efd02052c16ed7c23d9cf9e1748f694dcd5
8c79ed1cc14b2155e02b16f86d20e00e51e1788f7fe1580b352a9a286d57c63f
905bdcd4898a9585dc7ac1d4b6e44eb25885bd9253cd66f4ed1a4da819fb55f3
ac1a9c8a2099c2f44ac37c2b662b281070475ae09475e024c31e2196154919ad
b09a031a5d1c809144341f52fd845a5cf075cdafe805b9c0128961d2c219c532
b4e62a8daa779d16b2c25d343db85f6501e334632b0eeafd7d9f5bc5b8f96367
c19e53f978ff7b02ef7e6b6c9598af5b445830dd7151115408f7fd3c9575742e
c82911a69e8ce79f80ef244ce6d9f8ad78740c87a992a5413d70684431863714
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cd81fe3f6c530c586ebc23d23882c4476b4591ce7feeca8d8db0b4223f586361
d5b4407dc7310e326ecdeaa9e11acfa164b27b8d8ee9f4585c50ad8da72e2bd0
d772756f7f30b155def5b4c539d7883b69134c27e64be72d6e2fd98b37718843
d7d3a2080a6c34b08d2a443ab2a09cd1fb0d67cde6d4164518fb168e159dc5fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9