423278676.68765.repl.co Open in urlscan Pro
34.149.204.188  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/?random=551517665&cv=9&fst=1630218600013&num=1&value=0&label=-GB1CNv5t5kBENvPh_YC&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itaulink.com.uy%2Ftrx%2Fsolicitar_ingreso%3F_ga%3D2.130750799.1571806777.1630218558-862979872.1630218558&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA%20Link&auid=740869104.1630218600&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=mIgLY7bWCY6E9fgPu-uU8A0&sscte=1&crd=IgEB&eitems=ChEI8KSsmAYQwZuOp_Pw9K3ZARIdAPkqr9rAweheVYdNNtk2o7WaRlyDAtmw68U4egI&pscrd=CI-YyZ-PhPSM3QE HTTP 302
• https://www.google.com/pagead/1p-conversion/784459739/?random=551517665&cv=9&fst=1630218600013&num=1&value=0&label=-GB1CNv5t5kBENvPh_YC&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itaulink.com.uy%2Ftrx%2Fsolicitar_ingreso%3F_ga%3D2.130750799.1571806777.1630218558-862979872.1630218558&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA%20Link&auid=740869104.1630218600&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=IgEB&pscrd=CI-YyZ-PhPSM3QE&is_vtc=1&ocp_id=mIgLY7bWCY6E9fgPu-uU8A0&cid=CAQSKQCsnQUxZH2L0phJ-e2BS9AbhLu21Z48mVAZV5K5fb89wB2T0hjk1jZs&eitems=ChEI8KSsmAYQwZuOp_Pw9K3ZARIdAPkqr9rpFCa3tHqPN9mDbnSekfdw-GHdKk00yeQ&random=3780999712&resp=GooglemKTybQhCsO HTTP 302
• https://www.google.de/pagead/1p-conversion/784459739/?random=551517665&cv=9&fst=1630218600013&num=1&value=0&label=-GB1CNv5t5kBENvPh_YC&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itaulink.com.uy%2Ftrx%2Fsolicitar_ingreso%3F_ga%3D2.130750799.1571806777.1630218558-862979872.1630218558&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA%20Link&auid=740869104.1630218600&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=IgEB&pscrd=CI-YyZ-PhPSM3QE&is_vtc=1&ocp_id=mIgLY7bWCY6E9fgPu-uU8A0&cid=CAQSKQCsnQUxZH2L0phJ-e2BS9AbhLu21Z48mVAZV5K5fb89wB2T0hjk1jZs&eitems=ChEI8KSsmAYQwZuOp_Pw9K3ZARIdAPkqr9rpFCa3tHqPN9mDbnSekfdw-GHdKk00yeQ&random=3780999712&resp=GooglemKTybQhCsO&ipr=y&prhg=0 HTTP 302
• https://www.googleadservices.com/pagead/privacysandbox/conversion/784459739/?random=551517665&cv=9&fst=1630218600013&num=1&value=0&label=-GB1CNv5t5kBENvPh_YC&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itaulink.com.uy%2Ftrx%2Fsolicitar_ingreso%3F_ga%3D2.130750799.1571806777.1630218558-862979872.1630218558&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA%20Link&auid=740869104.1630218600&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=IgEB&pscrd=CI-YyZ-PhPSM3QE&is_vtc=1&ocp_id=mIgLY7bWCY6E9fgPu-uU8A0&cid=CAQSKQCsnQUxZH2L0phJ-e2BS9AbhLu21Z48mVAZV5K5fb89wB2T0hjk1jZs&eitems=ChEI8KSsmAYQwZuOp_Pw9K3ZARIdAPkqr9rpFCa3tHqPN9mDbnSekfdw-GHdKk00yeQ&random=3780999712&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 90

• https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTcyNDI0NDU3MzA3Mw==&forward= HTTP 302
• https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1

Request Chain 91

• https://ib.adnxs.com/setuid?entity=18&code=5108559724244573073 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559724244573073

Request Chain 93

• https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5108559724244573073&redir= HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559724244573073&redir=

Request Chain 94

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0

Request Chain 97

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559724244573073&referrer=https%3A%2F%2F423278676.68765.repl.co%2F HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=366cb372-79c7-44b4-af9e-56eff4c12672%3A1661700251.883609&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D366cb372-79c7-44b4-af9e-56eff4c12672%253A1661700251.883609 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=366cb372-79c7-44b4-af9e-56eff4c12672%3A1661700251.883609

Request Chain 99

• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559724244573073&forward= HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559724244573073&forward=&C=1

Request Chain 102

• https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5108559724244573073&img=1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5108559724244573073&img=1&__user_check__=1&sync_id=77f93099-26e5-11ed-bbda-132476d60306

Request Chain 106

• https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559724244573073&expires=30 HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5108559724244573073&expires=30

Request Chain 107

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YwuInAAJxDy5ewBC HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJxDy5ewBC&_test=YwuInAAJxDy5ewBC

Request Chain 110

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0

Request Chain 112

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YwuInAAJwsqmSABC HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC&_test=YwuInAAJwsqmSABC

Request Chain 113

• https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMTY2NTkwOTM4NA==&forward= HTTP 302
• https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1

Request Chain 114

• https://ib.adnxs.com/setuid?entity=18&code=5140084921665909384 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084921665909384

Request Chain 116

• https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084921665909384&redir= HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084921665909384&redir=

Request Chain 118

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084921665909384&referrer=https%3A%2F%2F423278676.68765.repl.co%2F HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dab797fee-5080-432a-bcb4-5860e6b8c528%253A1661700251.8833377 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377

Request Chain 123

• https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084921665909384&img=1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084921665909384&img=1&__user_check__=1&sync_id=77f94e8d-26e5-11ed-ad91-1a7ccaea0106

Request Chain 127

• https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084921665909384&expires=30 HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084921665909384&expires=30

Request Chain 138

• https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMTY2NTkwOTM4NA==&forward= HTTP 302
• https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1

Request Chain 148

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC

Request Chain 150

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0

Request Chain 152

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084921665909384&referrer=https%3A%2F%2F423278676.68765.repl.co%2F HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dab797fee-5080-432a-bcb4-5860e6b8c528%253A1661700251.8833377 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377

Request Chain 156

• https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMTY2NTkwOTM4NA==&forward= HTTP 302
• https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1

Request Chain 160

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0

Request Chain 163

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084921665909384&referrer=https%3A%2F%2F423278676.68765.repl.co%2F HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dab797fee-5080-432a-bcb4-5860e6b8c528%253A1661700251.8833377 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377

Request Chain 172

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC

Request Chain 174

• https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMTY2NTkwOTM4NA==&forward= HTTP 302
• https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1

Request Chain 177

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0

Request Chain 180

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084921665909384&referrer=https%3A%2F%2F423278676.68765.repl.co%2F HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dab797fee-5080-432a-bcb4-5860e6b8c528%253A1661700251.8833377 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377

Request Chain 189

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC

Request Chain 192

• https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMTY2NTkwOTM4NA==&forward= HTTP 302
• https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1

Request Chain 196

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0

Request Chain 199

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084921665909384&referrer=https%3A%2F%2F423278676.68765.repl.co%2F HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dab797fee-5080-432a-bcb4-5860e6b8c528%253A1661700251.8833377 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377

Request Chain 208

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC

Request Chain 212

• https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMTY2NTkwOTM4NA==&forward= HTTP 302
• https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1

Request Chain 216

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0

Request Chain 219

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084921665909384&referrer=https%3A%2F%2F423278676.68765.repl.co%2F HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dab797fee-5080-432a-bcb4-5860e6b8c528%253A1661700251.8833377 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377

Request Chain 228

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC

232 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response 423278676.68765.repl.co/	48 KB 49 KB	542ms 167ms	Document text/html	34.149.204.188 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 188.204.149.34.bc.googleusercontent.com Software / PHP/7.4.21 Resource Hash 1ef1c3a295b7e90326b67911e1fbd741c1be6c4d04525634fb9df8d053636252 Security Headers Name Value Strict-Transport-Security max-age=6232469; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-type text/html; charset=UTF-8 date Sun, 28 Aug 2022 15:24:07 GMT expect-ct max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" expires Thu, 19 Nov 1981 08:52:00 GMT host 423278676.68765.repl.co pragma no-cache replit-cluster global strict-transport-security max-age=6232469; includeSubDomains x-powered-by PHP/7.4.21
GET H2	200	tc.min.js Show response c1.rfihub.net/js/	19 KB 6 KB	231ms 21ms	Script application/x-javascript	2600:9000:223c:1a00:1:76cf:fe80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c1.rfihub.net/js/tc.min.js Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:1a00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 14:26:56 GMT content-encoding gzip last-modified Sun, 28 Aug 2022 14:26:46 GMT server Jetty(9.3.29.v20201019) age 3432 x-cache Hit from cloudfront p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" via 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront) cache-control public, max-age=3600 x-amz-cf-pop FRA56-P2 content-type application/x-javascript content-length 6162 x-amz-cf-id M3sBIiLYz3ShELyCTg2RNQwsWRvn-FoQs_ZlBYawPZnmx-LS3HE-eg== expires Sun, 28 Aug 2022 15:26:56 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	71ms 20ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 1327 date Sun, 28 Aug 2022 15:02:00 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sun, 28 Aug 2022 17:02:00 GMT
GET H2	200	197011027887515 Show response connect.facebook.net/signals/config/	290 KB 83 KB	258ms 188ms	Script application/x-javascript	2a03:2880:f007:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/197011027887515?v=2.9.47&r=stable Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 7bb784bbdbdef46c566f345a8937c5db5519f1e866a858b89d8f683e053fcaa8 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug rOOWpt876so1ok8DrI26RamlM85l65VewIsBbJW41rhsoa4eveqrO+tYCZ5R9e2XWckQXfBi37LP9tjPgIUuyA== x-fb-trip-id 2071890597 cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Sun, 28 Aug 2022 15:24:11 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1661700251490 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	100 KB 27 KB	103ms 34ms	Script application/x-javascript	2a03:2880:f007:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9d98a94c67e6e29d48d55ba2f6b415d0646af7f7313b539697eb53b34ab78c4c Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26668 x-xss-protection 0 pragma public x-fb-debug f5XdyhQjXLXuwnO1cMhGPNmwb7/s700CqwxSh7j7R9K8uYEIbsWtsNb/etdZQy/SZjahNTuph260MyaxZGVVNw== x-fb-trip-id 2071890597 cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Sun, 28 Aug 2022 15:24:11 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1661700039187 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	404	recaptcha__es.js www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/	0 0	116ms 63ms	Script text/html	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__es.js Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://423278676.68765.repl.co/ Origin https://423278676.68765.repl.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:11 GMT x-content-type-options nosniff server sffe content-type text/html; charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1621 x-xss-protection 0
GET H2	200	gtm.js Show response www.googletagmanager.com/	402 KB 72 KB	136ms 82ms	Script application/javascript	2a00:1450:4001:800::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NK23Q4K Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c8814ec7d89527a74d13856ae0af9963670e97ac985d48195d1b49fc8617f05a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:11 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 72747 x-xss-protection 0 last-modified Sun, 28 Aug 2022 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 28 Aug 2022 15:24:11 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	41 KB 15 KB	92ms 89ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 421ff7b6d660296443895950bff55ddb81a9eeb3d8c76e8cd067d3757bf249cb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:11 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15682 x-xss-protection 0 server cafe etag 14097944420163075165 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sun, 28 Aug 2022 15:24:11 GMT
GET H2	404	recaptcha__es_419.js www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/	0 0	146ms 133ms	Script text/html	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__es_419.js Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://423278676.68765.repl.co/ Origin https://423278676.68765.repl.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:11 GMT x-content-type-options nosniff server sffe content-type text/html; charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1625 x-xss-protection 0
GET H3	200	197011027887515 Show response connect.facebook.net/signals/config/	291 KB 84 KB	240ms 205ms	Script application/x-javascript	2a03:2880:f007:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/197011027887515?v=2.9.45&r=stable Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 89f9fc232fbce55f24d2c8bc62c8ad8dff464ff914ec75fb3f4d285ede44fdda Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug SNNw8ZFw4U2zvY+4SHnkjktYjuQPqFj/lSxSFBCmyRGio/bYgS+MlGWH5N0XGn7+GhEMLtPtZ2LH+yOiaKlnsg== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Sun, 28 Aug 2022 15:24:11 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1661700251590 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	404	recaptcha__es_419.js www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/	0 0	109ms 65ms	Script text/html	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__es_419.js Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://423278676.68765.repl.co/ Origin https://423278676.68765.repl.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:11 GMT x-content-type-options nosniff server sffe content-type text/html; charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1625 x-xss-protection 0
GET H/1.1	200 OK	bindIE8.js Show response www.itaulink.com.uy/static/js/	5 KB 2 KB	2823ms 227ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/bindIE8.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 7a1be98f73ec7da976e234f471fae503366f75f51a894fca63ca0d8c839e5a25 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0bcb5de728d81:0" Last-Modified Wed, 23 Feb 2022 18:56:24 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:09 GMT Accept-Ranges bytes Content-Length 1588
GET H/1.1	200 OK	bootstrap.min.css www.itaulink.com.uy/static/css/	119 KB 19 KB	2549ms 429ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/bootstrap.min.css?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 51c39a6552e086decdf8fc686b601be3d5ee7574dfce51a7cdfc3a4c21363dd3 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "804e19f026c4d61:0" Last-Modified Thu, 26 Nov 2020 19:04:17 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Sun, 28 Aug 2022 15:24:09 GMT Accept-Ranges bytes Content-Length 19595
GET H/1.1	200 OK	datepicker.css www.itaulink.com.uy/static/css/	5 KB 1 KB	2341ms 215ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/datepicker.css?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 03ad95964d61ff7b69502b303b9d639aacc99ae34e054e2dfc11a6cd338f5822 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0cb19904ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:34 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Sun, 28 Aug 2022 15:24:09 GMT Accept-Ranges bytes Content-Length 1100
GET H/1.1	200 OK	style.css www.itaulink.com.uy/static/css/	88 KB 18 KB	2564ms 435ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/style.css?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 80460702ee9d5671fbacf823a7b2df6ff451b2f011116275c2138571161caebd Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0a28dd83cb3d81:0" Last-Modified Thu, 18 Aug 2022 19:58:12 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Sun, 28 Aug 2022 15:24:09 GMT Accept-Ranges bytes Content-Length 18181
GET H/1.1	200 OK	style_custom.css www.itaulink.com.uy/static/css/	7 KB 2 KB	2358ms 225ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/style_custom.css?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash dab750858155cedd633f159e6064b0bd772783d1f52c32f2b10a5183ae2152c7 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0cbf06b8190d31:0" Last-Modified Thu, 18 Jan 2018 17:26:06 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Sun, 28 Aug 2022 15:24:09 GMT Accept-Ranges bytes Content-Length 2153
GET H/1.1	200 OK	style_chat.css www.itaulink.com.uy/static/css/	34 KB 6 KB	2366ms 228ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/style_chat.css?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash e78dcf785c396f15ec2a86c63ba000f909fad63d9a8c55d96f20f46e7a9e2b18 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "05fc765b197d81:0" Last-Modified Thu, 14 Jul 2022 18:41:58 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Sun, 28 Aug 2022 15:24:09 GMT Accept-Ranges bytes Content-Length 5547
GET H/1.1	200 OK	jquery-ui.min.css www.itaulink.com.uy/static/css/	31 KB 8 KB	2371ms 228ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/jquery-ui.min.css?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0a65c794348d31:0" Last-Modified Wed, 18 Oct 2017 19:01:16 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Sun, 28 Aug 2022 15:24:09 GMT Accept-Ranges bytes Content-Length 7878
GET H/1.1	200 OK	select2.css www.itaulink.com.uy/static/css/select2/	18 KB 3 KB	2556ms 216ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/select2/select2.css?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash c693c6e5ac34d344b94f7a68a83365d44d6cd1b130518cb449820261c1234a27 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0e62a9654bad41:0" Last-Modified Fri, 01 Feb 2019 17:35:56 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Sun, 28 Aug 2022 15:24:09 GMT Accept-Ranges bytes Content-Length 2273
GET H/1.1	200 OK	select2.min.css www.itaulink.com.uy/static/css/select2/	15 KB 2 KB	2583ms 224ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/select2/select2.min.css?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash ad8d018af2638e0a390d6976a17b689b1238621b46300701a9a671ca79b532df Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0e62a9654bad41:0" Last-Modified Fri, 01 Feb 2019 17:35:56 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Sun, 28 Aug 2022 15:24:09 GMT Accept-Ranges bytes Content-Length 1997
GET H/1.1	200 OK	all.css www.itaulink.com.uy/static/css/combobox/	277 B 568 B	2593ms 226ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/combobox/all.css?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 3a52fe82cbed73d228f3e3fd40d04ecf9c6033f5198bc935a0f280953ed0dc45 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-POWERED-BY ETag "0f84a914ccd11:0" X-Frame-Options SAMEORIGIN Content-Type text/css Date Sun, 28 Aug 2022 15:24:09 GMT Accept-Ranges bytes Content-Length 277
GET H/1.1	200 OK	bootstrap.min.css www.itaulink.com.uy/static/css/	119 KB 19 KB	2607ms 236ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/bootstrap.min.css Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 51c39a6552e086decdf8fc686b601be3d5ee7574dfce51a7cdfc3a4c21363dd3 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "804e19f026c4d61:0" Last-Modified Thu, 26 Nov 2020 19:04:17 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Sun, 28 Aug 2022 15:24:09 GMT Accept-Ranges bytes Content-Length 19595
GET H/1.1	200 OK	style.css www.itaulink.com.uy/static/css/	88 KB 18 KB	2763ms 214ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/style.css Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 80460702ee9d5671fbacf823a7b2df6ff451b2f011116275c2138571161caebd Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0a28dd83cb3d81:0" Last-Modified Thu, 18 Aug 2022 19:58:12 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Sun, 28 Aug 2022 15:24:09 GMT Accept-Ranges bytes Content-Length 18181
GET H/1.1	200 OK	datepicker.css www.itaulink.com.uy/static/css/	5 KB 1 KB	2771ms 215ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/datepicker.css Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 03ad95964d61ff7b69502b303b9d639aacc99ae34e054e2dfc11a6cd338f5822 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0cb19904ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:34 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Sun, 28 Aug 2022 15:24:09 GMT Accept-Ranges bytes Content-Length 1100
GET H/1.1	200 OK	all.css www.itaulink.com.uy/static/css/combobox/	277 B 568 B	2788ms 223ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/combobox/all.css Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 3a52fe82cbed73d228f3e3fd40d04ecf9c6033f5198bc935a0f280953ed0dc45 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-POWERED-BY ETag "0f84a914ccd11:0" X-Frame-Options SAMEORIGIN Content-Type text/css Date Sun, 28 Aug 2022 15:24:09 GMT Accept-Ranges bytes Content-Length 277
GET H/1.1	200 OK	dynamicoptionlist.js Show response www.itaulink.com.uy/static/js/	19 KB 5 KB	2977ms 213ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/dynamicoptionlist.js Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 2bc39e781bf0b13697df9d3eae91450984e577f99f288bd5eaceec7d2de50efe Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0f84a914ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:09 GMT Accept-Ranges bytes Content-Length 5122
GET H/1.1	200 OK	style_solicitar_ingreso.css www.itaulink.com.uy/static/css/	22 KB 22 KB	3032ms 449ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/style_solicitar_ingreso.css?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 2c27de4e29d501e85e0710f860d435fa98981d22bdee896ca1e526176dfd18a6 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Thu, 10 Mar 2022 19:59:08 GMT Server X-POWERED-BY ETag "3b33b24db934d81:0" X-Frame-Options SAMEORIGIN Content-Type text/css Date Sun, 28 Aug 2022 15:24:09 GMT Accept-Ranges bytes Content-Length 22530
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 969 B	213ms 30ms	Script text/javascript	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 7a7dcb207863b588dd58e49adb2dc0fca02fae2bd10571e7ccd087067ae09f12 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:08 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 556 x-xss-protection 1; mode=block expires Sun, 28 Aug 2022 15:24:08 GMT
GET H2	200	/ Show response www.googleadservices.com/pagead/conversion/784459739/	2 KB 2 KB	222ms 38ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/784459739/?random=1630218600013&cv=9&fst=1630218600013&num=1&value=0&label=-GB1CNv5t5kBENvPh_YC&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itaulink.com.uy%2Ftrx%2Fsolicitar_ingreso%3F_ga%3D2.130750799.1571806777.1630218558-862979872.1630218558&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA%20Link&auid=740869104.1630218600&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 8dd35fdc3a434d1f0da2fe695932d142b61334242f04a7672e1516d956409e25 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:08 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1302 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/	2 KB 1 KB	219ms 36ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/?random=1630218600021&cv=9&fst=1630218600021&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itaulink.com.uy%2Ftrx%2Fsolicitar_ingreso%3F_ga%3D2.130750799.1571806777.1630218558-862979872.1630218558&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA%20Link&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f7d922b304c93258d3b4fc1b271e8601f1eb9c1a9d12743859721a41ab3dd729 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:08 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1078 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/	2 KB 2 KB	217ms 34ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/?random=1630219023846&cv=9&fst=1630219023846&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Flocalhost%2Findex2.php&tiba=Ita%C3%BA%20Link&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 996a1f3ea772c467e87426dc1181541b88da9ab30889197c32f40bf1708ffb03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:08 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1008 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/	2 KB 1 KB	218ms 35ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/?random=1630219386284&cv=9&fst=1630219386284&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=4&u_tz=480&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Flocalhost%2Findex2.php&tiba=Ita%C3%BA%20Link&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 40f01d2895efde31c4b598b67a454c08ac06475ae9000886bfe488f9bfeb1eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:08 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1015 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/	2 KB 1 KB	219ms 36ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/?random=1630219740336&cv=9&fst=1630219740336&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Flocalhost%2Findex2.php&tiba=Ita%C3%BA%20Link&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21714488b4a73a84d2499b94b2e9269fbc8daafda0dd7950b55e2ecff3c79225 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:08 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1009 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/	2 KB 1 KB	220ms 37ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/?random=1633810122727&cv=9&fst=1633810122727&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&gtm=2wga60&sendb=1&ig=1&frm=0&url=http%3A%2F%2Flocalhost%2FITAUUY%2F&tiba=Ita%C3%BA%20Link&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5839bfc549ef945142f6aa72983e1b89d85c3f88c4aae2049a08de3860da5973 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:08 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1012 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/	2 KB 1 KB	220ms 37ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/?random=1633810721419&cv=9&fst=1633810721419&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&gtm=2wga60&sendb=1&ig=1&frm=0&url=http%3A%2F%2Flocalhost%2FITAUUY%2F&tiba=Ita%C3%BA%20Link&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 20d80bbdaa2d7426f49cd37ad2b658916deb11ffa531946c2f543d774d3c78b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:08 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1010 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	logo_mobile@2x.png www.itaulink.com.uy/static/img/logos/	2 KB 3 KB	435ms 220ms	Image image/png	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Show image Full URL https://www.itaulink.com.uy/static/img/logos/logo_mobile@2x.png Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash eb9231d940d6d53cef3f62eb41173cbf72e12e286c0e35f899daa9b07df50ed8 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Wed, 10 Mar 2021 15:37:14 GMT Server X-POWERED-BY ETag "0f15f3ec315d71:0" X-Frame-Options SAMEORIGIN Content-Type image/png Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 2416
GET H/1.1	200 OK	btn-cerrar.gif www.itaulink.com.uy/static/img/btns/	1 KB 2 KB	225ms 225ms	Image image/gif	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Show image Full URL https://www.itaulink.com.uy/static/img/btns/btn-cerrar.gif Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 5daf7ae4f0197725941fc0b20ef09bc5d05d3f4f5b3cf39914ce9e6df81988e5 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-POWERED-BY ETag "0f84a914ccd11:0" X-Frame-Options SAMEORIGIN Content-Type image/gif Date Sun, 28 Aug 2022 15:24:11 GMT Accept-Ranges bytes Content-Length 1263
GET H/1.1	200 OK	spinner.svg www.itaulink.com.uy/static/img/icons/	2 KB 3 KB	225ms 225ms	Image image/svg+xml	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Show image Full URL https://www.itaulink.com.uy/static/img/icons/spinner.svg Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash e57ac4e87aee6133140bdb844563b7edc3f5df2ebb26e5baf89b8e47d30dc3ff Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Mon, 03 Dec 2018 18:17:30 GMT Server X-POWERED-BY ETag "019ec73348bd41:0" X-Frame-Options SAMEORIGIN Content-Type image/svg+xml Date Sun, 28 Aug 2022 15:24:11 GMT Accept-Ranges bytes Content-Length 2310
GET H/1.1	200 OK	jquery-3.5.1.min.js Show response www.itaulink.com.uy/static/js/	87 KB 31 KB	219ms 219ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/jquery-3.5.1.min.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "08e4d7819d3d61:0" Last-Modified Tue, 15 Dec 2020 19:35:40 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 30976
GET H/1.1	200 OK	jquery-ui.min.js Show response www.itaulink.com.uy/static/js/	248 KB 67 KB	229ms 228ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/jquery-ui.min.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 21cacca8e9eb98f1f32702b4176685f2f941af51ab5bc7cf88ccb5435a1bb080 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0a65c794348d31:0" Last-Modified Wed, 18 Oct 2017 19:01:16 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 68124
GET H/1.1	200 OK	widget.js Show response www.itaulink.com.uy/static/js/combobox/	18 KB 6 KB	231ms 231ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/combobox/widget.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash f2d1c34bba791e0440d8bca0218184fa6fbfcb40773774e6954bbb1f81849e24 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0257c924ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:38 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 5694
GET H/1.1	200 OK	bootstrap.min.js Show response www.itaulink.com.uy/static/js/	39 KB 11 KB	230ms 230ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/bootstrap.min.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "09181093c2d61:0" Last-Modified Tue, 24 Nov 2020 18:53:14 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 10939
GET H/1.1	200 OK	bootstrap-datepicker.min.js Show response www.itaulink.com.uy/static/js/	26 KB 8 KB	226ms 220ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/bootstrap-datepicker.min.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 63b7fb88c9ada67a6ce783446787f1a355120322e33ff7fecf888942f32eae18 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0f84a914ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 7954
GET H/1.1	200 OK	functions.js Show response www.itaulink.com.uy/static/js/	28 KB 6 KB	224ms 218ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/functions.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 07406f57a65a30304212b1ffedf2ad5909cc2810e60b31aba2d9ea3b9c93acac Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "80bd36313424d81:0" Last-Modified Thu, 17 Feb 2022 19:25:59 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 6278
GET H/1.1	200 OK	numeral.min.js Show response www.itaulink.com.uy/static/js/	7 KB 3 KB	225ms 220ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/numeral.min.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash fbf89a33c155d951884b2f5c3687a46cff4fc85f8b595000cb0a2795d4918476 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0f84a914ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 2542
GET H/1.1	200 OK	es.min.js Show response www.itaulink.com.uy/static/js/	545 B 850 B	230ms 230ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/es.min.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 578e746c1addbc5360c2741b4ab7fdb8c3b25662f1c1296da4a8c013e1c68e47 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-POWERED-BY ETag "0f84a914ccd11:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 545
GET H/1.1	200 OK	validations.js Show response www.itaulink.com.uy/static/js/	16 KB 5 KB	217ms 217ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/validations.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 11ac009bdcc046c6878bbd87f1e0f1a3d42734faddb8e78b25016598a3bd56e9 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "807d55b6add81:0" Last-Modified Thu, 11 Aug 2022 19:12:43 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 4613
GET H/1.1	200 OK	moment.min.js Show response www.itaulink.com.uy/static/js/	34 KB 12 KB	226ms 226ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/moment.min.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 62d68b60ce880b5ea669c774c2c84b7c9e88cf58ffe26b0d3f449580d18d550d Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0f84a914ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 12442
GET H/1.1	200 OK	main.js Show response www.itaulink.com.uy/static/js/	38 KB 8 KB	215ms 215ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/main.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash b8049532546f55aa81d8bf9c0aa49edc53d94550fcbaff98a83f8a0f43819619 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0ef433ead7ad81:0" Last-Modified Tue, 07 Jun 2022 20:29:10 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 7713
GET H/1.1	200 OK	dynamicoptionlist.js Show response www.itaulink.com.uy/static/js/	19 KB 5 KB	216ms 216ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/dynamicoptionlist.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 2bc39e781bf0b13697df9d3eae91450984e577f99f288bd5eaceec7d2de50efe Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0f84a914ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 5122
GET H/1.1	200 OK	Chart_master_fix.min.js Show response www.itaulink.com.uy/static/js/	154 KB 46 KB	226ms 226ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/Chart_master_fix.min.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash c316482864fb5c62786edafc8469a5fa98fa49563836dab8ab4bc52c917c90e5 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "04229ff1569d31:0" Last-Modified Wed, 29 Nov 2017 13:28:52 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 46497
GET H/1.1	200 OK	jquery-cookie.js Show response www.itaulink.com.uy/static/js/	3 KB 2 KB	230ms 230ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/jquery-cookie.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash afd6a5f6de40e9e67b55ff6afec66fff4827e775c996ab80c9e964a872a92523 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0a65c794348d31:0" Last-Modified Wed, 18 Oct 2017 19:01:16 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 1378
GET H/1.1	200 OK	bodyScrollLock.min.js Show response www.itaulink.com.uy/static/js/	3 KB 1 KB	229ms 229ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/bodyScrollLock.min.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 866f0301eda412172e6011cd70d0b1a15dd106414c901d73b01c4de129762de2 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "8017e7b0c5ed71:0" Last-Modified Mon, 01 Mar 2021 18:07:07 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 1078
GET H/1.1	200 OK	chatFunctions.js Show response www.itaulink.com.uy/static/js/	9 KB 3 KB	230ms 229ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/chatFunctions.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash d31741b14f16ccf19596f1d6ad47bc4cc8911e0f3ea31dd850439c6abd3c6f0c Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "80e0e543ec63d81:0" Last-Modified Mon, 09 May 2022 21:32:21 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 2622
GET H/1.1	200 OK	ventanasFunctions.js Show response www.itaulink.com.uy/static/js/	2 KB 3 KB	224ms 223ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/ventanasFunctions.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash adfc8b4332ee6c69195bb2baebdeec635a9a7c6329859a86370a7cf6c00f3984 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Tue, 28 Jul 2020 19:32:52 GMT Server X-POWERED-BY ETag "0ca55e21565d61:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:11 GMT Accept-Ranges bytes Content-Length 2482
GET H/1.1	200 OK	autocomplete.js Show response www.itaulink.com.uy/static/js/combobox/	17 KB 5 KB	215ms 215ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/combobox/autocomplete.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 89e1c8b4658aa4cc23d0af03a5ec674fea58cb018586246cb63eb5b7adab2487 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0257c924ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:38 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:11 GMT Accept-Ranges bytes Content-Length 5255
GET H/1.1	200 OK	core.js Show response www.itaulink.com.uy/static/js/combobox/	9 KB 4 KB	255ms 253ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/combobox/core.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 2027494e3a3a04341c7011be19f61763db8b61016386a2304d42f89591a11ba2 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0257c924ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:38 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:11 GMT Accept-Ranges bytes Content-Length 3554
GET H/1.1	200 OK	menu.js Show response www.itaulink.com.uy/static/js/combobox/	17 KB 5 KB	244ms 243ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/combobox/menu.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 0b4a1f407f59ffb0c615cda75b36841706ac376b5de5fc8f5f82a3f202faa951 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0257c924ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:38 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:11 GMT Accept-Ranges bytes Content-Length 5085
GET H/1.1	200 OK	position.js Show response www.itaulink.com.uy/static/js/combobox/	15 KB 4 KB	225ms 224ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/combobox/position.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 74bd84345563895cf49eb99c4eae5c4bd476b1984a0d8a70af4ee6450565a9b6 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0257c924ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:38 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:11 GMT Accept-Ranges bytes Content-Length 3967
GET H/1.1	200 OK	select2.js Show response www.itaulink.com.uy/static/js/select2/	149 KB 32 KB	228ms 228ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/select2/select2.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 87d218e78fedf031eeafdffe610c0d8d37e6792b9d8b0b360889e3c35679edf8 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0e62a9654bad41:0" Last-Modified Fri, 01 Feb 2019 17:35:56 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:11 GMT Accept-Ranges bytes Content-Length 32394
GET H/1.1	200 OK	select2.min.js Show response www.itaulink.com.uy/static/js/select2/	66 KB 19 KB	220ms 219ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/select2/select2.min.js?timestamp=60_6 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash d7dd05bfc68901dbb2c883a7bd65698c29b3917d61f0e12d1966dca14d5056c0 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0e62a9654bad41:0" Last-Modified Fri, 01 Feb 2019 17:35:56 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Sun, 28 Aug 2022 15:24:11 GMT Accept-Ranges bytes Content-Length 19395
GET H/1.1	200 OK	base.css www.itaulink.com.uy/static/css/combobox/	350 B 641 B	227ms 227ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/combobox/base.css Requested by Host: www.itaulink.com.uy URL: https://www.itaulink.com.uy/static/css/combobox/all.css?timestamp=60_6 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 68e5267688e1cfe7e5e65e1f25a182b11142ad035f2ad0624deb22eca286e600 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.itaulink.com.uy/static/css/combobox/all.css?timestamp=60_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-POWERED-BY ETag "0f84a914ccd11:0" X-Frame-Options SAMEORIGIN Content-Type text/css Date Sun, 28 Aug 2022 15:24:09 GMT Accept-Ranges bytes Content-Length 350
GET H/1.1	200 OK	theme.css www.itaulink.com.uy/static/css/combobox/	17 KB 3 KB	218ms 218ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/combobox/theme.css Requested by Host: www.itaulink.com.uy URL: https://www.itaulink.com.uy/static/css/combobox/all.css?timestamp=60_6 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash cb5e22f58d4a3582cb0727d8c9aaa7a2ee91228df72892d785673e399730ea83 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.itaulink.com.uy/static/css/combobox/all.css?timestamp=60_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0f84a914ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Sun, 28 Aug 2022 15:24:09 GMT Accept-Ranges bytes Content-Length 2810
GET H/1.1	200 OK	core.css www.itaulink.com.uy/static/css/combobox/	1 KB 2 KB	225ms 224ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/combobox/core.css Requested by Host: www.itaulink.com.uy URL: https://www.itaulink.com.uy/static/css/combobox/base.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 8fe4d3e5dbb6ffab4fc1bb7e638abe5926722e3f84ac8bda8dc7089ad0e18713 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.itaulink.com.uy/static/css/combobox/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-POWERED-BY ETag "0f84a914ccd11:0" X-Frame-Options SAMEORIGIN Content-Type text/css Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 1452
GET H/1.1	200 OK	autocomplete.css www.itaulink.com.uy/static/css/combobox/	318 B 609 B	213ms 213ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/combobox/autocomplete.css Requested by Host: www.itaulink.com.uy URL: https://www.itaulink.com.uy/static/css/combobox/base.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 36dc80445c31112589a939bfd6d25606af37924da5ce8227d89860066f4821df Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.itaulink.com.uy/static/css/combobox/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-POWERED-BY ETag "0f84a914ccd11:0" X-Frame-Options SAMEORIGIN Content-Type text/css Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 318
GET H/1.1	200 OK	menu.css www.itaulink.com.uy/static/css/combobox/	1 KB 1 KB	229ms 229ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/combobox/menu.css Requested by Host: www.itaulink.com.uy URL: https://www.itaulink.com.uy/static/css/combobox/base.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 9abe7b079fdfb4f4d25d3aa082105f6ff11aaa9cf06b59156bc3073bd70309fa Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.itaulink.com.uy/static/css/combobox/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-POWERED-BY ETag "0f84a914ccd11:0" X-Frame-Options SAMEORIGIN Content-Type text/css Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 1129
GET H/1.1	200 OK	selectmenu.css www.itaulink.com.uy/static/css/combobox/	1 KB 1 KB	215ms 215ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/combobox/selectmenu.css Requested by Host: www.itaulink.com.uy URL: https://www.itaulink.com.uy/static/css/combobox/base.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 35dc7fd2a80cc99465f4d43556115187eed3355b6c93e5b96755e4452b4a4b58 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.itaulink.com.uy/static/css/combobox/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-POWERED-BY ETag "0f84a914ccd11:0" X-Frame-Options SAMEORIGIN Content-Type text/css Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 1126
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/	391 KB 156 KB	66ms 22ms	Script text/javascript	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 30a31bd4c38a2400b0e4aeb83da4f028cca84568378d1deedc236406792f1baf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://423278676.68765.repl.co/ Origin https://423278676.68765.repl.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:00:57 GMT content-encoding gzip x-content-type-options nosniff age 1394 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 159350 x-xss-protection 0 last-modified Sun, 21 Aug 2022 22:02:06 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 28 Aug 2023 15:00:57 GMT
GET H3	200	/ www.googleadservices.com/pagead/privacysandbox/conversion/784459739/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/?random=551517665&cv=9&fst=1630218600013&num=1&value=0&label=-GB1CNv5t5kBENvPh_YC&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_... https://www.google.com/pagead/1p-conversion/784459739/?random=551517665&cv=9&fst=1630218600013&num=1&value=0&label=-GB1CNv5t5kBENvPh_YC&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=... https://www.google.de/pagead/1p-conversion/784459739/?random=551517665&cv=9&fst=1630218600013&num=1&value=0&label=-GB1CNv5t5kBENvPh_YC&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1... https://www.googleadservices.com/pagead/privacysandbox/conversion/784459739/?random=551517665&cv=9&fst=1630218600013&num=1&value=0&label=-GB1CNv5t5kBENvPh_YC&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u...	0 0	33ms 32ms	Image text/html	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googleadservices.com/pagead/privacysandbox/conversion/784459739/?random=551517665&cv=9&fst=1630218600013&num=1&value=0&label=-GB1CNv5t5kBENvPh_YC&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itaulink.com.uy%2Ftrx%2Fsolicitar_ingreso%3F_ga%3D2.130750799.1571806777.1630218558-862979872.1630218558&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA%20Link&auid=740869104.1630218600&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=IgEB&pscrd=CI-YyZ-PhPSM3QE&is_vtc=1&ocp_id=mIgLY7bWCY6E9fgPu-uU8A0&cid=CAQSKQCsnQUxZH2L0phJ-e2BS9AbhLu21Z48mVAZV5K5fb89wB2T0hjk1jZs&eitems=ChEI8KSsmAYQwZuOp_Pw9K3ZARIdAPkqr9rpFCa3tHqPN9mDbnSekfdw-GHdKk00yeQ&random=3780999712&resp=GooglemKTybQhCsO&ipr=y&prhg=0 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Redirect headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/gif location https://www.googleadservices.com/pagead/privacysandbox/conversion/784459739/?random=551517665&cv=9&fst=1630218600013&num=1&value=0&label=-GB1CNv5t5kBENvPh_YC&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itaulink.com.uy%2Ftrx%2Fsolicitar_ingreso%3F_ga%3D2.130750799.1571806777.1630218558-862979872.1630218558&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA%20Link&auid=740869104.1630218600&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=IgEB&pscrd=CI-YyZ-PhPSM3QE&is_vtc=1&ocp_id=mIgLY7bWCY6E9fgPu-uU8A0&cid=CAQSKQCsnQUxZH2L0phJ-e2BS9AbhLu21Z48mVAZV5K5fb89wB2T0hjk1jZs&eitems=ChEI8KSsmAYQwZuOp_Pw9K3ZARIdAPkqr9rpFCa3tHqPN9mDbnSekfdw-GHdKk00yeQ&random=3780999712&resp=GooglemKTybQhCsO&ipr=y&prhg=0 cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/784459739/	42 B 327 B	38ms 35ms	Image image/gif	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/784459739/?random=1630218600021&cv=9&fst=1630216800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&frm=0&url=https%3A%2F%2Fwww.itaulink.com.uy%2Ftrx%2Fsolicitar_ingreso%3F_ga%3D2.130750799.1571806777.1630218558-862979872.1630218558&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=400324476&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/784459739/	42 B 108 B	89ms 34ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/784459739/?random=1630218600021&cv=9&fst=1630216800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&frm=0&url=https%3A%2F%2Fwww.itaulink.com.uy%2Ftrx%2Fsolicitar_ingreso%3F_ga%3D2.130750799.1571806777.1630218558-862979872.1630218558&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=400324476&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/784459739/	42 B 108 B	41ms 38ms	Image image/gif	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/784459739/?random=1630219023846&cv=9&fst=1630216800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&frm=0&url=http%3A%2F%2Flocalhost%2Findex2.php&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=3492981524&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/784459739/	42 B 548 B	84ms 33ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/784459739/?random=1630219023846&cv=9&fst=1630216800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&frm=0&url=http%3A%2F%2Flocalhost%2Findex2.php&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=3492981524&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/784459739/	42 B 108 B	40ms 38ms	Image image/gif	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/784459739/?random=1630219386284&cv=9&fst=1630216800000&num=1&guid=ON&eid=376635470&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=4&u_tz=480&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&frm=0&url=http%3A%2F%2Flocalhost%2Findex2.php&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=3580407681&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/784459739/	42 B 108 B	36ms 35ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/784459739/?random=1630219386284&cv=9&fst=1630216800000&num=1&guid=ON&eid=376635470&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=4&u_tz=480&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&frm=0&url=http%3A%2F%2Flocalhost%2Findex2.php&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=3580407681&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/784459739/	42 B 108 B	39ms 37ms	Image image/gif	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/784459739/?random=1630219740336&cv=9&fst=1630216800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&frm=0&url=http%3A%2F%2Flocalhost%2Findex2.php&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=1753842689&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/784459739/	42 B 108 B	40ms 39ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/784459739/?random=1630219740336&cv=9&fst=1630216800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&frm=0&url=http%3A%2F%2Flocalhost%2Findex2.php&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=1753842689&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/784459739/	42 B 108 B	40ms 38ms	Image image/gif	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/784459739/?random=1633810122727&cv=9&fst=1633809600000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&gtm=2wga60&sendb=1&frm=0&url=http%3A%2F%2Flocalhost%2FITAUUY%2F&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=3438617613&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/784459739/	42 B 108 B	35ms 35ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/784459739/?random=1633810122727&cv=9&fst=1633809600000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&gtm=2wga60&sendb=1&frm=0&url=http%3A%2F%2Flocalhost%2FITAUUY%2F&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=3438617613&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/784459739/	42 B 108 B	41ms 39ms	Image image/gif	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/784459739/?random=1633810721419&cv=9&fst=1633809600000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&gtm=2wga60&sendb=1&frm=0&url=http%3A%2F%2Flocalhost%2FITAUUY%2F&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=334450330&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/784459739/	42 B 108 B	37ms 37ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/784459739/?random=1633810721419&cv=9&fst=1633809600000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&gtm=2wga60&sendb=1&frm=0&url=http%3A%2F%2Flocalhost%2FITAUUY%2F&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=334450330&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	icon_dropdown.svg www.itaulink.com.uy/static/img/icons/	809 B 1 KB	426ms 213ms	Image image/svg+xml	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Show image Full URL https://www.itaulink.com.uy/static/img/icons/icon_dropdown.svg Requested by Host: www.itaulink.com.uy URL: https://www.itaulink.com.uy/static/css/style_solicitar_ingreso.css?timestamp=60_6 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 Montevideo, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash ada696cecfeb1fbab2100f3f376286b68f39ef37cbb5e2b1b652638197c6b880 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.itaulink.com.uy/static/css/style_solicitar_ingreso.css?timestamp=60_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Wed, 14 Mar 2018 19:24:42 GMT Server X-POWERED-BY ETag "079201acabbd31:0" X-Frame-Options SAMEORIGIN Content-Type image/svg+xml Date Sun, 28 Aug 2022 15:24:10 GMT Accept-Ranges bytes Content-Length 809
GET H/1.1	200 OK	ca.html Show response 20818439p.rfihub.com/ Frame 56D8	3 KB 3 KB	343ms 46ms	Document text/html	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=6043422187879044 Requested by Host: c1.rfihub.net URL: https://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 36ade1873b3facbb61d217e2143d27fec528e2139747b5ed8ff99d2cc83c3d5f Request headers Referer https://423278676.68765.repl.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Content-Length 2619 Content-Type text/html;charset=utf-8 Date Sun, 28 Aug 2022 15:24:11 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server Jetty(9.3.29.v20201019)
GET H3	200	197011027887515 Show response connect.facebook.net/signals/config/	292 KB 84 KB	168ms 168ms	Script application/x-javascript	2a03:2880:f007:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/197011027887515?v=2.9.78&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4b85ecd48465f26adfd8575d64e8bc27168f929042fa08d5b424e54e8d2a3535 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug 6/ELco0/7SerrdhMEjzMkNON/KCzynReJWViTv3haGE6BsahAPb8icy3ydxXIDkecPRSWJrFwh7f7dOyA2Cn8Q== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Sun, 28 Aug 2022 15:24:11 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1661700251556 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	69ms 27ms	XHR text/plain	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=968059947&t=pageview&_s=1&dl=https%3A%2F%2F423278676.68765.repl.co%2F&ul=en-us&de=UTF-8&dt=Ita%C3%BA%20Paraguay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEABFAAAAC~&jid=1484299210&gjid=134638292&cid=641276124.1661700251&tid=UA-64060276-8&_gid=172383086.1661700251&_r=1&gtm=2wg8o0NK23Q4K&z=1193607667 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://423278676.68765.repl.co/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://423278676.68765.repl.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	ca.html Show response 20818439p.rfihub.com/ Frame 5D3F	3 KB 3 KB	154ms 42ms	Document text/html	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=924506704104082 Requested by Host: c1.rfihub.net URL: https://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 37916ee27317e76d66d4ae21ad1dfef2b88a5c2228159b36162b1c6aa9db19d4 Request headers Referer https://423278676.68765.repl.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Content-Length 2619 Content-Type text/html;charset=utf-8 Date Sun, 28 Aug 2022 15:24:11 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server Jetty(9.3.29.v20201019)
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/	2 KB 1 KB	140ms 140ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/?random=1661700251492&cv=9&fst=1661700251492&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2F423278676.68765.repl.co%2F&tiba=Ita%C3%BA%20Paraguay&auid=1188124771.1661700251&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 39cedcdfbd5abfae51e2e4bc57b209687c40c2606d3787ceb0dab85533658104 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1019 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 448 B	85ms 28ms	XHR text/plain	2a00:1450:400c:c1b::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-64060276-8&cid=641276124.1661700251&jid=1484299210&gjid=134638292&_gid=172383086.1661700251&_u=aGBACEAAFAAAAC~&z=1379422980 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://423278676.68765.repl.co/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sun, 28 Aug 2022 15:24:11 GMT content-type text/plain access-control-allow-origin https://423278676.68765.repl.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 297 B	102ms 30ms	Image image/gif	2a03:2880:f107:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=197011027887515&ev=PageView&dl=https%3A%2F%2F423278676.68765.repl.co%2F&rl=&if=false&ts=1661700251562&sw=1600&sh=1200&v=2.9.78&r=stable&ec=0&o=30&fbp=fb.2.1661700251560.657584471&it=1661700251401&coo=false&rqm=GET Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:11 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Sun, 28 Aug 2022 15:24:11 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	60ms 60ms	Image image/gif	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-64060276-8&cid=641276124.1661700251&jid=1484299210&_u=aGBACEAAFAAAAC~&z=1723567736 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	109ms 62ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-64060276-8&cid=641276124.1661700251&jid=1484299210&_u=aGBACEAAFAAAAC~&z=1723567736 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	cm a.rfihub.com/ Frame 56D8 Redirect Chain https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTcyNDI0NDU3MzA3Mw==&forward= https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1	42 B 1006 B	123ms 37ms	Image image/gif	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:11 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 311 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame 56D8 Redirect Chain https://ib.adnxs.com/setuid?entity=18&code=5108559724244573073 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559724244573073	43 B 1 KB	20ms 20ms	Image image/gif	37.252.172.123 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559724244573073 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Date Sun, 28 Aug 2022 15:24:11 GMT X-Proxy-Origin 217.114.218.21; 217.114.218.21; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 7f82f883-4457-4b6c-a56b-256a78c48d92 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Sun, 28 Aug 2022 15:24:11 GMT X-Proxy-Origin 217.114.218.21; 217.114.218.21; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 4cf021c1-6c54-4476-889d-18a53f7d2207 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559724244573073 Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 56D8	0 239 B	114ms 23ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5108559724244573073& Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 78e3bdce5107450057bade54d54a0a7e Content-Type image/gif
GET H/1.1	200 OK	demconf.jpg dpm.demdex.net/ Frame 56D8 Redirect Chain https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5108559724244573073&redir= https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559724244573073&redir=	42 B 942 B	54ms 46ms	Image image/gif	34.242.116.160 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559724244573073&redir= Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 34.242.116.160 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-242-116-160.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v038-0fa96cdec.edge-irl1.demdex.com 3 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID 3YswVz7mSa4= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers DCS dcs-prod-irl1-1-v038-0798724a6.edge-irl1.demdex.com 0 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID B/ikQ6J7T1M= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559724244573073&redir= Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200 OK	match ps.eyeota.net/ Frame 56D8 Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0	0 344 B	107ms 22ms	Image text/plain	52.57.150.20 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-150-20.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0 Date Sun, 28 Aug 2022 15:24:11 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	cksync.php contextual.media.net/ Frame 56D8	45 B 616 B	184ms 82ms	Image image/gif	92.123.38.97 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5108559724244573073 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a92-123-38-97.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 server Apache date Sun, 28 Aug 2022 15:24:11 GMT p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA cache-control max-age=0, no-cache, no-store content-type image/gif content-length 45 x-mnet-hl2 E expires Sun, 28 Aug 2022 15:24:11 GMT
GET H2	200	serving bs.serving-sys.com/ Frame 56D8	0 105 B	156ms 24ms	Image text/plain	3.124.40.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.124.40.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-124-40-150.eu-central-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:11 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 0 p3p CP="NOI DEVa OUR BUS UNI"
GET H3	451	501709.gif idsync.rlcdn.com/ Frame 56D8 Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559724244573073&referrer=https%3A%2F%2F423278676.68765.repl.co%2F https://p.rfihub.com/cm?pub=39342&in=0&userid=366cb372-79c7-44b4-af9e-56eff4c12672%3A1661700251.883609&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D366cb372-79c7-44b4-af9e-56eff4c1... https://idsync.rlcdn.com/501709.gif?partner_uid=366cb372-79c7-44b4-af9e-56eff4c12672%3A1661700251.883609	0 9 B	79ms 32ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/501709.gif?partner_uid=366cb372-79c7-44b4-af9e-56eff4c12672%3A1661700251.883609 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H3 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers Location https://idsync.rlcdn.com/501709.gif?partner_uid=366cb372-79c7-44b4-af9e-56eff4c12672%3A1661700251.883609 Date Sun, 28 Aug 2022 15:24:11 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	/ bpi.rtactivate.com/tag/ Frame 56D8	43 B 108 B	468ms 178ms	Image image/gif	34.204.34.148 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5108559724244573073 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.204.34.148 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-204-34-148.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 56D8 Redirect Chain https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559724244573073&forward= https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559724244573073&forward=&C=1	43 B 946 B	57ms 51ms	Image image/gif	104.18.18.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559724244573073&forward=&C=1 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H3 Server 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers cf-ray 741e0d6dd8765c2c-FRA pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wm67U2iVqn8MZzfdX1%2BTvYlZ9N5mMRo2fe7ZskyPqk%2FOk%2FXYCOz%2FbrDcuJtrJO7KkaMzvNj28P7XQ4nu6hQYvFu4jNIGPiFUud7ZfaLxcYGrSsPIt7wzfZJfiJndiSapnAyDV2jduNDJDA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" cache-control no-cache content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7glJ9s6AgQkRkkHEp7c0vFI3StMd3Yf91Ydf%2FBQG9JdtzLwepbz8K6BdnIv1OFmRMga8f2IyzpRJ06oXXty5hbvyWBXyGkGlRbT1dcG9fPAjuvQXm41KtFwoHmT9yEAa65ccrXy%2BT%2FTcA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=57&external_user_id=5108559724244573073&forward=&C=1 cache-control no-cache cf-ray 741e0d6d5e0e997b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 expires 0
GET H2	451	360947.gif idsync.rlcdn.com/ Frame 56D8	0 42 B	113ms 35ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5108559724244573073 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:11 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame 56D8	43 B 191 B	786ms 185ms	Image image/gif	23.7.201.234 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5108559724244573073 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.7.201.234 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-7-201-234.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT cache-control max-age=0, no-cache, no-store expires Sun, 28 Aug 2022 15:24:12 GMT content-length 43 strict-transport-security max-age=2628000 content-type image/gif
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame 56D8 Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5108559724244573073&img=1 https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5108559724244573073&img=1&__user_check__=1&sync_id=77f93099-26e5-11ed-bbda-132476d60306	43 B 549 B	29ms 29ms	Image image/gif	185.94.180.126 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5108559724244573073&img=1&__user_check__=1&sync_id=77f93099-26e5-11ed-bbda-132476d60306 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 136 Connection keep-alive Content-Length 43 Redirect headers Date Sun, 28 Aug 2022 15:24:12 GMT Server nginx Location /partner?adv_id=7180&uid=5108559724244573073&img=1&__user_check__=1&sync_id=77f93099-26e5-11ed-bbda-132476d60306 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 143 Connection keep-alive Content-Length 0
GET H2	200	sync partners.tremorhub.com/ Frame 56D8	43 B 183 B	472ms 105ms	Image image/gif	2600:1f18:612b:4216:c896:a534:1957:1cac AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5108559724244573073&r=637gL-M4gbPL Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4216:c896:a534:1957:1cac Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT server Apache-Coyote/1.1 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' content-type image/gif
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame 56D8	43 B 377 B	114ms 21ms	Image image/gif	52.59.153.178 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5108559724244573073 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.59.153.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-153-178.eu-central-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT server AAWebServer access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate content-type image/gif access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type content-length 43 expires 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 56D8	0 337 B	185ms 40ms	Image text/plain	63.34.135.249 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5108559724244573073 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.34.135.249 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-34-135-249.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT cache-control private, no-cache, no-store x-request-time D=29 t=1661700252 x-served-by beacon-n006-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H/1.1	200 OK	sync x.bidswitch.net/ul_cb/ Frame 56D8 Redirect Chain https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559724244573073&expires=30 https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5108559724244573073&expires=30	43 B 495 B	21ms 21ms	Image image/gif	3.122.47.104 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5108559724244573073&expires=30 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 3.122.47.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-47-104.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers Location https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5108559724244573073&expires=30 Date Sun, 28 Aug 2022 15:24:12 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0
GET H/1.1	200 OK	cm p.rfihub.com/ Frame 56D8 Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YwuInAAJxDy5ewBC https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJxDy5ewBC&_test=YwuInAAJxDy5ewBC	42 B 1 KB	30ms 28ms	Image image/gif	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJxDy5ewBC&_test=YwuInAAJxDy5ewBC Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT via 1.1 varnish server Varnish x-timer S1661700253.537626,VS0,VE0 x-served-by cache-hhn4055-HHN x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJxDy5ewBC&_test=YwuInAAJxDy5ewBC cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H3	200	/ www.google.com/pagead/1p-user-list/784459739/	42 B 64 B	42ms 35ms	Image image/gif	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/784459739/?random=1661700251492&cv=9&fst=1661698800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8o0&sendb=1&frm=0&url=https%3A%2F%2F423278676.68765.repl.co%2F&tiba=Ita%C3%BA%20Paraguay&async=1&fmt=3&is_vtc=1&random=2707163812&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-user-list/784459739/	42 B 64 B	67ms 36ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/784459739/?random=1661700251492&cv=9&fst=1661698800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8o0&sendb=1&frm=0&url=https%3A%2F%2F423278676.68765.repl.co%2F&tiba=Ita%C3%BA%20Paraguay&async=1&fmt=3&is_vtc=1&random=2707163812&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	match ps.eyeota.net/ Frame 5D3F Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0	0 344 B	117ms 21ms	Image text/plain	52.57.150.20 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-150-20.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0 Date Sun, 28 Aug 2022 15:24:11 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	serving bs.serving-sys.com/ Frame 5D3F	0 104 B	152ms 24ms	Image text/plain	3.124.40.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=924506704104082 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.124.40.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-124-40-150.eu-central-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:11 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 0 p3p CP="NOI DEVa OUR BUS UNI"
GET H/1.1	200 OK	cm p.rfihub.com/ Frame 5D3F Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YwuInAAJwsqmSABC https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC&_test=YwuInAAJwsqmSABC	42 B 1 KB	32ms 31ms	Image image/gif	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC&_test=YwuInAAJwsqmSABC Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT via 1.1 varnish server Varnish x-timer S1661700252.186882,VS0,VE0 x-served-by cache-hhn4055-HHN x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC&_test=YwuInAAJwsqmSABC cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	200 OK	cm a.rfihub.com/ Frame 5D3F Redirect Chain https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMTY2NTkwOTM4NA==&forward= https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1	42 B 1006 B	128ms 35ms	Image image/gif	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:11 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 311 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame 5D3F Redirect Chain https://ib.adnxs.com/setuid?entity=18&code=5140084921665909384 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084921665909384	43 B 1 KB	20ms 19ms	Image image/gif	37.252.172.123 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084921665909384 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Date Sun, 28 Aug 2022 15:24:11 GMT X-Proxy-Origin 217.114.218.21; 217.114.218.21; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 32d01799-e19d-431a-b4bd-aa0ec9c619ca Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Sun, 28 Aug 2022 15:24:11 GMT X-Proxy-Origin 217.114.218.21; 217.114.218.21; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid a444003b-6916-4ffd-8b27-3a3c214d3559 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084921665909384 Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 5D3F	0 239 B	109ms 25ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5140084921665909384& Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 8f052d4f888ae4e0626c5f819879cacd Content-Type image/gif
GET H/1.1	200 OK	demconf.jpg dpm.demdex.net/ Frame 5D3F Redirect Chain https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084921665909384&redir= https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084921665909384&redir=	42 B 942 B	49ms 44ms	Image image/gif	34.242.116.160 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084921665909384&redir= Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 34.242.116.160 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-242-116-160.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v038-088c0343d.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID u/j/buA8S3s= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers DCS dcs-prod-irl1-2-v038-040ebce15.edge-irl1.demdex.com 0 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID p/DDUmixSW0= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084921665909384&redir= Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	cksync.php contextual.media.net/ Frame 5D3F	45 B 616 B	186ms 91ms	Image image/gif	92.123.38.97 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5140084921665909384 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a92-123-38-97.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 server Apache date Sun, 28 Aug 2022 15:24:11 GMT p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA cache-control max-age=0, no-cache, no-store content-type image/gif content-length 45 x-mnet-hl2 E expires Sun, 28 Aug 2022 15:24:11 GMT
GET H3	451	501709.gif idsync.rlcdn.com/ Frame 5D3F Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084921665909384&referrer=https%3A%2F%2F423278676.68765.repl.co%2F https://p.rfihub.com/cm?pub=39342&in=0&userid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dab797fee-5080-432a-bcb4-5860e6b... https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377	0 9 B	79ms 31ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H3 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers Location https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377 Date Sun, 28 Aug 2022 15:24:11 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	/ bpi.rtactivate.com/tag/ Frame 5D3F	43 B 109 B	439ms 154ms	Image image/gif	34.204.34.148 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5140084921665909384 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.204.34.148 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-204-34-148.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 5D3F	43 B 906 B	94ms 67ms	Image image/gif	104.18.18.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084921665909384&forward= Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers cf-ray 741e0d6dd8785c2c-FRA pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5yeZJpSdRBxZbKtuLiMgMMkgxqPor77dpuqdw4Tu%2Bu2c1cFkFGypxLtkH%2BUjBD7tnxaas2cAyR3XVHG8zKslvzBNN2MBod8kmnhCBb0UnmYWwXrh0df9l2sGJV5kJdAMzDGWNpY6ziTUA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" cache-control no-cache content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires 0
GET H2	451	360947.gif idsync.rlcdn.com/ Frame 5D3F	0 98 B	111ms 33ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5140084921665909384 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:11 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame 5D3F	43 B 191 B	818ms 215ms	Image image/gif	23.7.201.234 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5140084921665909384 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.7.201.234 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-7-201-234.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT cache-control max-age=0, no-cache, no-store expires Sun, 28 Aug 2022 15:24:12 GMT content-length 43 strict-transport-security max-age=2628000 content-type image/gif
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame 5D3F Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084921665909384&img=1 https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084921665909384&img=1&__user_check__=1&sync_id=77f94e8d-26e5-11ed-ad91-1a7ccaea0106	43 B 549 B	30ms 30ms	Image image/gif	185.94.180.126 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084921665909384&img=1&__user_check__=1&sync_id=77f94e8d-26e5-11ed-ad91-1a7ccaea0106 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 140 Connection keep-alive Content-Length 43 Redirect headers Date Sun, 28 Aug 2022 15:24:12 GMT Server nginx Location /partner?adv_id=7180&uid=5140084921665909384&img=1&__user_check__=1&sync_id=77f94e8d-26e5-11ed-ad91-1a7ccaea0106 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 94 Connection keep-alive Content-Length 0
GET H2	200	sync partners.tremorhub.com/ Frame 5D3F	43 B 182 B	463ms 106ms	Image image/gif	2600:1f18:612b:4216:c896:a534:1957:1cac AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5140084921665909384&r=IrF5gBkOvXv5 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4216:c896:a534:1957:1cac Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT server Apache-Coyote/1.1 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' content-type image/gif
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame 5D3F	43 B 376 B	78ms 22ms	Image image/gif	52.59.153.178 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5140084921665909384 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.59.153.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-153-178.eu-central-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:11 GMT server AAWebServer access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate content-type image/gif access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type content-length 43 expires 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 5D3F	0 336 B	141ms 41ms	Image text/plain	63.34.135.249 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5140084921665909384 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.34.135.249 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-34-135-249.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT cache-control private, no-cache, no-store x-request-time D=23 t=1661700252 x-served-by beacon-n021-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H/1.1	200 OK	sync x.bidswitch.net/ul_cb/ Frame 5D3F Redirect Chain https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084921665909384&expires=30 https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084921665909384&expires=30	43 B 495 B	26ms 26ms	Image image/gif	3.122.47.104 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084921665909384&expires=30 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 3.122.47.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-47-104.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers Location https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084921665909384&expires=30 Date Sun, 28 Aug 2022 15:24:12 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	27ms 27ms	XHR text/plain	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=968059947&t=pageview&_s=1&dl=https%3A%2F%2F423278676.68765.repl.co%2F&ul=en-us&de=UTF-8&dt=Ita%C3%BA%20Paraguay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABFAAAAC~&jid=304779525&gjid=1702801537&cid=641276124.1661700251&tid=UA-64060276-2&_gid=172383086.1661700251&_r=1&_slc=1&z=177820623 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://423278676.68765.repl.co/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://423278676.68765.repl.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	ca.html Show response 20818439p.rfihub.com/ Frame E1A8	3 KB 3 KB	39ms 39ms	Document text/html	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=06182136674793792 Requested by Host: c1.rfihub.net URL: https://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 90dda800f9c6b5ae00a19a78cd6f0850783332e5bd37d7c4c7405bebbe18c55f Request headers Referer https://423278676.68765.repl.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Content-Length 2619 Content-Type text/html;charset=utf-8 Date Sun, 28 Aug 2022 15:24:12 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server Jetty(9.3.29.v20201019)
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame 56C4	7 KB 1 KB	33ms 32ms	Document text/html	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=es-419&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6LcSsgkTAAAAAHZ612UY0nWvqzAiTPG_6ZfzwVdD&cb=4rikklvie2jv Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash f3a9dfabf91a389f7d4921ce4d8de750996ae192ef72e288d59bb6ee99da9f31 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-WlqLAVF2sXPRgNa1qexlZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://423278676.68765.repl.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 1122 content-security-policy script-src 'report-sample' 'nonce-WlqLAVF2sXPRgNa1qexlZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 28 Aug 2022 15:24:12 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H/1.1	200 OK	ca.html Show response 20818439p.rfihub.com/ Frame FC41	3 KB 3 KB	34ms 34ms	Document text/html	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=6132101727448505 Requested by Host: c1.rfihub.net URL: https://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash f01e887704c41ea8d08bd53882387c861bfdfcfb7f3ddf324d83fb4468a5569f Request headers Referer https://423278676.68765.repl.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Content-Length 2619 Content-Type text/html;charset=utf-8 Date Sun, 28 Aug 2022 15:24:12 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server Jetty(9.3.29.v20201019)
GET H/1.1	200 OK	ca.html Show response 20818439p.rfihub.com/ Frame D4C5	3 KB 3 KB	78ms 45ms	Document text/html	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=17955335922247517 Requested by Host: c1.rfihub.net URL: https://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash d466fc7d38c1809b815851dff85d7d63ceec53b4f13fab245a6e3facb70b32a6 Request headers Referer https://423278676.68765.repl.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Content-Length 2619 Content-Type text/html;charset=utf-8 Date Sun, 28 Aug 2022 15:24:12 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server Jetty(9.3.29.v20201019)
GET H/1.1	200 OK	ca.html Show response 20818439p.rfihub.com/ Frame A492	3 KB 3 KB	71ms 38ms	Document text/html	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=42522929508397866 Requested by Host: c1.rfihub.net URL: https://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 9512d8d4e67f0e7cac3aac1eb8ecbbfa5648ffab34b1d17627d62fdd4291f887 Request headers Referer https://423278676.68765.repl.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Content-Length 2619 Content-Type text/html;charset=utf-8 Date Sun, 28 Aug 2022 15:24:12 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server Jetty(9.3.29.v20201019)
GET H/1.1	200 OK	ca.html Show response 20818439p.rfihub.com/ Frame B38E	3 KB 3 KB	109ms 39ms	Document text/html	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=2634493123581214 Requested by Host: c1.rfihub.net URL: https://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash c824a2c4126c764590f5ad9564af5e7437d5424ad047f653e978ba5f144aa71a Request headers Referer https://423278676.68765.repl.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Content-Length 2619 Content-Type text/html;charset=utf-8 Date Sun, 28 Aug 2022 15:24:12 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server Jetty(9.3.29.v20201019)
POST H3	200	collect Show response stats.g.doubleclick.net/j/	4 B 25 B	84ms 29ms	XHR text/plain	2a00:1450:400c:c1b::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-64060276-2&cid=641276124.1661700251&jid=304779525&gjid=1702801537&_gid=172383086.1661700251&_u=aGDACEABFAAAAC~&z=872774278 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://423278676.68765.repl.co/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sun, 28 Aug 2022 15:24:12 GMT content-type text/plain access-control-allow-origin https://423278676.68765.repl.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	404	styles__ltr.css www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame 56C4	0 0	484ms 442ms	Stylesheet text/html	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=es-419&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6LcSsgkTAAAAAHZ612UY0nWvqzAiTPG_6ZfzwVdD&cb=4rikklvie2jv Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET H3	404	recaptcha__es_419.js www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame 56C4	0 0	174ms 132ms	Script text/html	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__es_419.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=es-419&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6LcSsgkTAAAAAHZ612UY0nWvqzAiTPG_6ZfzwVdD&cb=4rikklvie2jv Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET H/1.1	200 OK	cm a.rfihub.com/ Frame FC41 Redirect Chain https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMTY2NTkwOTM4NA==&forward= https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1	42 B 1 KB	36ms 31ms	Image image/gif	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 311 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame FC41	43 B 1008 B	22ms 20ms	Image image/gif	37.252.172.123 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=18&code=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=6132101727448505 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Date Sun, 28 Aug 2022 15:24:12 GMT X-Proxy-Origin 217.114.218.21; 217.114.218.21; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid a3ece6bb-c03c-47b1-be02-0cdc452b9f05 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	ibs:dpid=1121&dpuuid=5140084921665909384&redir= dpm.demdex.net/ Frame FC41	42 B 942 B	47ms 45ms	Image image/gif	34.242.116.160 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084921665909384&redir= Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=6132101727448505 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.242.116.160 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-242-116-160.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v038-0b87c8cf8.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID yUZpasIcQzc= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	cksync.php contextual.media.net/ Frame FC41	45 B 453 B	80ms 71ms	Image image/gif	92.123.38.97 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=6132101727448505 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a92-123-38-97.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 server Apache date Sun, 28 Aug 2022 15:24:12 GMT p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA cache-control max-age=0, no-cache, no-store content-type image/gif content-length 45 x-mnet-hl2 E expires Sun, 28 Aug 2022 15:24:12 GMT
GET H2	200	/ bpi.rtactivate.com/tag/ Frame FC41	43 B 108 B	159ms 151ms	Image image/gif	34.204.34.148 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=6132101727448505 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.204.34.148 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-204-34-148.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H3	200	rum dsum-sec.casalemedia.com/ Frame FC41	43 B 909 B	52ms 47ms	Image image/gif	104.18.18.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084921665909384&forward= Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=6132101727448505 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers cf-ray 741e0d71bf5a5c2c-FRA pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQPmt0NGcFM7D4U1AVqfwqAQ1Uy6EAKZ4OmPTxYui99v5DhZpWP49dpKmD1DQKXRSuY4YRkr8xPn5tZmjPg%2BRWq2qbEDxQUyfldA8CxzUkhu8oGnO%2F7eXXXBxX%2BsmsHGMZAmi33cWJu1EA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" cache-control no-cache content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires 0
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame FC41	43 B 191 B	193ms 185ms	Image image/gif	23.7.201.234 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=6132101727448505 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.7.201.234 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-7-201-234.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT cache-control max-age=0, no-cache, no-store expires Sun, 28 Aug 2022 15:24:12 GMT content-length 43 strict-transport-security max-age=2628000 content-type image/gif
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame FC41	43 B 548 B	35ms 29ms	Image image/gif	185.94.180.126 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084921665909384&img=1 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=6132101727448505 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 21 Connection keep-alive Content-Length 43
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame FC41	43 B 376 B	28ms 20ms	Image image/gif	52.59.153.178 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=6132101727448505 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.59.153.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-153-178.eu-central-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT server AAWebServer access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate content-type image/gif access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type content-length 43 expires 0
GET H/1.1	200 OK	sync x.bidswitch.net/ Frame FC41	43 B 220 B	29ms 23ms	Image image/gif	3.122.47.104 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084921665909384&expires=30 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=6132101727448505 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.122.47.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-47-104.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	cm p.rfihub.com/ Frame FC41 Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC	42 B 1 KB	43ms 30ms	Image image/gif	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT via 1.1 varnish server Varnish x-timer S1661700252.439139,VS0,VE0 x-served-by cache-hhn4055-HHN x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame FC41	0 239 B	29ms 24ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5140084921665909384& Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 8f052d4f888ae4e0626c5f819879cacd Content-Type image/gif
GET H/1.1	200 OK	match ps.eyeota.net/ Frame FC41 Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0	0 344 B	26ms 20ms	Image text/plain	52.57.150.20 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-150-20.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0 Date Sun, 28 Aug 2022 15:24:12 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	serving bs.serving-sys.com/ Frame FC41	0 104 B	32ms 25ms	Image text/plain	3.124.40.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.124.40.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-124-40-150.eu-central-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 0 p3p CP="NOI DEVa OUR BUS UNI"
GET H3	451	501709.gif idsync.rlcdn.com/ Frame FC41 Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084921665909384&referrer=https%3A%2F%2F423278676.68765.repl.co%2F https://p.rfihub.com/cm?pub=39342&in=0&userid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dab797fee-5080-432a-bcb4-5860e6b... https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377	0 9 B	35ms 34ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H3 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers Location https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377 Date Sun, 28 Aug 2022 15:24:12 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H3	451	360947.gif idsync.rlcdn.com/ Frame FC41	0 9 B	43ms 38ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5140084921665909384 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	sync partners.tremorhub.com/ Frame FC41	43 B 182 B	111ms 105ms	Image image/gif	2600:1f18:612b:4216:c896:a534:1957:1cac AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5140084921665909384&r=4HQzJMVDQxuL Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4216:c896:a534:1957:1cac Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT server Apache-Coyote/1.1 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' content-type image/gif
GET H2	204	usermatch.gif beacon.krxd.net/ Frame FC41	0 336 B	47ms 40ms	Image text/plain	63.34.135.249 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5140084921665909384 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.34.135.249 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-34-135-249.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT cache-control private, no-cache, no-store x-request-time D=27 t=1661700252 x-served-by beacon-n003-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H/1.1	200 OK	cm a.rfihub.com/ Frame E1A8 Redirect Chain https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMTY2NTkwOTM4NA==&forward= https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1	42 B 1 KB	71ms 35ms	Image image/gif	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 311 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame E1A8	43 B 1008 B	34ms 29ms	Image image/gif	37.252.172.123 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=18&code=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=06182136674793792 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Date Sun, 28 Aug 2022 15:24:12 GMT X-Proxy-Origin 217.114.218.21; 217.114.218.21; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid e4df6c31-fa9b-4b6b-b81d-7c65efa8509a Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame E1A8	0 239 B	27ms 22ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5140084921665909384& Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=06182136674793792 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 78e3bdce5107450057bade54d54a0a7e Content-Type image/gif
GET H/1.1	200 OK	ibs:dpid=1121&dpuuid=5140084921665909384&redir= dpm.demdex.net/ Frame E1A8	42 B 942 B	48ms 44ms	Image image/gif	34.242.116.160 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084921665909384&redir= Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=06182136674793792 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.242.116.160 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-242-116-160.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v038-043538ae8.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID CmqMvtUpTzU= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200 OK	match ps.eyeota.net/ Frame E1A8 Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0	0 344 B	30ms 24ms	Image text/plain	52.57.150.20 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-150-20.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0 Date Sun, 28 Aug 2022 15:24:12 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	cksync.php contextual.media.net/ Frame E1A8	45 B 453 B	81ms 76ms	Image image/gif	92.123.38.97 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=06182136674793792 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a92-123-38-97.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 server Apache date Sun, 28 Aug 2022 15:24:12 GMT p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA cache-control max-age=0, no-cache, no-store content-type image/gif content-length 45 x-mnet-hl2 E expires Sun, 28 Aug 2022 15:24:12 GMT
GET H2	200	serving bs.serving-sys.com/ Frame E1A8	0 104 B	30ms 25ms	Image text/plain	3.124.40.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=06182136674793792 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.124.40.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-124-40-150.eu-central-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 0 p3p CP="NOI DEVa OUR BUS UNI"
GET H3	451	501709.gif idsync.rlcdn.com/ Frame E1A8 Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084921665909384&referrer=https%3A%2F%2F423278676.68765.repl.co%2F https://p.rfihub.com/cm?pub=39342&in=0&userid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dab797fee-5080-432a-bcb4-5860e6b... https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377	0 9 B	34ms 33ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H3 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers Location https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377 Date Sun, 28 Aug 2022 15:24:12 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	/ bpi.rtactivate.com/tag/ Frame E1A8	43 B 108 B	160ms 156ms	Image image/gif	34.204.34.148 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=06182136674793792 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.204.34.148 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-204-34-148.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H3	200	rum dsum-sec.casalemedia.com/ Frame E1A8	43 B 904 B	46ms 43ms	Image image/gif	104.18.18.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084921665909384&forward= Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=06182136674793792 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers cf-ray 741e0d71bf5e5c2c-FRA pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8M60qn2rcpMXvx28Xthg4uXtRwTaDJKuTUb4eNlktwfJt0mzTV6sD4Az8rthg5ba580Rfzq9K3Z0TfDP4E%2BG2e33CGrmQ3wfmNMufiHZCYaVbdBoZBaAB5bP0YLWEuJMmkYeKxJqkMcRA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" cache-control no-cache content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires 0
GET H3	451	360947.gif idsync.rlcdn.com/ Frame E1A8	0 9 B	41ms 37ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=06182136674793792 Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame E1A8	43 B 191 B	191ms 187ms	Image image/gif	23.7.201.234 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=06182136674793792 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.7.201.234 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-7-201-234.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT cache-control max-age=0, no-cache, no-store expires Sun, 28 Aug 2022 15:24:12 GMT content-length 43 strict-transport-security max-age=2628000 content-type image/gif
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame E1A8	43 B 548 B	33ms 29ms	Image image/gif	185.94.180.126 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084921665909384&img=1 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=06182136674793792 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 16 Connection keep-alive Content-Length 43
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame E1A8	43 B 376 B	26ms 23ms	Image image/gif	52.59.153.178 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=06182136674793792 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.59.153.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-153-178.eu-central-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT server AAWebServer access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate content-type image/gif access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type content-length 43 expires 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame E1A8	0 336 B	44ms 41ms	Image text/plain	63.34.135.249 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=06182136674793792 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.34.135.249 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-34-135-249.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT cache-control private, no-cache, no-store x-request-time D=22 t=1661700252 x-served-by beacon-n015-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H/1.1	200 OK	sync x.bidswitch.net/ Frame E1A8	43 B 220 B	27ms 24ms	Image image/gif	3.122.47.104 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084921665909384&expires=30 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=06182136674793792 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.122.47.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-47-104.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	cm p.rfihub.com/ Frame E1A8 Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC	42 B 1 KB	46ms 31ms	Image image/gif	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT via 1.1 varnish server Varnish x-timer S1661700252.440166,VS0,VE0 x-served-by cache-hhn4055-HHN x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	sync partners.tremorhub.com/ Frame E1A8	43 B 182 B	108ms 105ms	Image image/gif	2600:1f18:612b:4216:c896:a534:1957:1cac AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5140084921665909384&r=7pdls-MbrdP4 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4216:c896:a534:1957:1cac Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT server Apache-Coyote/1.1 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' content-type image/gif
GET H/1.1	200 OK	cm a.rfihub.com/ Frame A492 Redirect Chain https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMTY2NTkwOTM4NA==&forward= https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1	42 B 1 KB	36ms 32ms	Image image/gif	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 311 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame A492	43 B 1008 B	40ms 29ms	Image image/gif	37.252.172.123 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=18&code=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=42522929508397866 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Date Sun, 28 Aug 2022 15:24:12 GMT X-Proxy-Origin 217.114.218.21; 217.114.218.21; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 8873a46b-9382-4cdb-ba96-eaec55687e0e Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	ibs:dpid=1121&dpuuid=5140084921665909384&redir= dpm.demdex.net/ Frame A492	42 B 942 B	61ms 45ms	Image image/gif	34.242.116.160 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084921665909384&redir= Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=42522929508397866 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.242.116.160 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-242-116-160.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v038-0fb401301.edge-irl1.demdex.com 3 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID XkWVAbOzQYY= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200 OK	match ps.eyeota.net/ Frame A492 Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0	0 344 B	20ms 20ms	Image text/plain	52.57.150.20 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-150-20.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0 Date Sun, 28 Aug 2022 15:24:12 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	cksync.php contextual.media.net/ Frame A492	45 B 453 B	126ms 112ms	Image image/gif	92.123.38.97 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=42522929508397866 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a92-123-38-97.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 server Apache date Sun, 28 Aug 2022 15:24:12 GMT p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA cache-control max-age=0, no-cache, no-store content-type image/gif content-length 45 x-mnet-hl2 E expires Sun, 28 Aug 2022 15:24:12 GMT
GET H2	200	serving bs.serving-sys.com/ Frame A492	0 104 B	37ms 24ms	Image text/plain	3.124.40.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=42522929508397866 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.124.40.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-124-40-150.eu-central-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 0 p3p CP="NOI DEVa OUR BUS UNI"
GET H3	451	501709.gif idsync.rlcdn.com/ Frame A492 Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084921665909384&referrer=https%3A%2F%2F423278676.68765.repl.co%2F https://p.rfihub.com/cm?pub=39342&in=0&userid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dab797fee-5080-432a-bcb4-5860e6b... https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377	0 9 B	33ms 33ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H3 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers Location https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377 Date Sun, 28 Aug 2022 15:24:12 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	/ bpi.rtactivate.com/tag/ Frame A492	43 B 108 B	163ms 150ms	Image image/gif	34.204.34.148 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=42522929508397866 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.204.34.148 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-204-34-148.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H3	200	rum dsum-sec.casalemedia.com/ Frame A492	43 B 909 B	52ms 43ms	Image image/gif	104.18.18.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084921665909384&forward= Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=42522929508397866 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers cf-ray 741e0d71ffb35c2c-FRA pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Nbhevq8ztjYZjeaNv68v%2BGQmA33gF2XDwUGxZZMigzVYFRKeoIfccIpdGZnuZxuwhCJqb1NdjItBsOAgbh6%2BycRalhZt3V%2BaUlkZvTJKBqjyK2kd1ISlDNIq18BhykJ9amL6i3PESjUqg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" cache-control no-cache content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires 0
GET H3	451	360947.gif idsync.rlcdn.com/ Frame A492	0 9 B	44ms 36ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=42522929508397866 Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame A492	43 B 191 B	195ms 182ms	Image image/gif	23.7.201.234 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=42522929508397866 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.7.201.234 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-7-201-234.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT cache-control max-age=0, no-cache, no-store expires Sun, 28 Aug 2022 15:24:12 GMT content-length 43 strict-transport-security max-age=2628000 content-type image/gif
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame A492	43 B 549 B	38ms 30ms	Image image/gif	185.94.180.126 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084921665909384&img=1 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=42522929508397866 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 138 Connection keep-alive Content-Length 43
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame A492	43 B 376 B	33ms 21ms	Image image/gif	52.59.153.178 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=42522929508397866 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.59.153.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-153-178.eu-central-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT server AAWebServer access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate content-type image/gif access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type content-length 43 expires 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame A492	0 336 B	51ms 39ms	Image text/plain	63.34.135.249 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=42522929508397866 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.34.135.249 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-34-135-249.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT cache-control private, no-cache, no-store x-request-time D=24 t=1661700252 x-served-by beacon-n019-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H/1.1	200 OK	sync x.bidswitch.net/ Frame A492	43 B 220 B	28ms 20ms	Image image/gif	3.122.47.104 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084921665909384&expires=30 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=42522929508397866 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.122.47.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-47-104.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	cm p.rfihub.com/ Frame A492 Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC	42 B 1 KB	73ms 30ms	Image image/gif	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT via 1.1 varnish server Varnish x-timer S1661700252.482268,VS0,VE0 x-served-by cache-hhn4055-HHN x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame A492	0 239 B	32ms 24ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5140084921665909384& Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 8f052d4f888ae4e0626c5f819879cacd Content-Type image/gif
GET H2	200	sync partners.tremorhub.com/ Frame A492	43 B 182 B	116ms 105ms	Image image/gif	2600:1f18:612b:4216:c896:a534:1957:1cac AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5140084921665909384&r=I8glQffmvD1E Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4216:c896:a534:1957:1cac Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT server Apache-Coyote/1.1 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' content-type image/gif
GET H/1.1	200 OK	cm a.rfihub.com/ Frame D4C5 Redirect Chain https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMTY2NTkwOTM4NA==&forward= https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1	42 B 1 KB	64ms 29ms	Image image/gif	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 311 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame D4C5	43 B 1008 B	27ms 20ms	Image image/gif	37.252.172.123 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=18&code=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=17955335922247517 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Date Sun, 28 Aug 2022 15:24:12 GMT X-Proxy-Origin 217.114.218.21; 217.114.218.21; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 55b4da95-ae0e-4a22-b93a-28da925a40aa Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame D4C5	0 239 B	30ms 23ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5140084921665909384& Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=17955335922247517 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 78e3bdce5107450057bade54d54a0a7e Content-Type image/gif
GET H/1.1	200 OK	ibs:dpid=1121&dpuuid=5140084921665909384&redir= dpm.demdex.net/ Frame D4C5	42 B 942 B	54ms 42ms	Image image/gif	34.242.116.160 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084921665909384&redir= Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=17955335922247517 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.242.116.160 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-242-116-160.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v038-043538ae8.edge-irl1.demdex.com 1 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID lu8EqqjvTqk= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200 OK	match ps.eyeota.net/ Frame D4C5 Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0	0 344 B	23ms 23ms	Image text/plain	52.57.150.20 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-150-20.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0 Date Sun, 28 Aug 2022 15:24:12 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	cksync.php contextual.media.net/ Frame D4C5	45 B 453 B	128ms 118ms	Image image/gif	92.123.38.97 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=17955335922247517 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a92-123-38-97.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 server Apache date Sun, 28 Aug 2022 15:24:12 GMT p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA cache-control max-age=0, no-cache, no-store content-type image/gif content-length 45 x-mnet-hl2 E expires Sun, 28 Aug 2022 15:24:12 GMT
GET H2	200	serving bs.serving-sys.com/ Frame D4C5	0 104 B	34ms 24ms	Image text/plain	3.124.40.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=17955335922247517 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.124.40.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-124-40-150.eu-central-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 0 p3p CP="NOI DEVa OUR BUS UNI"
GET H3	451	501709.gif idsync.rlcdn.com/ Frame D4C5 Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084921665909384&referrer=https%3A%2F%2F423278676.68765.repl.co%2F https://p.rfihub.com/cm?pub=39342&in=0&userid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dab797fee-5080-432a-bcb4-5860e6b... https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377	0 9 B	33ms 31ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H3 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers Location https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377 Date Sun, 28 Aug 2022 15:24:12 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	/ bpi.rtactivate.com/tag/ Frame D4C5	43 B 108 B	156ms 146ms	Image image/gif	34.204.34.148 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=17955335922247517 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.204.34.148 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-204-34-148.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H3	200	rum dsum-sec.casalemedia.com/ Frame D4C5	43 B 912 B	45ms 39ms	Image image/gif	104.18.18.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084921665909384&forward= Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=17955335922247517 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers cf-ray 741e0d71ffba5c2c-FRA pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTYpsy3D1daSriresN1C9ijLBAlo2mQxUcnw0MKQkVcd%2BC07mZ0vY5RyDBS2bs%2FtJcOtqKyJVi%2BHS%2FVqfLCzr8POWPEZZwkLeOXjLdl3fwYCsiRs72dHXkAnlRq%2F%2BteW8fm0GmgXw7LDQQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" cache-control no-cache content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires 0
GET H3	451	360947.gif idsync.rlcdn.com/ Frame D4C5	0 9 B	42ms 36ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=17955335922247517 Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame D4C5	43 B 191 B	193ms 184ms	Image image/gif	23.7.201.234 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=17955335922247517 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.7.201.234 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-7-201-234.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT cache-control max-age=0, no-cache, no-store expires Sun, 28 Aug 2022 15:24:12 GMT content-length 43 strict-transport-security max-age=2628000 content-type image/gif
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame D4C5	43 B 548 B	36ms 30ms	Image image/gif	185.94.180.126 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084921665909384&img=1 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=17955335922247517 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 46 Connection keep-alive Content-Length 43
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame D4C5	43 B 376 B	31ms 22ms	Image image/gif	52.59.153.178 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=17955335922247517 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.59.153.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-153-178.eu-central-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT server AAWebServer access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate content-type image/gif access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type content-length 43 expires 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame D4C5	0 336 B	49ms 40ms	Image text/plain	63.34.135.249 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=17955335922247517 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.34.135.249 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-34-135-249.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT cache-control private, no-cache, no-store x-request-time D=21 t=1661700252 x-served-by beacon-n010-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H/1.1	200 OK	sync x.bidswitch.net/ Frame D4C5	43 B 220 B	30ms 23ms	Image image/gif	3.122.47.104 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084921665909384&expires=30 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=17955335922247517 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.122.47.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-47-104.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	cm p.rfihub.com/ Frame D4C5 Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC	42 B 1 KB	74ms 31ms	Image image/gif	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT via 1.1 varnish server Varnish x-timer S1661700252.482230,VS0,VE0 x-served-by cache-hhn4055-HHN x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	sync partners.tremorhub.com/ Frame D4C5	43 B 182 B	112ms 104ms	Image image/gif	2600:1f18:612b:4216:c896:a534:1957:1cac AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5140084921665909384&r=iS7cN3huskCg Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4216:c896:a534:1957:1cac Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT server Apache-Coyote/1.1 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' content-type image/gif
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	58ms 58ms	Image image/gif	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-64060276-2&cid=641276124.1661700251&jid=304779525&_u=aGDACEABFAAAAC~&z=687120627 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	61ms 61ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-64060276-2&cid=641276124.1661700251&jid=304779525&_u=aGDACEABFAAAAC~&z=687120627 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	cm a.rfihub.com/ Frame B38E Redirect Chain https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMTY2NTkwOTM4NA==&forward= https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1	42 B 1 KB	54ms 29ms	Image image/gif	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKcq9Y2ArVwsUR9fQ_IgWBU&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 311 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame B38E	43 B 1008 B	32ms 20ms	Image image/gif	37.252.172.123 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=18&code=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=2634493123581214 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Date Sun, 28 Aug 2022 15:24:12 GMT X-Proxy-Origin 217.114.218.21; 217.114.218.21; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 6968e6c4-b8e0-40d5-89e3-df2aaf947660 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame B38E	0 239 B	36ms 23ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5140084921665909384& Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=2634493123581214 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 8f052d4f888ae4e0626c5f819879cacd Content-Type image/gif
GET H/1.1	200 OK	ibs:dpid=1121&dpuuid=5140084921665909384&redir= dpm.demdex.net/ Frame B38E	42 B 942 B	67ms 43ms	Image image/gif	34.242.116.160 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084921665909384&redir= Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=2634493123581214 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.242.116.160 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-242-116-160.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v038-052908483.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID JO5jfqUCRX0= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200 OK	match ps.eyeota.net/ Frame B38E Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0	0 344 B	23ms 22ms	Image text/plain	52.57.150.20 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-150-20.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5140084921665909384&bid=omt9pi0 Date Sun, 28 Aug 2022 15:24:12 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	cksync.php contextual.media.net/ Frame B38E	45 B 453 B	82ms 67ms	Image image/gif	92.123.38.97 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=2634493123581214 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a92-123-38-97.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 server Apache date Sun, 28 Aug 2022 15:24:12 GMT p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA cache-control max-age=0, no-cache, no-store content-type image/gif content-length 45 x-mnet-hl2 E expires Sun, 28 Aug 2022 15:24:12 GMT
GET H2	200	serving bs.serving-sys.com/ Frame B38E	0 104 B	36ms 23ms	Image text/plain	3.124.40.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=2634493123581214 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.124.40.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-124-40-150.eu-central-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 0 p3p CP="NOI DEVa OUR BUS UNI"
GET H3	451	501709.gif idsync.rlcdn.com/ Frame B38E Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084921665909384&referrer=https%3A%2F%2F423278676.68765.repl.co%2F https://p.rfihub.com/cm?pub=39342&in=0&userid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dab797fee-5080-432a-bcb4-5860e6b... https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377	0 9 B	31ms 31ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377 Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H3 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers Location https://idsync.rlcdn.com/501709.gif?partner_uid=ab797fee-5080-432a-bcb4-5860e6b8c528%3A1661700251.8833377 Date Sun, 28 Aug 2022 15:24:12 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	/ bpi.rtactivate.com/tag/ Frame B38E	43 B 108 B	139ms 127ms	Image image/gif	34.204.34.148 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=2634493123581214 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.204.34.148 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-204-34-148.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H3	200	rum dsum-sec.casalemedia.com/ Frame B38E	43 B 905 B	59ms 50ms	Image image/gif	104.18.18.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084921665909384&forward= Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=2634493123581214 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers cf-ray 741e0d7238245c2c-FRA pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbKcnA%2FGOuuZ0wjDTJg0%2FBTa1EMgF%2BmuANdnYPJPnoqUAE2E9IQEUSVFf2N6yFm7dBCaTolgg7GicBbkCR7RTEhikKGABUQaAri6dHgrKDcucHtf5sipu5VBklm80ixoY2dJPH13n2aspw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" cache-control no-cache content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires 0
GET H3	451	360947.gif idsync.rlcdn.com/ Frame B38E	0 9 B	40ms 31ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=2634493123581214 Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame B38E	43 B 191 B	195ms 184ms	Image image/gif	23.7.201.234 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=2634493123581214 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.7.201.234 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-7-201-234.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT cache-control max-age=0, no-cache, no-store expires Sun, 28 Aug 2022 15:24:12 GMT content-length 43 strict-transport-security max-age=2628000 content-type image/gif
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame B38E	43 B 549 B	39ms 28ms	Image image/gif	185.94.180.126 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084921665909384&img=1 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=2634493123581214 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 128 Connection keep-alive Content-Length 43
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame B38E	43 B 376 B	32ms 21ms	Image image/gif	52.59.153.178 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=2634493123581214 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.59.153.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-153-178.eu-central-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT server AAWebServer access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate content-type image/gif access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type content-length 43 expires 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame B38E	0 336 B	50ms 39ms	Image text/plain	63.34.135.249 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5140084921665909384 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=2634493123581214 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.34.135.249 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-34-135-249.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT cache-control private, no-cache, no-store x-request-time D=15 t=1661700252 x-served-by beacon-n022-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H/1.1	200 OK	sync x.bidswitch.net/ Frame B38E	43 B 220 B	31ms 22ms	Image image/gif	3.122.47.104 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084921665909384&expires=30 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=https%3A%2F%2F423278676.68765.repl.co%2F&pf=&ra=2634493123581214 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.122.47.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-47-104.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	cm p.rfihub.com/ Frame B38E Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC	42 B 1 KB	51ms 35ms	Image image/gif	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol HTTP/1.1 Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sun, 28 Aug 2022 15:24:12 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Sun, 28 Aug 2022 15:24:12 GMT via 1.1 varnish server Varnish x-timer S1661700253.517569,VS0,VE0 x-served-by cache-hhn4055-HHN x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=YwuInAAJwsqmSABC cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	sync partners.tremorhub.com/ Frame B38E	43 B 182 B	115ms 105ms	Image image/gif	2600:1f18:612b:4216:c896:a534:1957:1cac AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5140084921665909384&r=h3aE1t88Te1C Requested by Host: 423278676.68765.repl.co URL: https://423278676.68765.repl.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4216:c896:a534:1957:1cac Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:12 GMT server Apache-Coyote/1.1 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' content-type image/gif
GET H3	200	/ www.facebook.com/tr/	44 B 91 B	66ms 32ms	Image image/gif	2a03:2880:f107:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=197011027887515&ev=Microdata&dl=https%3A%2F%2F423278676.68765.repl.co%2F&rl=&if=false&ts=1661700253064&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Ita%C3%BA%20Paraguay%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.78&r=stable&ec=1&o=30&fbp=fb.2.1661700251560.657584471&it=1661700251401&coo=false&es=automatic&tm=3&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://423278676.68765.repl.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 15:24:13 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Sun, 28 Aug 2022 15:24:13 GMT