adrofx.club Open in urlscan Pro
2606:4700:3035::ac43:a50a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://adrofx.club/registration/live
Submission: On January 08 via api (January 8th 2024, 11:51:46 pm UTC) from US — Scanned from DE

Summary HTTP 90 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 43 IPs in 7 countries across 41 domains to perform 90 HTTP transactions. The main IP is 2606:4700:3035::ac43:a50a, located in United States and belongs to CLOUDFLARENET, US. The main domain is adrofx.club.
TLS certificate: Issued by E1 on December 7th 2023. Valid for: 3 months.

This is the only time adrofx.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:303... 2606:4700:3035::ac43:a50a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
6	2606:4700:303... 2606:4700:3037::ac43:a9e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	37.48.87.182 37.48.87.182	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	2606:4700:1::... 2606:4700:1::6813:844c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	3.124.81.102 3.124.81.102	16509 (AMAZON-02) (AMAZON-02)
2 3	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	217.182.178.233 217.182.178.233	16276 (OVH) (OVH)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	23.50.131.73 23.50.131.73	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1	52.30.133.211 52.30.133.211	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.75.216.46 54.75.216.46	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	54.220.80.246 54.220.80.246	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.28.181.15 52.28.181.15	16509 (AMAZON-02) (AMAZON-02)
1	34.193.251.250 34.193.251.250	14618 (AMAZON-AES) (AMAZON-AES)
1	64.202.112.191 64.202.112.191	23352 (SERVERCEN...) (SERVERCENTRAL)
1	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.121.221.105 3.121.221.105	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4200:73f8:6020:4d7:1d33	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	184.30.17.243 184.30.17.243	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.17.148.138 52.17.148.138	16509 (AMAZON-02) (AMAZON-02)
1	52.214.3.70 52.214.3.70	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
90	43

23 2606:4700:3035::ac43:a50a (United States)

ASN13335 (CLOUDFLARENET, US)

adrofx.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3037::ac43:a9e6 (United States)

ASN13335 (CLOUDFLARENET, US)

livechat.adrofx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.48.87.182 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

trade.spy-fx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:844c (United States)

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.81.102 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-81-102.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.180 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.178.233 (France)

ASN16276 (OVH, FR)
PTR: ip233.ip-217-182-178.eu

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.50.131.73 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-73.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.133.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-133-211.eu-west-1.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.75.216.46 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-216-46.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.80.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-80-246.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.181.15 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-181-15.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.251.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-251-250.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.191 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.221.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-221-105.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:73f8:6020:4d7:1d33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.17.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-243.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.148.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-148-138.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.3.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-3-70.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.nl3.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	adrofx.club adrofx.club	497 KB
9	criteo.com 3 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4009 gum.criteo.com — Cisco Umbrella Rank: 597 mug.criteo.com — Cisco Umbrella Rank: 1867 sslwidget.criteo.com — Cisco Umbrella Rank: 2480 dis.criteo.com — Cisco Umbrella Rank: 943	36 KB
6	adrofx.com livechat.adrofx.com	64 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1695 www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	158 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	303 KB
4	google.com www.google.com — Cisco Umbrella Rank: 6	34 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	3 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	234 B
3	gstatic.com www.gstatic.com	430 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 313	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 2571	1 KB
2	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 505	140 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 338	1 KB
2	mgid.com a.mgid.com — Cisco Umbrella Rank: 11503	5 KB
1	criteo.net csm.nl3.eu.criteo.net — Cisco Umbrella Rank: 5441	203 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 1173	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3522	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4236	235 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 28126	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3791	399 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 797	35 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 1499	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 1287	145 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1607	423 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1753	878 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 9290	265 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 995	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 658	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1124	385 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1664	163 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 1385	319 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 731	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 3178	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 2152	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1004	163 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 620	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 1093	813 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 590	146 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	59 KB
1	spy-fx.com trade.spy-fx.com
90	41

	Domain	Requested by
23	adrofx.club	adrofx.club
6	livechat.adrofx.com	adrofx.club livechat.adrofx.com
4	connect.facebook.net	adrofx.club connect.facebook.net
4	gum.criteo.com	3 redirects dynamic.criteo.com
4	www.googletagmanager.com	adrofx.club www.googletagmanager.com
4	www.google.com	adrofx.club www.gstatic.com www.google.com
3	ib.adnxs.com	2 redirects
3	www.facebook.com	adrofx.club
3	www.gstatic.com	www.google.com
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com
2	dis.criteo.com
2	cm.g.doubleclick.net	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	a.mgid.com	www.googletagmanager.com adrofx.club
1	csm.nl3.eu.criteo.net
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	match.sharethrough.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	hb.yahoo.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	x.bidswitch.net
1	cdn.jsdelivr.net	adrofx.club
1	sslwidget.criteo.com	dynamic.criteo.com
1	mug.criteo.com	adrofx.club
1	trade.spy-fx.com	www.googletagmanager.com
1	dynamic.criteo.com	adrofx.club
90	46

This site contains links to these domains. Also see Links.

Domain
adrofx.com
www.livezilla.net

Subject Issuer	Validity	Valid
adrofx.club E1	`2023-12-07` - `2024-03-06`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
adrofx.com GTS CA 1P5	`2023-11-19` - `2024-02-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.rdtk.io GoGetSSL RSA DV CA	`2023-07-19` - `2024-07-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-18` - `2024-01-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
hb.yahoo.net R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
itm.ivitrack.com R3	`2023-12-14` - `2024-03-13`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2023-11-20` - `2024-11-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-07` - `2025-01-06`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.nl3.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-13` - `2024-03-14`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://adrofx.club/registration/live
Frame ID: CFF1B11170A1F340DD805B0E0D8F102C
Requests: 53 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=adrofx.club&origin=onetag
Frame ID: 822D4493D7B62F9B445F2DDE5DE8D26E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfEeU8dAAAAADxan2cTogPpMv0tDCeYvnCY-zTD&co=aHR0cHM6Ly9hZHJvZnguY2x1Yjo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=ntetggme6ulw
Frame ID: 08B4EDE96997F4ECE56BF1D7C23EECC3
Requests: 5 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-M3SE0cPyUQTIA9IRDa4nmXViycuQYIIWcidFlQ&google_gid=CAESEF8iH-WXJwomcl6Mzukjvq4&google_cver=1&google_ula=913071,0
Frame ID: E1157A3E8BF56C266006F81A0DDB5557
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Register a live account

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

<(?:link|style)[^>]+"/sites/(?:default|all)/(?:themes|modules)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

90
Requests

92 %
HTTPS

34 %
IPv6

41
Domains

46
Subdomains

43
IPs

7
Countries

1615 kB
Transfer

4309 kB
Size

41
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://adrofx.com/

Search URL Search Domain Scan URL

URL: https://adrofx.com/privacy-policy-refund-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.livezilla.net/
Title: LiveZilla Live Help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://gum.criteo.com/sid/json?origin=onetag&domain=adrofx.club&sn=ChromeSyncframe&so=0&topUrl=adrofx.club&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=fXk3anxIMW5manBTVGczQm9ITGNOZlJOWktTVnk4c2xTQzNQN3c0MVAvbGRyeFVkVEZzZDVYWXhOUWdRamNnTG9MT09laXhzbmZMNUJuc0p5b1ZsK2xOcVV4N3pFVm9xNlB5L3hEbHMrejFMOUZPc0xQQ1R4NlhZUmR5cUkvR0l4K0pZQkptOEp6SE9QakY5TkcrU28yUGJDdVZRNngxVnovSzhmVTc2ZnNaSmZoZmUxRllZNWZZaXdlSTlLTENCNnBlUWphdXpJS2ZEUmI0Y1ZtenRUK3R0eTI5Y1E4M3J0NnpoT01jSUV0K3RkT05EUzBiZ3BwaForMnBmdXd3VEk5VHJsV3JHOG13VnhKVU9iVHhpTWhIZ29YNFgxSU5zYndTNXNxc3prNm5yT0ZLZz18&cppv=2

Request Chain 54

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-M3SE0cPyUQTIA9IRDa4nmXViycuQYIIWcidFlQ&google_cm&google_hm=ay1NM1NFMGNQeVVRVElBOUlSRGE0bm1YVml5Y3VRWUlJV2NpZEZsUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-M3SE0cPyUQTIA9IRDa4nmXViycuQYIIWcidFlQ&google_cm=&google_hm=ay1NM1NFMGNQeVVRVElBOUlSRGE0bm1YVml5Y3VRWUlJV2NpZEZsUQ&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-M3SE0cPyUQTIA9IRDa4nmXViycuQYIIWcidFlQ&google_gid=CAESEF8iH-WXJwomcl6Mzukjvq4&google_cver=1&google_ula=913071,0

Request Chain 56

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4820493053674840019

Request Chain 67

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_FAZVcPyUQTIA9IRDa4nmXViycua8cxj8Xf23A HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_FAZVcPyUQTIA9IRDa4nmXViycua8cxj8Xf23A&C=1

Request Chain 68

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=3WoSIf9uCbcqSgdbmQnYDY_7B497ubDj HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=3WoSIf9uCbcqSgdbmQnYDY_7B497ubDj

Request Chain 85

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=T8A8vlkLLWg1aQmoWVXUDxmhF2lO54Bb

90 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request live Show response
adrofx.club/registration/ 27 KB
8 KB 400ms
309ms Document
text/html 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adrofx.club/registration/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4da4dc438d5bb2a4f3999547e2bacfd4f9d351c5831275bc0e405cb2f5aebcdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84285993bd31d598-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 23:51:41 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMiq2ULqZrdoA3gDt%2F%2F2mY6Nmy56UGQlWY9bH%2B91TUfxReg1d5IRbKTrCN8YPpoDz78PswxWU3kCil%2BxsM7fZWvgTMy3ooa9SO%2BcbiIzhbeicGHIRSn3QpmPwZcegLMG0M2U0MRiio3l3A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-drupal-cache: MISS
x-frame-options: SAMEORIGIN

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 125ms
42ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=99035

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0d3fecbfa8a6126487eee97685a4fdc8b9cda904e1dd0741e05596428315a33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 bootstrap.min.css
adrofx.club/sites/all/themes/new_ib/front/css/ 157 KB
25 KB 224ms
222ms Stylesheet
text/css 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adrofx.club/sites/all/themes/new_ib/front/css/bootstrap.min.css

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cb5b7ae5053d743996378c35733560214d3d896ade5c0de0d8b13a97f43039e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/registration/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Tue, 04 Jan 2022 11:40:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2725b-5d4c0192544b7-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9kTgf3gZCY3aJ9zRoYKdZy3ymZ%2BiWvGmhpFUxJkYlc%2FLF8pNJ56NQ%2BNhsAHmmBNiEWIohGVSHcH7XFkObwb2MQ1esciWXmG6WFamQqS65bE2p1OypICyv0ZIurH1bPoOid3XgibP4LlIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=300
cf-ray: 84285995be5dd598-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 template.css
adrofx.club/sites/all/themes/new_ib/front/css/ 99 KB
16 KB 222ms
220ms Stylesheet
text/css 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adrofx.club/sites/all/themes/new_ib/front/css/template.css

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f59e00f4f2da93e865c7653589381465e2031180c06079a7352d0070efee2ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/registration/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Fri, 18 Feb 2022 18:30:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"18c79-5d84f12307989-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IeL8OsXNWo2ZRChpqDT6uVbFV3nNBSQX8wrVrXCYurlsmbGlPv5yGp3H76%2FlybcdI%2BtMF%2Fm5dgRmyuYjtGALtwHlvE3goSyl76DAQU51eZVz0FXfoRya2qgNxFvsHiiJaqvCSSFx2LEHkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=300
cf-ray: 84285995be5ed598-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 custom_reg.css
adrofx.club/sites/all/themes/new_ib/css/ 630 B
637 B 168ms
167ms Stylesheet
text/css 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adrofx.club/sites/all/themes/new_ib/css/custom_reg.css

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cd2f0406b4f801498d750c8cb89bf2c606f52fa6ec0877ebe416d400699fe95

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/registration/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 16 Aug 2023 13:00:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"276-60309dfb5c5c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RH0sf3XXUruDHz%2FI2DN20Ob0dSa3BSwUh5XwHABvTUQaoVGttawcKTdKgwG8%2F4YHYSj0woBGGOybGM6nMYoJ4cUn5MEV2t%2BnQwKVqXpJBA8UjPSW25Qf5dC0z442PgIv46YveLc9N4sMuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=300
cf-ray: 84285995be60d598-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 intlTelInput.css
adrofx.club/sites/all/themes/new_ib/front/css/ 25 KB
3 KB 182ms
181ms Stylesheet
text/css 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adrofx.club/sites/all/themes/new_ib/front/css/intlTelInput.css

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f34c1e264e22a8e106c8bd717a941636cea61350ed650b3ad201536558ab776

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/registration/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Fri, 11 Feb 2022 10:20:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62b0-5d7bb68ee05b7-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbYD68CthdtuIol8HWyAhj%2FPN7LWC9kyh1hnSYb1Ag8YtyPthfIl9MATaru6cKePVRl9%2FodTy3g0X0SWKKmf2rf6uK8fZjKoAPgTGfK93HkK4ayBPUCiJ6n5uOcu0WfCra7oe%2BQapncOyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=300
cf-ray: 84285995be61d598-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-3.5.1.min.js Show response
adrofx.club/sites/all/themes/new_ib/front/js/ 87 KB
32 KB 251ms
250ms Script
application/javascript 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adrofx.club/sites/all/themes/new_ib/front/js/jquery-3.5.1.min.js

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/registration/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Tue, 04 Jan 2022 11:40:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15d84-5d4c0192af1e9-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUPP9toXbON8P84%2FRmE5VmgMFcB0Sh7g2FwCU5fZuGTpszO7vSCtLyzLUkZvV%2BX6%2F4XGAf0mxvGbQiXHhMH6z9ejQ0Bz7Xbp46yMedAy0qtqTQi6F4aA460NzWkzgokNDVyhci%2BW3g%2BEtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=300
cf-ray: 84285995be62d598-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 popper.min.js Show response
adrofx.club/sites/all/themes/new_ib/front/js/ 21 KB
8 KB 169ms
168ms Script
application/javascript 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adrofx.club/sites/all/themes/new_ib/front/js/popper.min.js

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64a03743b63f8d46d31f8055232d3662ed4ed6c79acf311558c24ef7aac50d10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/registration/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Tue, 04 Jan 2022 11:40:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"52cb-5d4c0192af1e9-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrG%2FW9cTo1cvnaBt4GwGR7g30I3c4DrSlALzHse3%2BSgZW%2BHRS7EYZlzYVkNNiRK%2BLPiXuoUABTsx0Qf5jrfrQEB%2BmhhvajC%2Fx4%2Byvp%2FecpbDX8vghigBsvJrUct3G1g9%2BUm8egFt%2FXOwsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=300
cf-ray: 84285995be63d598-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.min.js Show response
adrofx.club/sites/all/themes/new_ib/front/js/ 62 KB
16 KB 212ms
211ms Script
application/javascript 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adrofx.club/sites/all/themes/new_ib/front/js/bootstrap.min.js

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea107fb35814d42810150e6cf3fd033292e4b043068cde833d583608288ae6bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/registration/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Tue, 04 Jan 2022 11:40:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"f6df-5d4c0192af1e9-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdUDPrnxP9X2pdnGgN%2BKiq8Zpm2xaHgpuxqSh%2Fmjc%2FKupVJaRFxjUDycuWbDrhESoMq6tQcyTnijDvOqIqsfpHwEazsBOus5o4Wt7wc0I4BgbBHYTMxQNz%2F1XnHrJ9m4QOi0gWCksw1eAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=300
cf-ray: 84285995be64d598-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.validate.min.js Show response
adrofx.club/sites/all/themes/new_ib/js/plugins/jquery-validation/js/ 21 KB
7 KB 180ms
179ms Script
application/javascript 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adrofx.club/sites/all/themes/new_ib/js/plugins/jquery-validation/js/jquery.validate.min.js

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fe55811cab9115f1733276abdc3e822047bd84f6ab9611fe64fcca43261e49f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/registration/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Tue, 04 Jan 2022 11:40:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5415-5d4c0193c479f-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7tSFbczCXdXFcP%2FrRYerwm6nfQPZJjcrwY0sSpFB%2FbQJILxDDbY5ZFRQo%2F8j%2FmWcbxNEf%2BdAhla8MJtffDWhSj%2BmOnHYyCZ%2BfN%2BiWFSYjbf78FQ7d97HA3hTCp3ky0%2FOYZBkCVRFetUmWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=300
cf-ray: 84285995be65d598-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.cookie.min.js Show response
adrofx.club/sites/all/themes/new_ib/js/plugins/ 1 KB
1 KB 181ms
180ms Script
application/javascript 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adrofx.club/sites/all/themes/new_ib/js/plugins/jquery.cookie.min.js

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc41582b9e19e394e7799c5409d517a80b2e723c9725ce03125c29dc1dd6251a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/registration/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Tue, 04 Jan 2022 11:40:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"568-5d4c0193c66e0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRP1revBtdBNCEuIcQ2IxJzSTxsI5pKe1cc%2F9WZlKIvj4ofuOcLXacj2DCpOCEs3yD77BOKntaPPnPJve6Wbpu%2ByIR60IPpS%2FbMyQ42SCCKHNmQFwOKu9OJkvXiqo3Q1ADjZET9RX2Ph%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=300
cf-ray: 84285995be66d598-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 intlTelInput.min.js Show response
adrofx.club/sites/all/themes/new_ib/front/js/ 29 KB
11 KB 187ms
186ms Script
application/javascript 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adrofx.club/sites/all/themes/new_ib/front/js/intlTelInput.min.js

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

198803db46615d4e67ec5a790d818b6a98443d490b5cb09e6a2f0b5f02672113

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/registration/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Tue, 04 Jan 2022 11:40:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"72d8-5d4c0192af1e9-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BP53%2BFTmuwSKm7I%2FZERoxBUnfhWl8zn%2BAED6jaUDHgZtUcSwBgDLoQUC5nl%2BIZlCdCGByM8PrV3N%2BoH1NVt2UnMJm4VzJWXFK3fe0sGoiLirAAQnd5zsXUQ01khuuvLaw6u%2B8S3AUPovZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=300
cf-ray: 84285995be67d598-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 99ms
45ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfEeU8dAAAAADxan2cTogPpMv0tDCeYvnCY-zTD

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

af639de5180201d5b5e887d30e9234956bf4cf0b262e88cb5b87002d4e8b61b8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 08 Jan 2024 23:51:41 GMT

GET
H2 200 n_reg.js Show response
adrofx.club/sites/all/themes/new_ib/js/ 31 KB
7 KB 202ms
202ms Script
application/javascript 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adrofx.club/sites/all/themes/new_ib/js/n_reg.js

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9731de93e66b7d96bdd8175ae2a0d5c0b87387cf8ddbc7a033c877bc371edc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/registration/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Tue, 01 Aug 2023 07:48:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"7c0e-601d7c7444340-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GO8%2BBuB7jpdUXiNI97VkfJ4DR4F4WrOtg7%2BomoaEABSCEAggAMmgnmuqnxMXZyYrI2oKDhUxFBOvbCbxHItP8bc9USRZvI%2BQheZ30EapQVRytk6aMvAhXv72hDwYtoba%2FOTmy0CpgMTmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=300
cf-ray: 84285995ee8cd598-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo-white.svg
adrofx.club/sites/all/themes/new_ib/front/img/ 2 KB
1 KB 200ms
200ms Image
image/svg+xml 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adrofx.club/sites/all/themes/new_ib/front/img/logo-white.svg

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a6f41613680ca9fbaa28b19e6131f3f761ea963e2a5f8eaa3ee30ec5fb8148b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/registration/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 04 Jan 2022 11:40:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"89a-5d4c0192a55a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gf6DhcBhqmQIDxx9hFnjpB5YdwQAHjJ8BQlmvVWL5Nu%2FKRHs%2FFzOvUsTP2FA7vkh9dW4%2FBSRh8erJGMpojT1ZbwKSOj5t5nzGAmwGfBeF5BAu5rdYFcmGSmngSTuouKRm8WnG78TYmxOEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=300
cf-ray: 84285995ee8dd598-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 verify-email.svg
adrofx.club/sites/all/themes/new_ib/front/img/ 3 KB
1 KB 201ms
201ms Image
image/svg+xml 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adrofx.club/sites/all/themes/new_ib/front/img/verify-email.svg

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9321ed53759fb6c7b04393d3895d50da7b064ce6d6866aaf0c20d6c5f082831

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/registration/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 04 Jan 2022 11:40:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b5c-5d4c0192ae249"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMQQDuX69MVybCe9eV6hack7%2FQ0K83PaiDyo48bayFQW3%2B16zqyNI%2FsesUbQ9VIvkPmJWGt8A1TTdHKvi8V8Wk6QWAZwvPpK7U%2B%2Fsvjp1ZN9lk2qOET0hy4IKdInfCfKoqdCdUuHz%2F4%2BbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=300
cf-ray: 84285995ee8ed598-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 email-decode.min.js Show response
adrofx.club/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 35ms
35ms Script
application/javascript 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adrofx.club/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/registration/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6581a422-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rowvFH0bBzJPHGmCoN5Wx5TEEl6mFxEPHV9FpU3x0mFlDHVveTWpU69i1NbDp6Ss3B%2FGLXQYAbasC2PUmoit4gs4dg%2Fo49xv%2B5xxpm4XqJ1yb5psufKMgKqf5Y1ZRQWY%2BwvQavmHhq%2FO5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84285996f9396661-AMS
expires: Wed, 10 Jan 2024 23:51:41 GMT

GET
H2 200 script.php Show response
livechat.adrofx.com/ 3 KB
2 KB 280ms
178ms Script
application/javascript 2606:4700:3037::ac43:a9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://livechat.adrofx.com/script.php?id=0840f040f7b185d84970064f6238d3f7
Requested by: Host: adrofx.club
URL: https://adrofx.club/registration/live
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a70180b8d7ea68758cf01fcdd91968210f99424fe0931809ea8148bfbbb2d7fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7x4l0gkTPzA3MjrZva0pFoqk%2BS85Cytitd5mwv%2B6OrWPCvPobVpZoKccEK1gHZAYr3ASgh5HgInEBpmeLRi5slmr8XZ3Q9J40xFO026IQt7sPD0yir%2BO3UfG6XlVhcOX4m0GpFhToz267tgn8u%2FqSsv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
cf-ray: 84285997ef7c3c7b-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 193 KB
69 KB 101ms
45ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NT9NRM2

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f224edd472c1a18c41b0b8d0bd45a3c0d293e10ee55ff26f67215975408127b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70181
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 22:59:41 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Jan 2024 23:51:42 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 505 KB
203 KB 83ms
27ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfEeU8dAAAAADxan2cTogPpMv0tDCeYvnCY-zTD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adrofx.club/
Origin: https://adrofx.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 13:50:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 13:50:34 GMT

GET
H3 200 register-bg.jpg
adrofx.club/sites/all/themes/new_ib/front/images/ 116 KB
116 KB 40ms
40ms Image
image/jpeg 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adrofx.club/sites/all/themes/new_ib/front/images/register-bg.jpg

Requested by

Host: adrofx.club
URL: https://adrofx.club/sites/all/themes/new_ib/front/css/template.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52441e3e01469029f49968ecd7d8f2f5aa8b169349dc863d6bcf541105b0674e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/sites/all/themes/new_ib/front/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6789
alt-svc: h3=":443"; ma=86400
content-length: 118762
last-modified: Tue, 04 Jan 2022 11:40:04 GMT
server: cloudflare
etag: "1cfea-5d4c0192738bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LC55teKhjk9KJw9OYwRiK9fhGmN3qJaTBkqGj13cGpBAVJClpT8gXbeqBIlpiJWqN8czYlOhIBBG7mBcGuTriZVVaF%2F3eK1q62rqHxcgjX1LOrQA%2FMq0kDZVXZspE65xHu%2BLx9W6%2FGbBsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 8428599769a66661-AMS

GET
H3 200 icon-info.svg
adrofx.club/sites/all/themes/new_ib/front/images/ 634 B
797 B 140ms
140ms Image
image/svg+xml 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adrofx.club/sites/all/themes/new_ib/front/images/icon-info.svg

Requested by

Host: adrofx.club
URL: https://adrofx.club/sites/all/themes/new_ib/front/css/template.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e848540b70ea1e2a3205e030d730cf9d006abe73306920270df93dbd9c0166b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/sites/all/themes/new_ib/front/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 04 Jan 2022 11:40:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6789
etag: W/"27a-5d4c01926fa3c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cx8HiEnZy1xTYcf8DoK%2FmMJ8tWODyzFa3Se5Aja0JtnnjrWWp4wkBpm219eLOz1%2BNhXT9lU2qfoA6u90fOt%2BxZxNGPxk%2B3mUhfRwU03YWhvwFhzJZ8VsTZvUbSfaEK4E0M48JOwtrmq5Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=300
cf-ray: 8428599769a76661-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 arrow-dropdown.svg
adrofx.club/sites/all/themes/new_ib/front/images/ 2 KB
1 KB 141ms
141ms Image
image/svg+xml 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adrofx.club/sites/all/themes/new_ib/front/images/arrow-dropdown.svg

Requested by

Host: adrofx.club
URL: https://adrofx.club/sites/all/themes/new_ib/front/css/template.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47fdf32ad94b76d9dbc742fdc6fe2218598b2876dee63bcf315d6a3cf957cf9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/sites/all/themes/new_ib/front/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 04 Jan 2022 11:40:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6789
etag: W/"662-5d4c01926fa3c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2B0wxrWt4l523k2kAH2wuqxb5GvNLc4rozTKxHl1Uo6dNdbsgjCQ6%2BCbFaCipnAgROs81%2BsTVBgaoPAl1MwSkzT0g1MuX0n9lfHJWEmmh2KcE1htV5m%2BTyeghDtEvd2QQI4qsXHI4fi12g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=300
cf-ray: 8428599769a86661-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 check-default.svg
adrofx.club/sites/all/themes/new_ib/front/images/ 355 B
689 B 142ms
141ms Image
image/svg+xml 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adrofx.club/sites/all/themes/new_ib/front/images/check-default.svg

Requested by

Host: adrofx.club
URL: https://adrofx.club/sites/all/themes/new_ib/front/css/template.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f41665baaf3057ee92742c0b8e7e870237ffad37bc424f172a1c25858ec20a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/sites/all/themes/new_ib/front/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 04 Jan 2022 11:40:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6789
etag: W/"163-5d4c01926fa3c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ot6FkQkT8GJtm4o9dBb59v20xuSY7oDB6rPT8O58Q%2FdQZotd96OC6jPxhr5%2BuN4ZH73n0jTJxI%2BaR4Kvf1ClM%2B%2FPtzrGRL3PYfuRAjSAo9zkpZTCBA%2BSmQ0DLn8sWDFc81Mkdzveq9mh6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=300
cf-ray: 8428599769a96661-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 Roboto-Regular.ttf
adrofx.club/sites/all/themes/new_ib/front/fonts/ 167 KB
86 KB 144ms
144ms Font
font/ttf 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adrofx.club/sites/all/themes/new_ib/front/fonts/Roboto-Regular.ttf

Requested by

Host: adrofx.club
URL: https://adrofx.club/sites/all/themes/new_ib/front/css/template.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0e2e91c57a5b071fc8d9bd05ccaba360673104bd1d1d85a80097f960e5fb7cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://adrofx.club/sites/all/themes/new_ib/front/css/template.css
Origin: https://adrofx.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 04 Jan 2022 11:40:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6789
etag: W/"29a3c-5d4c01925d159"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G7Eu8oxANnZRW68NavBD0Yc6nB5u2OSnXQUURGi4BzZx%2B4KC3ILz0KUGtgFB7gsmgLHcZhkdsjsA%2BQSt2uY4h0zAKPFfw9ZBNsf1Pn2PchIg8%2F8J9%2B82gNjJIQDoGp9RfXzD3wc8S63VFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=300
cf-ray: 8428599769aa6661-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 Roboto-Bold.ttf
adrofx.club/sites/all/themes/new_ib/front/fonts/ 166 KB
86 KB 176ms
176ms Font
font/ttf 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adrofx.club/sites/all/themes/new_ib/front/fonts/Roboto-Bold.ttf

Requested by

Host: adrofx.club
URL: https://adrofx.club/sites/all/themes/new_ib/front/css/template.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f02cd7431c966ce92804c1f253ea5527f38071e8ad54ebf415388b9c958f4dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://adrofx.club/sites/all/themes/new_ib/front/css/template.css
Origin: https://adrofx.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 04 Jan 2022 11:40:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6789
etag: W/"297ec-5d4c0192592d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHhChl1JzbCLWwknioQvquYaRhx23zZs%2BMPPCNpTT%2BSC72MZJvziYF%2BRov%2Bhf%2FT18E%2BKuR5ei2WdpCUjyuThetTxqH0MD8l6qIhBuoYKfokWPPnXJ1OEjwZz7Uq8zMGwjIL0zil8W2aKyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=300
cf-ray: 8428599769b16661-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 822D 14 KB
6 KB 132ms
45ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=adrofx.club&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=99035

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://adrofx.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 23:51:41 GMT
server: Kestrel
server-processing-duration-in-ticks: 381176
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H/1.1 404
Not Found uniclick.js
trade.spy-fx.com/ 0
0 161ms
39ms Script
text/html 37.48.87.182
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://trade.spy-fx.com/uniclick.js?defaultcampaignid=61fbc4fe6d90aa0001347d47&attribution=lastpaid&regviewonce=false&cookiedomain=adrofx.club&cookieduration=30
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NT9NRM2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 37.48.87.182 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 15 KB
5 KB 178ms
122ms Script
application/javascript 2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.mgid.com/mgsensor.js?d=1704757902130&source=gtm

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NT9NRM2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fab2f44ed2c54018f566702de911e32e0d0502e41768f5b16227576589f42e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 83645f25-3059-4603-984a-91e848e30c21
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 84285998bdff4d7a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
85 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9810TT38WE

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NT9NRM2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27ae9735c195f161e1ea9fcde98eb6d05e95d63fd200f71529c4fc41588b05ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87406
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 23:51:42 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 72ms
23ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b625d5a8adce0e637b3263a627b65445e87da3ec1e62aff4ff86869707ed4fe7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 Jan 2024 23:51:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54366
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: QmcW66utCnEQXIwpqCDP2No1Wd+uTlX/xdCdqrn39aDJxC+BHn+781SHzD35iduPlSvHAGRO4XRbG5TAIVGNCw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 822D
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=adrofx.club&sn=ChromeSyncframe&so=0&topUrl=adrofx.club&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=fXk3anxIMW5manBTVGczQm9ITGNOZlJOWktTVnk4c2xTQzNQN3c0MVAvbGRyeFVkVEZzZDVYWXhOUWdRamNnTG9MT09laXhzbmZMNUJuc0p5b1ZsK2xOcVV4N3pFVm9xNlB5L3hEbHMrejFMOUZPc0xQQ1R4NlhZUmR5cU...

417 B
664 B

39ms
39ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=fXk3anxIMW5manBTVGczQm9ITGNOZlJOWktTVnk4c2xTQzNQN3c0MVAvbGRyeFVkVEZzZDVYWXhOUWdRamNnTG9MT09laXhzbmZMNUJuc0p5b1ZsK2xOcVV4N3pFVm9xNlB5L3hEbHMrejFMOUZPc0xQQ1R4NlhZUmR5cUkvR0l4K0pZQkptOEp6SE9QakY5TkcrU28yUGJDdVZRNngxVnovSzhmVTc2ZnNaSmZoZmUxRllZNWZZaXdlSTlLTENCNnBlUWphdXpJS2ZEUmI0Y1ZtenRUK3R0eTI5Y1E4M3J0NnpoT01jSUV0K3RkT05EUzBiZ3BwaForMnBmdXd3VEk5VHJsV3JHOG13VnhKVU9iVHhpTWhIZ29YNFgxSU5zYndTNXNxc3prNm5yT0ZLZz18&cppv=2

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c5dc9794a3eb5511573a76b37e435d312171c9aee000c34598bb9cf2064aacea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:51:41 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1210885
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:51:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=fXk3anxIMW5manBTVGczQm9ITGNOZlJOWktTVnk4c2xTQzNQN3c0MVAvbGRyeFVkVEZzZDVYWXhOUWdRamNnTG9MT09laXhzbmZMNUJuc0p5b1ZsK2xOcVV4N3pFVm9xNlB5L3hEbHMrejFMOUZPc0xQQ1R4NlhZUmR5cUkvR0l4K0pZQkptOEp6SE9QakY5TkcrU28yUGJDdVZRNngxVnovSzhmVTc2ZnNaSmZoZmUxRllZNWZZaXdlSTlLTENCNnBlUWphdXpJS2ZEUmI0Y1ZtenRUK3R0eTI5Y1E4M3J0NnpoT01jSUV0K3RkT05EUzBiZ3BwaForMnBmdXd3VEk5VHJsV3JHOG13VnhKVU9iVHhpTWhIZ29YNFgxSU5zYndTNXNxc3prNm5yT0ZLZz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 277718
content-length: 0
expires: 0

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 08B4 41 KB
26 KB 45ms
44ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfEeU8dAAAAADxan2cTogPpMv0tDCeYvnCY-zTD&co=aHR0cHM6Ly9hZHJvZnguY2x1Yjo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=ntetggme6ulw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0eeb19b62ec643aac21718a988ed02d2479b25d1d662abf0fa8be30440a264d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gTxQy7QTQFpu7gy1a8sIbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adrofx.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gTxQy7QTQFpu7gy1a8sIbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 23:51:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-199946323-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9810TT38WE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b60b4bc55e423c90acb99752680896fc746c720e14b20e3ea95c68f674c26fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69722
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 22:59:41 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Jan 2024 23:51:42 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 79ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-9810TT38WE&gtm=45je4130v869882654&_p=1704757901707&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1363828576.1704757902&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704757902&sct=1&seg=0&dl=https%3A%2F%2Fadrofx.club%2Fregistration%2Flive&dt=Register%20a%20live%20account&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=943
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9810TT38WE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:51:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://adrofx.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 getToken Show response
adrofx.club/real/ 55 B
709 B 195ms
195ms XHR
application/json 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adrofx.club/real/getToken

Requested by

Host: adrofx.club
URL: https://adrofx.club/sites/all/themes/new_ib/front/js/jquery-3.5.1.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a726552ed59e37bdb293239f0371f28cd5878d5add0b9047958b0ba48afc7c5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://adrofx.club/registration/live
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bE%2BqE%2BP5%2BZ%2BUHXStsa0We7Oy2iWl73omimtHCslQ0thD4dE%2FYuMGIWREJKG8n%2B3vtmjbPffeX%2FJW0RIOgGT528LfvXZ%2FwvQlth5S5K4UqHjBntJJv1qYgoe70hhIShK23M0FKmUqt%2FUuhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
content-language: en
cache-control: no-cache, must-revalidate
cf-ray: 842859991b406661-AMS
alt-svc: h3=":443"; ma=86400
x-drupal-cache: MISS
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H3 200 flags.png
adrofx.club/sites/all/themes/new_ib/front/images/ 69 KB
70 KB 38ms
38ms Image
image/png 2606:4700:3035::ac43:a50a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adrofx.club/sites/all/themes/new_ib/front/images/flags.png

Requested by

Host: adrofx.club
URL: https://adrofx.club/sites/all/themes/new_ib/front/css/intlTelInput.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a50a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/sites/all/themes/new_ib/front/css/intlTelInput.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6790
alt-svc: h3=":443"; ma=86400
content-length: 70857
last-modified: Tue, 04 Jan 2022 11:40:04 GMT
server: cloudflare
etag: "114c9-5d4c01926fa3c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVOvMWD6gqCEP0YQY%2B00ch3HprPp2MNVDvd62ptYioUtlBDe%2BbO2sYsRXAOF98BjnHJ6gseLbYXWmCq35m1IQV%2FsxsHBYFP0zYfdUE2ysjnXQLfa%2F5YqXMIMIW4MHsHN%2FuCCktuYqk4iUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 842859992b486661-AMS

GET
H2 200 event Show response
sslwidget.criteo.com/ 17 KB
7 KB 118ms
54ms Script
application/x-javascript 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=99035&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvpg&p2=e%3Ddis&adce=1&bundle=TaAtSV96eEpzcHdYRWg1dGZweG5jN3R6VU84YlZ0aURWWmdhbVNRcjNZWFVENHhkeVdqZTBnSXN1TVg3Q2k5cXQ2alNlbDJJTkw0VHQ2ZG11V0pTeGw3QzBPSWlDUnJjOVpZTzhzZCUyQkVQTU1LTzZBdktidEZ1bUhrNDBXajlPdlJYTmpJc0tqMWFsbnJyNHlDM1FhU0w3UWNIZyUzRCUzRA&tld=adrofx.club&dy=1&fu=https%253A%252F%252Fadrofx.club%252Fregistration%252Flive&ceid=a9a3b5c9-7ec6-4e11-88ea-50a600425a8f&dtycbr=46098

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=99035

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1edaefd89b9c40a9bfe46d48beb420ad5a5ce47121bcdbb46069e7bac2828aec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:51:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 22786151
timing-allow-origin: *
expires: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 08B4 55 KB
24 KB 67ms
22ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfEeU8dAAAAADxan2cTogPpMv0tDCeYvnCY-zTD&co=aHR0cHM6Ly9hZHJvZnguY2x1Yjo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=ntetggme6ulw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 13:50:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 13:50:34 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 08B4 505 KB
203 KB 78ms
33ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 13:50:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 13:50:34 GMT

GET
H2 200 222858050722744 Show response
connect.facebook.net/signals/config/ 132 KB
35 KB 82ms
81ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/222858050722744?v=2.9.139&r=stable&domain=adrofx.club

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3f790138b68923b647825ca4f84809a18dabad228d08aebf7542c12ddfc224eb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 Jan 2024 23:51:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: +33P8mFzncDUHUkmbeCx4TmUrT1kOrQcvyZREa+Rg1mLn2k+wjTWYRDms+rPZHyshXXtn7BmlElH9eT+zIR8Zg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-387VXC32FF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-199946323-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6401530cf4b5943b55a91e341438fb049d14dd6c4009ff351cc22327b7790f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81981
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 23:51:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 76ms
22ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-199946323-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jan 2024 23:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 205
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 09 Jan 2024 01:48:17 GMT

GET
H3 200 564363408812446 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 76ms
76ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/564363408812446?v=2.9.139&r=stable&domain=adrofx.club

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4564afd93bf6978ebd0bc3029c42da5316a9e45c0445de867fd874b231a0dff6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 Jan 2024 23:51:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Cwf05zXbCN6TMWvqoRKzXuu+IcLg5wd4E5Flcl4nGr+k7nZRTuqsBxFkRj391SbhkmRvVnc9nZ74nNIWFbIctw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 70ms
24ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=222858050722744&ev=PageView&dl=https%3A%2F%2Fadrofx.club%2Fregistration%2Flive&rl=&if=false&ts=1704757902363&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704757902363.1978121027&ler=empty&it=1704757902266&coo=false&rqm=GET

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 08 Jan 2024 23:51:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 29ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-387VXC32FF&gtm=45je4130v9133874476&_p=1704757901707&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1363828576.1704757902&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1704757902&sct=1&seg=0&dl=https%3A%2F%2Fadrofx.club%2Fregistration%2Flive&dt=Register%20a%20live%20account&en=page_view&_fv=1&_ss=1&tfd=1089
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-387VXC32FF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:51:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://adrofx.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js Show response
www.google.com/js/bg/ Frame 08B4 17 KB
7 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfEeU8dAAAAADxan2cTogPpMv0tDCeYvnCY-zTD&co=aHR0cHM6Ly9hZHJvZnguY2x1Yjo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=ntetggme6ulw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:54:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6849
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 20:54:15 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
203 B 32ms
31ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=602366141&t=pageview&_s=1&dl=https%3A%2F%2Fadrofx.club%2Fregistration%2Flive&ul=en-us&de=UTF-8&dt=Register%20a%20live%20account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1506192108&gjid=1819722796&cid=1363828576.1704757902&tid=UA-199946323-1&_gid=145488750.1704757902&_r=1&gtm=457e4130z8869882654&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=802327653

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://adrofx.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:51:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://adrofx.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 08B4 102 B
135 B 32ms
32ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfEeU8dAAAAADxan2cTogPpMv0tDCeYvnCY-zTD&co=aHR0cHM6Ly9hZHJvZnguY2x1Yjo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=ntetggme6ulw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 08 Jan 2024 23:51:42 GMT

GET
H2 200 1x1.gif
a.mgid.com/ 43 B
107 B 118ms
116ms Image
image/gif 2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.mgid.com/1x1.gif?id=722468&type=c&tg=&r=https%3A%2F%2Fadrofx.club%2Fregistration%2Flive&nv=1&clid=&d=1704757902425

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 8428599a3e9c4d7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H3 200 191814607221429 Show response
connect.facebook.net/signals/config/ 132 KB
35 KB 76ms
76ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/191814607221429?v=2.9.139&r=stable&domain=adrofx.club

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d8005293d26a44dca5454a5ef96a75d2ecf85e1bbc92df9a5fd1a4c9e133d127

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 Jan 2024 23:51:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: wsuJ9MR6wDksjb6LEqcl6D62b5Xk6CEq5L2W6tLhj/0w0bXDOPnZa2qNy20fdvV2gGXhlgI4uRfyxQjL0ZcZGw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 23ms
23ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=564363408812446&ev=PageView&dl=https%3A%2F%2Fadrofx.club%2Fregistration%2Flive&rl=&if=false&ts=1704757902464&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704757902363.1978121027&ler=empty&it=1704757902266&coo=false&rqm=GET

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 08 Jan 2024 23:51:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 22ms
22ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=191814607221429&ev=PageView&dl=https%3A%2F%2Fadrofx.club%2Fregistration%2Flive&rl=&if=false&ts=1704757902546&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704757902363.1978121027&ler=empty&it=1704757902266&coo=false&rqm=GET

Requested by

Host: adrofx.club
URL: https://adrofx.club/registration/live

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 08 Jan 2024 23:51:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 server.php Show response
livechat.adrofx.com/ 11 KB
5 KB 104ms
104ms Script
text/javascript 2606:4700:3037::ac43:a9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://livechat.adrofx.com/server.php?rqst=track&output=jcrpt&group=support&ovlv=djI_&ovlc=MQ__&esc=IzQwNzhjNw__&epc=IzQ5ODllMQ__&ovlts=MA__&ovlapo=MQ__&nse=0.21015983595843646
Requested by: Host: adrofx.club
URL: https://adrofx.club/registration/live
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcc47d6194e04b5e762ed5a96c903058d4e953f6e003e41b32ecd720429cc2a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gTIvippAHdpnd7qTVpFfiNQ%2Fdu0Nl3aS6uD5O6%2F5yh5fp%2BfJt19Lbjuby60U0Dry56FlGb0siyXByXcWih%2FmTjHMS121Ebi2BW5BzuS88ltdzwLo6hm7jMLTPPdZwIibSqRlynHtQOCSwSEletT4jpEO"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cf-ray: 8428599b2b463c7b-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 utils.js Show response
cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/js/ 247 KB
59 KB 155ms
34ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/js/utils.js

Requested by

Host: adrofx.club
URL: https://adrofx.club/sites/all/themes/new_ib/front/js/intlTelInput.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0399719be23112b963e66643f253e231063844e560f6e5f27cdf1be25c68cc5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3429529
x-jsd-version: 18.1.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230085-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"3dc5d-V05DmuRXyiP3nRp8wJBkV6uxXEA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LJCpWNG%2FDKMwBybCtnOp4QvWfSO%2F%2FONXsGHU7GXOAqqpzoDYIei6yZ3ySV8YvYra4lBK%2BP10Nm0cC%2Bz92FsOTQNTIkzYULZlGX7PBrtL4oLNX%2F8xpTA1NZFYWDSkgsEShphbC5A0Y3qaQH%2B5OM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8428599bef041c2c-FRA

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame E115
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-M3SE0cPyUQTIA9IRDa4nmXViycuQYIIWcidFlQ&google_cm&google_hm=ay1NM1NFMGNQeVVRVElBOUlSRGE0bm1YVml5Y3VRWUlJV...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-M3SE0cPyUQTIA9IRDa4nmXViycuQYIIWcidFlQ&google_cm=&google_hm=ay1NM1NFMGNQeVVRVElBOUlSRGE0bm1YVml5Y3VRWUl...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-M3SE0cPyUQTIA9IRDa4nmXViycuQYIIWcidFlQ&google_gid=CAESEF8iH-WXJwomcl6Mzukjvq4&google_cver=1&google_ula=913071,0

43 B
369 B

31ms
30ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-M3SE0cPyUQTIA9IRDa4nmXViycuQYIIWcidFlQ&google_gid=CAESEF8iH-WXJwomcl6Mzukjvq4&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:51:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 624401
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:51:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-M3SE0cPyUQTIA9IRDa4nmXViycuQYIIWcidFlQ&google_gid=CAESEF8iH-WXJwomcl6Mzukjvq4&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame E115 43 B
146 B 142ms
25ms Image
image/gif 3.124.81.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-iDeVDMPyUQTIA9IRDa4nmXViyctPiMt8EQ_oMg&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.81.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-81-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame E115
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4820493053674840019

43 B
370 B

32ms
31ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4820493053674840019

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:51:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1329763
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:51:42 GMT
an-x-request-uuid: 683ff71b-bd6b-4016-b298-7acf2533da6f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4820493053674840019
x-proxy-origin: 217.114.218.21; 217.114.218.21; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame E115 57 B
813 B 170ms
54ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-_TBI6sPyUQTIA9IRDa4nmXViycs2xvMfqRxvFQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 08 Jan 2024 23:51:42 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 57
x-mnet-hl2: E
expires: Mon, 08 Jan 2024 23:51:42 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame E115 0
239 B 169ms
25ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-IiCQp8PyUQTIA9IRDa4nmXViycsTEG9n-4VeHQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame E115 43 B
163 B 149ms
33ms Image
image/gif 217.182.178.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-xYEhq8PyUQTIA9IRDa4nmXViycsbhwCbSruuJw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.233 , France, ASN16276 (OVH, FR),
Reverse DNS: ip233.ip-217-182-178.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:41 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame E115 0
99 B 146ms
29ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-S0nHsMPyUQTIA9IRDa4nmXViycsA0txHmzYnfA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 28249

GET
H2 200 um
criteo-sync.teads.tv/ Frame E115 23 B
163 B 166ms
50ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-VZekDMPyUQTIA9IRDa4nmXViycstuEzx2AM-fg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Mon, 08 Jan 2024 23:51:42 GMT
pragma: no-cache
date: Mon, 08 Jan 2024 23:51:42 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame E115 37 B
140 B 142ms
26ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-j_S4qcPyUQTIA9IRDa4nmXViycurpriEiwcPzw&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame E115 0
125 B 93ms
29ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-F6zq0sPyUQTIA9IRDa4nmXViycvOmdnWliqFQg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 cksync.php
hb.yahoo.net/ Frame E115 56 B
319 B 159ms
53ms Image
image/gif 23.50.131.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-F6zq0sPyUQTIA9IRDa4nmXViycvOmdnWliqFQg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.131.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-50-131-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Mon, 08 Jan 2024 23:51:42 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 56
x-mnet-hl2: E
expires: Mon, 08 Jan 2024 23:51:42 GMT

GET
H2 200 pixel
cm.adform.net/ Frame E115 43 B
163 B 121ms
36ms Image
image/gif 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-wH4pm8PyUQTIA9IRDa4nmXViyct1c6hEHq6bPw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
last-modified: Fri, 28 Jul 2023 11:03:52 GMT
server: nginx
accept-ranges: bytes
etag: "64c3a098-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame E115 49 B
385 B 164ms
51ms Image
image/gif 52.30.133.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-x3B82cPyUQTIA9IRDa4nmXViycvBIgk3LdqYYw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.133.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-133-211.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:51:42 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 4
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame E115
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_FAZVcPyUQTIA9IRDa4nmXViycua8cxj8Xf23A
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_FAZVcPyUQTIA9IRDa4nmXViycua8cxj8Xf23A&C=1

43 B
332 B

57ms
57ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_FAZVcPyUQTIA9IRDa4nmXViycua8cxj8Xf23A&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:51:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cE8LOEeKeT%2For%2F3fSjZ9Z8GanoD00ra5GtZ4GrPrkT%2B%2FPP8TMzQHP7GckbX%2FPoISlz5LYVJ%2FooviTrNzf%2FRCLy8pxFg1CPAWL0TNTOknJm4r5c%2BBnk2dkUWKTWyFdPPLFyIS"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8428599cfda36a77-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:51:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GheFG%2FC6bBmFSqNfyPm4payYdLxNIBcrfH%2FEQcGQXkbrN8Z8ikQyLTajCKGMVQmwMqBLGkQeNuTAVU64Wgd0tAeXqVI%2B9OaF8tIyyWKHdiV9%2BRSchUAZ%2BWjlfXm3O6ZM2Wzt"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-_FAZVcPyUQTIA9IRDa4nmXViycua8cxj8Xf23A&C=1
cache-control: no-cache
cf-ray: 8428599c9cfa6a77-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame E115
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=3WoSIf9uCbcqSgdbmQnYDY_7B497ubDj
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=3WoSIf9uCbcqSgdbmQnYDY_7B497ubDj

42 B
717 B

52ms
52ms

Image
image/gif

54.75.216.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=3WoSIf9uCbcqSgdbmQnYDY_7B497ubDj

Protocol

Server

54.75.216.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-75-216-46.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-07bf84699.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Mon, 08 Jan 2024 23:51:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: gQ3+7fM7TSg=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-0d41b9f76.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Mon, 08 Jan 2024 23:51:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: Bwq/ybipQxM=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=3WoSIf9uCbcqSgdbmQnYDY_7B497ubDj
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame E115 43 B
1 KB 85ms
26ms Image
image/gif 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-swDaucPyUQTIA9IRDa4nmXViycvfXHLKNRelKQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 08 Jan 2024 23:51:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame E115 43 B
199 B 172ms
47ms Image
image/gif 54.220.80.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-_sNS78PyUQTIA9IRDa4nmXViycsHOjWXKo5aGQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.220.80.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-80-246.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 08 Jan 2024 23:51:42 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame E115 42 B
265 B 88ms
34ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-j4YEH8PyUQTIA9IRDa4nmXViycvHgGRK4jKgsA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame E115 0
878 B 82ms
26ms Image
text/html 52.28.181.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-ZTmZPsPyUQTIA9IRDa4nmXViycvuwQrMd14Pag
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.181.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-181-15.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame E115 43 B
423 B 441ms
115ms Image
image/gif 34.193.251.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-Pit5ZMPyUQTIA9IRDa4nmXViycuDbjDpYVz7qA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.251.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-251-250.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:51:43 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame E115 0
145 B 554ms
117ms Image
text/plain 64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-DECy38PyUQTIA9IRDa4nmXViycs5cGNyqW4RKA&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 23:51:43 GMT
Cache-Control: no-cache
X-TraceId: d015b61348ea25a35c9849e3f66fd7a3
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame E115 0
225 B 141ms
41ms Image
text/html 198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-ytyV9sPyUQTIA9IRDa4nmXViycuBmCTtjCrY_A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 08 Jan 2024 23:51:41 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame E115 0
35 B 88ms
24ms Image
text/plain 3.121.221.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-8IJcBcPyUQTIA9IRDa4nmXViyctJpbkdvE6I9A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.221.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-221-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame E115 43 B
399 B 424ms
113ms Image
image/gif 2600:1f18:612b:4200:73f8:6020:4d7:1d33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-wtHEn8PyUQTIA9IRDa4nmXViycs77i4SzCbTRA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:73f8:6020:4d7:1d33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 08 Jan 2024 23:51:43 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame E115 43 B
153 B 107ms
38ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-uCBp38PyUQTIA9IRDa4nmXViycuMMqrI7DJX0Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 08 Jan 2024 23:51:42 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame E115 0
235 B 91ms
39ms Image
text/plain 184.30.17.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-dWo44MPyUQTIA9IRDa4nmXViyctRmn0OZRlkfw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2024 23:51:42 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sun, 07 Jan 2024 23:51:42 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame E115 0
38 B 178ms
51ms Image
text/plain 52.17.148.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-iJlATsPyUQTIA9IRDa4nmXViyctibhyDqxL7Aw&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.148.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-148-138.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:43 GMT
content-length: 0

GET
H2 200 resource.php Show response
livechat.adrofx.com/ 180 KB
42 KB 190ms
190ms Script
application/javascript 2606:4700:3037::ac43:a9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://livechat.adrofx.com/resource.php?t=js&1=jsglobal.min.js&2=jsbox.min.js&3=jstrack.min.js&v=ahjxcd3a&4=jsextern.min.js
Requested by: Host: livechat.adrofx.com
URL: https://livechat.adrofx.com/server.php?rqst=track&output=jcrpt&group=support&ovlv=djI_&ovlc=MQ__&esc=IzQwNzhjNw__&epc=IzQ5ODllMQ__&ovlts=MA__&ovlapo=MQ__&nse=0.21015983595843646
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14446243176e5de4c56432af7632347ec90c3025e1355bdd7abc9e5c1804c3fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Mon, 08 Jan 2024 23:51:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCgC2bPhArp5thTCM5ZrRfQjcHVbxF2FocauLbAhqDHB1Q5LZcLghfEfddUwsshGHlC0B0oOjsObrUge%2BZegGp66%2FNCqOE4BQUlBdO36Wo4J4oy7StJ%2BEclC2viReXgd7OcysxA98jYxh6QFGNGPcDXZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: maxage=31536000
cf-ray: 8428599bec313c7b-CDG
alt-svc: h3=":443"; ma=86400
expires: Tue, 07 Jan 2025 23:51:42 GMT

GET
H2 200 resource.php
livechat.adrofx.com/ 22 KB
5 KB 173ms
173ms Stylesheet
text/css 2606:4700:3037::ac43:a9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://livechat.adrofx.com/resource.php?t=css&1=style.min.css&2=chat_ahjxcd3a/style.min.css
Requested by: Host: livechat.adrofx.com
URL: https://livechat.adrofx.com/server.php?rqst=track&output=jcrpt&group=support&ovlv=djI_&ovlc=MQ__&esc=IzQwNzhjNw__&epc=IzQ5ODllMQ__&ovlts=MA__&ovlapo=MQ__&nse=0.21015983595843646
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54bb9730f36e20b8ad24317b3d6b6c58126fd8e9e968a54c21a05d6ae50a7324

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Mon, 08 Jan 2024 23:51:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FHiuRUMYmAbF3gDb0L2Oqd1gxDokAe0k4M9l2JWXgTdDjMTmVittGV%2BWKsUYnyGYF2%2B20IBHvZt%2F1qYEuInKrz%2BTG5P0mlp%2FJM4AeNyOxDhSQNoKkCpnHWhIra9zTXTuHDgBoZ7RxOWYdDkalX7I2B1"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: maxage=31536000
cf-ray: 8428599bec2f3c7b-CDG
alt-svc: h3=":443"; ma=86400
expires: Tue, 07 Jan 2025 23:51:42 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame E115 0
15 B 26ms
25ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-F6zq0sPyUQTIA9IRDa4nmXViycvOmdnWliqFQg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:42 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 setuid
ib.adnxs.com/ Frame E115 43 B
1016 B 31ms
31ms Image
image/gif 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-NLv3U8PyUQTIA9IRDa4nmXViycvJdWnohqJFHA

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:51:42 GMT
an-x-request-uuid: ac7f8db8-ec73-4bd4-9f18-b66d60404c72
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.21; 217.114.218.21; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame E115
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=T8A8vlkLLWg1aQmoWVXUDxmhF2lO54Bb

0
338 B

174ms
49ms

Image
text/plain

52.214.3.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=T8A8vlkLLWg1aQmoWVXUDxmhF2lO54Bb
Protocol: H2
Server: 52.214.3.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-3-70.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: beacon-n002-dub-prod.krxd.net
date: Mon, 08 Jan 2024 23:51:43 GMT
cache-control: private, no-cache, no-store
x-request-time: D=132 t=1704757903
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=T8A8vlkLLWg1aQmoWVXUDxmhF2lO54Bb
date: Mon, 08 Jan 2024 23:51:42 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 715339
content-length: 0

GET
H3 200 geo.php Show response
livechat.adrofx.com/ 93 B
554 B 113ms
113ms Script
application/javascript 2606:4700:3037::ac43:a9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://livechat.adrofx.com/geo.php?a=1&gv=1023&method=lz_tracking_geo_result&spanm=lz_tracking_set_geo_span&oak=
Requested by: Host: livechat.adrofx.com
URL: https://livechat.adrofx.com/resource.php?t=js&1=jsglobal.min.js&2=jsbox.min.js&3=jstrack.min.js&v=ahjxcd3a&4=jsextern.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a8222d62318644429761e24a3021edbc39edd5c424f28977b36a475588d9c1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoF8Iw6nSKPj0XQhnbb6OMU0crTdr8NaKjDjZkuuO0FVWbTZiQ0Xng5bVlOVfoSqyyuwjY5zU%2BL%2FqWeyD3e2up0VeYiQSuEpHOtven4TYM%2BEGjWRtIxyhmyhOGIUYN7ZT41Q6suN1ZWufVTCTtw%2BFQoI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
cf-ray: 8428599e0f609006-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 server.php Show response
livechat.adrofx.com/ 34 KB
10 KB 686ms
686ms Script
text/javascript 2606:4700:3037::ac43:a9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://livechat.adrofx.com/server.php?rqst=track&tv=2.3.1.3&b=ODhjNjAzZDNjMA__&pc=MQ__&i=NzkwN2UwNWQyMQ__&cd=MjQ_&rh=MTIwMA__&rw=MTYwMA__&tzo=MQ__&geo_lat=NTIuNTE2Nw==&geo_long=MTMuNA==&geo_region=QmVybGlu&geo_city=QmVybGlu&geo_tz=KzAxOjAw&geo_ctryiso=REU=&geo_isp=&dc=UmVnaXN0ZXIgYSBsaXZlIGFjY291bnQ_&ue=YUhSMGNITTZMeTloWkhKdlpuZ3VZMngxWWk5eVpXZHBjM1J5WVhScGIyNHZiR2wyWlFfXw__&group=support&ovlv=djI_&ovlc=MQ__&esc=IzQwNzhjNw__&epc=IzQ5ODllMQ__&ovlts=MA__&ovlapo=MQ__&full=1&sc=1&ri=MQ_
Requested by: Host: livechat.adrofx.com
URL: https://livechat.adrofx.com/resource.php?t=js&1=jsglobal.min.js&2=jsbox.min.js&3=jstrack.min.js&v=ahjxcd3a&4=jsextern.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0493bfab62bb597b27846a27700a2c1e59749104487a77c602a5c75240500690

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:51:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FNhdhbkHjzCdcIxzr1FtiABKSeCGn6iaLAYMHJHvMiInduD85pcHZJ5uhHLiaqA1a45Lb1EtRtrgysVwAPsyZt%2BUbh6e9m8OX%2Bzc6q2r3aOgnQhrIjLR%2BpFwB%2BRWKK9UhBCtG0cH1rWgY4UN%2FUz1U0i"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cf-ray: 8428599ecf9b9006-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 tpe
csm.nl3.eu.criteo.net/1.0/ 43 B
203 B 114ms
36ms Image
image/gif 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://csm.nl3.eu.criteo.net/1.0/tpe?cpp=fvVHVXxwSE9ZaVFxZ3Roa3N6T0pqMWdFTnpUMERVcmp0emJEeDNKTEp3cDRDUHY0WWtOVE9Bb0tIOGYrSUVHclU5RWFKSDVrVTcyaWVkL1cvNG5Ka2NqR3dkZz09fA&cppv=2&p=%7B%22cp%22%3A%5B%7B%22c%22%3Afalse%2C%22ct%22%3A%22widget%22%2C%22dlt%22%3A0%2C%22rdt%22%3A0%2C%22rpt%22%3A1%2C%22rqt%22%3A54%2C%22sct%22%3A29%2C%22tct%22%3A59%7D%5D%2C%22mtp%22%3A%7B%22cqt%22%3A0%2C%22it%22%3A3%7D%7D&dtycbr=6544

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adrofx.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:51:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
expires: 0

Verdicts & Comments Add Verdict or Comment

430 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adrofx.club/	1970-01-20 17:32:41	Name: country Value: DE
adrofx.club/	1970-01-20 17:32:41	Name: country Value: DE
.adrofx.club/	1969-12-31 23:59:59	Name: xcab_lang Value: en
.adrofx.club/	1969-12-31 23:59:59	Name: xcab_host Value: adrofx.club/registration/live
.adrofx.club/	1970-01-20 19:42:13	Name: lastref Value:
.criteo.com/	1970-01-21 02:54:13	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:54:13	Name: uid Value: a012c4f8-2189-4851-b552-34158482db61
.adrofx.club/	1970-01-21 03:08:37	Name: _ga_9810TT38WE Value: GS1.1.1704757902.1.0.1704757902.0.0.0
.adrofx.club/	1970-01-21 03:02:01	Name: cto_bundle Value: TaAtSV96eEpzcHdYRWg1dGZweG5jN3R6VU84YlZ0aURWWmdhbVNRcjNZWFVENHhkeVdqZTBnSXN1TVg3Q2k5cXQ2alNlbDJJTkw0VHQ2ZG11V0pTeGw3QzBPSWlDUnJjOVpZTzhzZCUyQkVQTU1LTzZBdktidEZ1bUhrNDBXajlPdlJYTmpJc0tqMWFsbnJyNHlDM1FhU0w3UWNIZyUzRCUzRA
.mgid.com/	1970-01-20 17:32:39	Name: __cf_bm Value: EN8KzLOaxkIl3a5bQqcfIEt8Qy6.TFsNe2hLj7ngL28-1704757902-1-Aa7URHFpIzLDYkpE6ZUJbKrliKe+MOzAXlIv5iAI3U2468Zo0LwKkBCuoMiv8uOBiKWonTooUYKkgi2GdaRT57I=
.adrofx.club/	1970-01-20 19:42:13	Name: MgidSensorNVis Value: 1
.adrofx.club/	1970-01-20 19:42:13	Name: MgidSensorHref Value: https://adrofx.club/registration/live
.adrofx.club/	1970-01-20 19:42:13	Name: _fbp Value: fb.1.1704757902363.1978121027
.adrofx.club/	1970-01-21 03:08:37	Name: _ga_387VXC32FF Value: GS1.1.1704757902.1.0.1704757902.0.0.0
.adrofx.club/	1970-01-21 03:08:37	Name: _ga Value: GA1.2.1363828576.1704757902
.adrofx.club/	1970-01-20 17:34:04	Name: _gid Value: GA1.2.145488750.1704757902
.adrofx.club/	1970-01-20 17:32:37	Name: _gat_gtag_UA_199946323_1 Value: 1
.adrofx.club/	1970-01-20 17:49:17	Name: SSESSe94618220a1651780cf1f7aaf5a8a6e1 Value: ONuOEgvEHpRMfqNL6RRAehXUT4NJrKSLEJDlEmWNRqQ
adrofx.club/	1970-01-20 17:34:04	Name: a_csrf Value: 5ANDcvwzMZaPI-dVs57ltGb-KZRuo9hsZbtBkDSixZQ
.adnxs.com/	1970-01-20 19:42:13	Name: uuid2 Value: 4820493053674840019
.media.net/	1970-01-21 02:18:13	Name: visitor-id Value: 3477595028280583000V10
.media.net/	1970-01-20 18:15:49	Name: data-c-ts Value: 1704757902
.media.net/	1970-01-20 18:15:49	Name: data-c Value: k-_TBI6sPyUQTIA9IRDa4nmXViycs2xvMfqRxvFQ~~3
.doubleclick.net/	1970-01-21 02:54:13	Name: IDE Value: AHWqTUnFip5TzDAaD9s1c1SllZgDrO1dJ5ve1T8-FtoUh3uTUqmRh5ECnp1gm_c5fg0
.demdex.net/	1970-01-20 21:51:49	Name: demdex Value: 60449030401685113284505752276471727327
.dpm.demdex.net/	1970-01-20 21:51:49	Name: dpm Value: 60449030401685113284505752276471727327
.casalemedia.com/	1970-01-21 02:18:13	Name: CMID Value: ZZyKjq5ZBIC1h2cDyl0MMAAA
.casalemedia.com/	1970-01-20 19:42:13	Name: CMPS Value: 1162
.casalemedia.com/	1970-01-20 19:42:13	Name: CMPRO Value: 1162
.adnxs.com/	1970-01-21 03:08:37	Name: XANDR_PANID Value: ITavkEliCO0egoXgHpe9trL7V0D_sa-VDAIQJh4TEzvVtOq8YtanwpUw46aDs2CQ2Mvw8gxKhUCtnHwx5LF71EdJ23r89eStm-FJBO87eqI.
.adnxs.com/	1970-01-20 19:42:13	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2C$Mj[_Mg!]tbPl@/D!9hy6]/CwiKZu'0Q/.uaN3_?KkiTNwoi6PE*.yY(YabhUQ7B2uti-)aS?7vorZdw=)%nugO%v4VB%nq'G+Y29c
.omnitagjs.com/	1970-01-20 18:15:49	Name: ayl_visitor Value: b1c88f252c5a498fff82ebca54813ee7
exchange.mediavine.com/	1970-01-20 17:52:47	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22dfcc5020-ae80-11ee-a633-03f3225c0623%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:52:47	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22dfcc5020-ae80-11ee-a633-03f3225c0623%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:52:47	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22dfcc5020-ae80-11ee-a633-03f3225c0623%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:52:47	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22dfcc5020-ae80-11ee-a633-03f3225c0623%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:52:47	Name: criteo Value: %7B%22id%22%3A%22k-ZTmZPsPyUQTIA9IRDa4nmXViycvuwQrMd14Pag%22%2C%22version%22%3A%22criteo%22%7D
.krxd.net/	1970-01-20 21:51:49	Name: _kuid_ Value: QBjsckV_
.tremorhub.com/	1970-01-21 02:18:34	Name: tvid Value: 6b64cfe4a59e47c790b6afc3bcfb58d3
.tremorhub.com/	1970-01-20 18:15:49	Name: tv_UICR Value: k-wtHEn8PyUQTIA9IRDa4nmXViycs77i4SzCbTRA
.postrelease.com/	1970-01-21 02:18:13	Name: opt_out Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://trade.spy-fx.com/uniclick.js?defaultcampaignid=61fbc4fe6d90aa0001347d47&attribution=lastpaid&regviewonce=false&cookiedomain=adrofx.club&cookieduration=30 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://connect.facebook.net/signals/config/222858050722744?v=2.9.139&r=stable&domain=adrofx.club(Line 127) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
a.twiago.com
ad.360yield.com
ad.yieldlab.net
adrofx.club
beacon.krxd.net
cdn.jsdelivr.net
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
csm.nl3.eu.criteo.net
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
gum.criteo.com
hb.yahoo.net
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
livechat.adrofx.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
simage2.pubmatic.com
sslwidget.criteo.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
trade.spy-fx.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
104.18.36.155
141.226.228.48
141.95.98.65
142.250.186.130
178.250.1.9
184.30.17.243
185.89.210.180
198.47.127.205
2.16.97.41
2001:4860:4802:32::36
217.182.178.233
23.50.131.73
2600:1f18:612b:4200:73f8:6020:4d7:1d33
2606:4700:1::6813:844c
2606:4700:3035::ac43:a50a
2606:4700:3037::ac43:a9e6
2606:4700::6810:5614
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2004
2a00:1450:4001:827::200e
2a00:1450:4001:831::2003
2a02:2638:3::1a
2a02:2638:3::c
2a02:2638:3::e
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.121.221.105
3.124.81.102
3.71.149.231
34.117.157.22
34.193.251.250
37.157.4.28
37.48.87.182
52.17.148.138
52.214.3.70
52.28.181.15
52.30.133.211
54.220.80.246
54.75.216.46
64.202.112.191
69.173.144.165
76.223.111.18
85.215.5.31
95.101.148.20
0399719be23112b963e66643f253e231063844e560f6e5f27cdf1be25c68cc5a
0493bfab62bb597b27846a27700a2c1e59749104487a77c602a5c75240500690
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0d3fecbfa8a6126487eee97685a4fdc8b9cda904e1dd0741e05596428315a33b
0eeb19b62ec643aac21718a988ed02d2479b25d1d662abf0fa8be30440a264d3
0f224edd472c1a18c41b0b8d0bd45a3c0d293e10ee55ff26f67215975408127b
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
14446243176e5de4c56432af7632347ec90c3025e1355bdd7abc9e5c1804c3fe
198803db46615d4e67ec5a790d818b6a98443d490b5cb09e6a2f0b5f02672113
1b60b4bc55e423c90acb99752680896fc746c720e14b20e3ea95c68f674c26fd
1edaefd89b9c40a9bfe46d48beb420ad5a5ce47121bcdbb46069e7bac2828aec
1f02cd7431c966ce92804c1f253ea5527f38071e8ad54ebf415388b9c958f4dd
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27ae9735c195f161e1ea9fcde98eb6d05e95d63fd200f71529c4fc41588b05ec
2a8222d62318644429761e24a3021edbc39edd5c424f28977b36a475588d9c1b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a
3cb5b7ae5053d743996378c35733560214d3d896ade5c0de0d8b13a97f43039e
3f59e00f4f2da93e865c7653589381465e2031180c06079a7352d0070efee2ac
3f790138b68923b647825ca4f84809a18dabad228d08aebf7542c12ddfc224eb
4564afd93bf6978ebd0bc3029c42da5316a9e45c0445de867fd874b231a0dff6
47fdf32ad94b76d9dbc742fdc6fe2218598b2876dee63bcf315d6a3cf957cf9d
487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cd2f0406b4f801498d750c8cb89bf2c606f52fa6ec0877ebe416d400699fe95
4da4dc438d5bb2a4f3999547e2bacfd4f9d351c5831275bc0e405cb2f5aebcdd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52441e3e01469029f49968ecd7d8f2f5aa8b169349dc863d6bcf541105b0674e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54bb9730f36e20b8ad24317b3d6b6c58126fd8e9e968a54c21a05d6ae50a7324
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5f34c1e264e22a8e106c8bd717a941636cea61350ed650b3ad201536558ab776
5fe55811cab9115f1733276abdc3e822047bd84f6ab9611fe64fcca43261e49f
6401530cf4b5943b55a91e341438fb049d14dd6c4009ff351cc22327b7790f63
64a03743b63f8d46d31f8055232d3662ed4ed6c79acf311558c24ef7aac50d10
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a6f41613680ca9fbaa28b19e6131f3f761ea963e2a5f8eaa3ee30ec5fb8148b
8f41665baaf3057ee92742c0b8e7e870237ffad37bc424f172a1c25858ec20a3
9e848540b70ea1e2a3205e030d730cf9d006abe73306920270df93dbd9c0166b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a70180b8d7ea68758cf01fcdd91968210f99424fe0931809ea8148bfbbb2d7fc
a726552ed59e37bdb293239f0371f28cd5878d5add0b9047958b0ba48afc7c5b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
af639de5180201d5b5e887d30e9234956bf4cf0b262e88cb5b87002d4e8b61b8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b625d5a8adce0e637b3263a627b65445e87da3ec1e62aff4ff86869707ed4fe7
b9321ed53759fb6c7b04393d3895d50da7b064ce6d6866aaf0c20d6c5f082831
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcc47d6194e04b5e762ed5a96c903058d4e953f6e003e41b32ecd720429cc2a3
c5dc9794a3eb5511573a76b37e435d312171c9aee000c34598bb9cf2064aacea
c9731de93e66b7d96bdd8175ae2a0d5c0b87387cf8ddbc7a033c877bc371edc0
cc41582b9e19e394e7799c5409d517a80b2e723c9725ce03125c29dc1dd6251a
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d8005293d26a44dca5454a5ef96a75d2ecf85e1bbc92df9a5fd1a4c9e133d127
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0e2e91c57a5b071fc8d9bd05ccaba360673104bd1d1d85a80097f960e5fb7cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea107fb35814d42810150e6cf3fd033292e4b043068cde833d583608288ae6bd
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fab2f44ed2c54018f566702de911e32e0d0502e41768f5b16227576589f42e68

adrofx.club Open in urlscan Pro 2606:4700:3035::ac43:a50a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

90 Requests

92 %HTTPS

34 %IPv6

41 Domains

46 Subdomains

43 IPs

7 Countries

1615 kBTransfer

4309 kBSize

41 Cookies

3 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

adrofx.club Open in urlscan Pro
2606:4700:3035::ac43:a50a Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

92 %
HTTPS

34 %
IPv6

41
Domains

46
Subdomains

43
IPs

7
Countries

1615 kB
Transfer

4309 kB
Size

41
Cookies

90 HTTP transactions
0 data transactions