urlscan.io logo urlscan.io
SecurityTrails logo

cf.spybriefing.com Open in urlscan Pro
2606:4700::6810:fc2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.spybriefing.com/a/1485/click/9349/165523/441d3f712b67c75a0551dcb3041bbb6ec813f91d/5a87b888d6f8f103142380318b74a8...
Effective URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Submission Tags: falconsandbox
Submission: On July 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 82 IPs in 8 countries across 70 domains to perform 172 HTTP transactions. The main IP is 2606:4700::6810:fc2, located in United States and belongs to CLOUDFLARENET, US. The main domain is cf.spybriefing.com. The Cisco Umbrella rank of the primary domain is 653678.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2022. Valid for: a year.
This is the only time cf.spybriefing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.238.129.105 396982 (GOOGLE-CL...)
1 20 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 144.168.44.226 29802 (HVC-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 99.86.114.65 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
1 142.250.74.194 15169 (GOOGLE)
2 2600:1f1c:a99... 16509 (AMAZON-02)
2 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 88.221.169.78 16625 (AKAMAI-AS)
2 67.205.176.157 14061 (DIGITALOC...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 104.19.133.78 13335 (CLOUDFLAR...)
2 104.18.26.174 13335 (CLOUDFLAR...)
1 52.222.225.250 16509 (AMAZON-02)
4 23.36.163.230 20940 (AKAMAI-ASN1)
5 162.210.192.55 30633 (LEASEWEB-...)
3 34.239.26.54 14618 (AMAZON-AES)
2 3 44.196.167.20 14618 (AMAZON-AES)
2 2a03:2880:f11... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 64.202.112.191 23352 (SERVERCEN...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 104.75.88.209 16625 (AKAMAI-AS)
11 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 5 2600:9000:225... 16509 (AMAZON-02)
1 35.236.195.67 396982 (GOOGLE-CL...)
1 151.139.128.11 20446 (STACKPATH...)
4 3.213.171.94 14618 (AMAZON-AES)
1 2600:9000:249... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 52.16.111.147 16509 (AMAZON-02)
1 2001:678:cb4:... 56396 (AMOBEE)
1 169.50.137.176 36351 (SOFTLAYER)
1 178.250.2.140 44788 (ASN-CRITE...)
1 2600:9000:223... 16509 (AMAZON-02)
1 151.101.2.137 54113 (FASTLY)
4 35.190.43.134 15169 (GOOGLE)
1 162.247.241.14 23467 (NEWRELIC-...)
1 35.227.225.220 15169 (GOOGLE)
5 6 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.0.157 44788 (ASN-CRITE...)
1 3 178.250.2.151 44788 (ASN-CRITE...)
1 74.119.119.150 19750 (AS-CRITEO)
1 2 3.122.47.104 16509 (AMAZON-02)
1 1 142.250.186.162 15169 (GOOGLE)
2 2 185.89.210.180 29990 (ASN-APPNEX)
2 2 18.157.60.148 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 195.244.31.11 63140 (IGUANA-WO...)
1 2 104.18.19.126 13335 (CLOUDFLAR...)
1 2 52.19.67.137 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 2.18.235.93 16625 (AKAMAI-AS)
1 3.224.57.214 14618 (AMAZON-AES)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 69.173.144.138 26667 (RUBICONPR...)
1 35.157.253.202 16509 (AMAZON-02)
1 185.86.137.132 201081 (SMARTADSE...)
1 141.226.228.48 200478 (TABOOLA-AS)
1 184.24.1.49 16625 (AKAMAI-AS)
1 76.223.111.18 16509 (AMAZON-02)
1 2 3.126.56.137 16509 (AMAZON-02)
2 104.90.130.71 16625 (AKAMAI-AS)
1 34.249.170.53 16509 (AMAZON-02)
2 2 34.203.132.51 14618 (AMAZON-AES)
1 2600:1f18:444... 14618 (AMAZON-AES)
1 2600:9000:223... 16509 (AMAZON-02)
1 192.96.200.41 30633 (LEASEWEB-...)
1 2 52.17.148.115 16509 (AMAZON-02)
1 3.64.108.197 16509 (AMAZON-02)
1 18.188.177.141 16509 (AMAZON-02)
172 82
1    35.238.129.105 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com
links.spybriefing.com
20    2606:4700::6810:fc2 (United States)

ASN13335 (CLOUDFLARENET, US)
cf.spybriefing.com
3    2606:4700:3033::6815:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    144.168.44.226 (Dallas, United States)

ASN29802 (HVC-AS, US)
PTR: simmba.ideasquarelab.com
submit.ideasquarelab.com
ifs.spamkill.dev
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:10c2 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.clickfunnels.com
4    2606:4700::6810:ec2 (United States)

ASN13335 (CLOUDFLARENET, US)
app.clickfunnels.com
1    2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    99.86.114.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-114-65.lhr61.r.cloudfront.net
tag.segmetrics.io
3    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
www.googleadservices.com
2    2600:1f1c:a99:832c:e958:87e0:dc9b:7bb1 (San Jose, United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    2a02:26f0:1700:78c::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
1    88.221.169.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-78.deploy.static.akamaitechnologies.com
amplify.outbrain.com
2    67.205.176.157 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: statistinamics.com
ndn.statistinamics.com
1    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
a.exoclick.com
2    104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)
a.mgid.com
2    104.18.26.174 (None, )

ASN13335 (CLOUDFLARENET, US)
a.adskeeper.co.uk
1    52.222.225.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-225-250.fra56.r.cloudfront.net
sc-static.net
4    23.36.163.230 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-230.deploy.static.akamaitechnologies.com
analytics.tiktok.com
5    162.210.192.55 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)
visit.prayfashion.com
3    34.239.26.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-26-54.compute-1.amazonaws.com
pixel.adblade.com
web.adblade.com
3    44.196.167.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-167-20.compute-1.amazonaws.com
rdcdn.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
5    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    64.202.112.191 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
tr.outbrain.com
sync.outbrain.com
4    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700:20::681a:105 (United States)

ASN13335 (CLOUDFLARENET, US)
track.segmetrics.io
2    104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com
ct.pinterest.com
11    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2606:4700:20::ac43:4470 (United States)

ASN13335 (CLOUDFLARENET, US)
www.clickcease.com
5    2600:9000:225e:8c00:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
1    35.236.195.67 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.195.236.35.bc.googleusercontent.com
m.revmizer.com
1    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
assets.revcontent.com
4    3.213.171.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-171-94.compute-1.amazonaws.com
tags.srv.stackadapt.com
1    2600:9000:2490:9400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    52.16.111.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-111-147.eu-west-1.compute.amazonaws.com
d.adroll.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
r.turn.com
1    169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com
tag.simpli.fi
1    178.250.2.140 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dynamic.criteo.com
1    2600:9000:223c:400:11:9cfd:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.customer.io
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
4    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
1    162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
1    35.227.225.220 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 220.225.227.35.bc.googleusercontent.com
track.customer.io
6    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
dis.criteo.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
2    3.122.47.104 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-47-104.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
2    185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    18.157.60.148 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-60-148.eu-central-1.compute.amazonaws.com
ih.adscale.de
1    2600:9000:225e:e600:1b:832b:ac00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cotads.adscale.de
1    195.244.31.11 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
2    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
r.casalemedia.com
2    52.19.67.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-67-137.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
1    3.224.57.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-57-214.compute-1.amazonaws.com
exchange.mediavine.com
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    35.157.253.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-253-202.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
1    184.24.1.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-1-49.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    104.90.130.71 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-130-71.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    34.249.170.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-170-53.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
2    34.203.132.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-132-51.compute-1.amazonaws.com
i.liadm.com
1    2600:1f18:444a:4602:377c:45e6:1b19:7050 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    2600:9000:223f:2600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    192.96.200.41 (West Mifflin, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
2    52.17.148.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-148-115.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    3.64.108.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-108-197.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    18.188.177.141 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-188-177-141.us-east-2.compute.amazonaws.com
s.thebrighttag.com
Apex Domain
Subdomains		 Transfer
21 spybriefing.com
links.spybriefing.com — Cisco Umbrella Rank: 681591
cf.spybriefing.com — Cisco Umbrella Rank: 653678
5 MB
12 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 4086
gum.criteo.com — Cisco Umbrella Rank: 397
mug.criteo.com — Cisco Umbrella Rank: 2751
sslwidget.criteo.com — Cisco Umbrella Rank: 1537
widget.us.criteo.com — Cisco Umbrella Rank: 18353
dis.criteo.com — Cisco Umbrella Rank: 713
29 KB
11 youtube.com
www.youtube.com — Cisco Umbrella Rank: 113
793 KB
9 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 117
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
static.doubleclick.net — Cisco Umbrella Rank: 467
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
5 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 72
ajax.googleapis.com — Cisco Umbrella Rank: 303
jnn-pa.googleapis.com — Cisco Umbrella Rank: 349
64 KB
6 adroll.com
s.adroll.com — Cisco Umbrella Rank: 2092
d.adroll.com — Cisco Umbrella Rank: 1475
78 KB
6 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 5536
www.google.com — Cisco Umbrella Rank: 10
1 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 5701
755 B
5 prayfashion.com
visit.prayfashion.com — Cisco Umbrella Rank: 886610
7 KB
5 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 1916
tr.outbrain.com — Cisco Umbrella Rank: 1753
sync.outbrain.com — Cisco Umbrella Rank: 730
5 KB
5 clickfunnels.com
assets.clickfunnels.com — Cisco Umbrella Rank: 56422
app.clickfunnels.com — Cisco Umbrella Rank: 34503
5 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93
349 KB
4 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 921
1 KB
4 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 3440
7 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 919
70 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 550
i6.liadm.com — Cisco Umbrella Rank: 1523
1 KB
3 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 1642
cotads.adscale.de — Cisco Umbrella Rank: 3881
1 KB
3 rdcdn.com
rdcdn.com — Cisco Umbrella Rank: 52353
801 B
3 adblade.com
pixel.adblade.com — Cisco Umbrella Rank: 214327
web.adblade.com — Cisco Umbrella Rank: 61177
1 KB
3 gstatic.com
fonts.gstatic.com
76 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 947
92 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 186
2 KB
2 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 1779
1 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 285
506 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 650
851 B
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 770
2 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 234
2 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
1 KB
2 customer.io
assets.customer.io — Cisco Umbrella Rank: 20757
track.customer.io — Cisco Umbrella Rank: 15470
3 KB
2 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 773
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
388 B
2 adskeeper.co.uk
a.adskeeper.co.uk — Cisco Umbrella Rank: 372797
6 KB
2 mgid.com
a.mgid.com — Cisco Umbrella Rank: 18188
6 KB
2 statistinamics.com
ndn.statistinamics.com — Cisco Umbrella Rank: 84013
1 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 745
19 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 991
pixel.quantserve.com — Cisco Umbrella Rank: 452
10 KB
2 segmetrics.io
tag.segmetrics.io — Cisco Umbrella Rank: 67053
track.segmetrics.io — Cisco Umbrella Rank: 97475
26 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
110 KB
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 1292
268 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 447
500 B
1 aralego.com
sync.aralego.com — Cisco Umbrella Rank: 1734
413 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 675
240 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 1597
220 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 400
140 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 1497
172 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1083
99 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 626
163 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 523
35 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 333
239 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 604
225 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1306
40 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 515
786 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 324
98 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1271
235 B
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 284
719 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 406
14 KB
1 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 4174
4 KB
1 turn.com
r.turn.com — Cisco Umbrella Rank: 2958
398 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 942
347 B
1 revcontent.com
assets.revcontent.com — Cisco Umbrella Rank: 5291
10 KB
1 revmizer.com
m.revmizer.com — Cisco Umbrella Rank: 925455
1 clickcease.com
www.clickcease.com — Cisco Umbrella Rank: 10185
53 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 960
8 KB
1 exoclick.com
a.exoclick.com — Cisco Umbrella Rank: 88696
953 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 125
15 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1311
5 KB
1 spamkill.dev
ifs.spamkill.dev — Cisco Umbrella Rank: 785817
27 KB
1 ideasquarelab.com
submit.ideasquarelab.com — Cisco Umbrella Rank: 455400
439 B
0 addevent.com Failed
track.addevent.com Failed
172 70
Domain Requested by
20 cf.spybriefing.com 1 redirects cf.spybriefing.com
static.cloudflareinsights.com
11 www.youtube.com cf.spybriefing.com
www.youtube.com
6 gum.criteo.com 5 redirects dynamic.criteo.com
5 s.adroll.com 1 redirects cf.spybriefing.com
s.adroll.com
5 www.google.de cf.spybriefing.com
5 visit.prayfashion.com cf.spybriefing.com
www.googletagmanager.com
visit.prayfashion.com
5 www.googletagmanager.com cf.spybriefing.com
www.googletagmanager.com
4 tr.snapchat.com sc-static.net
4 jnn-pa.googleapis.com www.youtube.com
4 tags.srv.stackadapt.com cf.spybriefing.com
tags.srv.stackadapt.com
4 www.google.com cf.spybriefing.com
4 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
www.youtube.com
4 analytics.tiktok.com cf.spybriefing.com
analytics.tiktok.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
cf.spybriefing.com
4 app.clickfunnels.com cf.spybriefing.com
3 tr.outbrain.com amplify.outbrain.com
cf.spybriefing.com
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 rdcdn.com 2 redirects cf.spybriefing.com
3 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
3 use.fontawesome.com cf.spybriefing.com
use.fontawesome.com
2 dpm.demdex.net 1 redirects
2 i.liadm.com 2 redirects
2 ad.yieldlab.net
2 ups.analytics.yahoo.com 1 redirects
2 ad.360yield.com 1 redirects
2 r.casalemedia.com 1 redirects
2 ih.adscale.de 2 redirects
2 ib.adnxs.com 2 redirects
2 dis.criteo.com
2 x.bidswitch.net 1 redirects
2 web.adblade.com www.googletagmanager.com
cf.spybriefing.com
2 ct.pinterest.com s.pinimg.com
cf.spybriefing.com
2 region1.analytics.google.com www.googletagmanager.com
2 www.facebook.com cf.spybriefing.com
2 a.adskeeper.co.uk cf.spybriefing.com
2 a.mgid.com cf.spybriefing.com
2 ndn.statistinamics.com www.googletagmanager.com
ndn.statistinamics.com
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 connect.facebook.net cf.spybriefing.com
connect.facebook.net
2 fonts.googleapis.com cf.spybriefing.com
1 s.thebrighttag.com
1 aa.agkn.com
1 sync.aralego.com
1 s.ad.smaato.net
1 i6.liadm.com
1 sync-criteo.ads.yieldmo.com
1 eb2.3lift.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 match.sharethrough.com
1 pixel.rubiconproject.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 exchange.mediavine.com
1 contextual.media.net
1 idsync.rlcdn.com
1 visitor.omnitagjs.com
1 cotads.adscale.de
1 cm.g.doubleclick.net 1 redirects
1 widget.us.criteo.com
1 sslwidget.criteo.com 1 redirects
1 mug.criteo.com
1 track.customer.io
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com cf.spybriefing.com
1 assets.customer.io cf.spybriefing.com
1 dynamic.criteo.com www.googletagmanager.com
1 tag.simpli.fi www.googletagmanager.com
1 pixel.quantserve.com cf.spybriefing.com
1 r.turn.com cf.spybriefing.com
1 d.adroll.com s.adroll.com
1 static.doubleclick.net www.youtube.com
1 rules.quantcount.com secure.quantserve.com
1 assets.revcontent.com www.googletagmanager.com
1 m.revmizer.com cf.spybriefing.com
1 www.clickcease.com cf.spybriefing.com
1 track.segmetrics.io tag.segmetrics.io
1 pixel.adblade.com cf.spybriefing.com
1 sc-static.net cf.spybriefing.com
1 a.exoclick.com www.googletagmanager.com
1 amplify.outbrain.com www.googletagmanager.com
1 secure.quantserve.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 tag.segmetrics.io cf.spybriefing.com
1 static.cloudflareinsights.com cf.spybriefing.com
1 assets.clickfunnels.com cf.spybriefing.com
1 ifs.spamkill.dev cf.spybriefing.com
1 ajax.googleapis.com cf.spybriefing.com
1 submit.ideasquarelab.com cf.spybriefing.com
1 links.spybriefing.com 1 redirects
0 track.addevent.com Failed cf.spybriefing.com
172 92

This site contains links to these domains. Also see Links.

Domain
spybriefing.com
Subject Issuer Validity Valid
cf.spybriefing.com
Cloudflare Inc ECC CA-3		 2022-05-08 -
2023-05-08		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
submit.ideasquarelab.com
Sectigo RSA Domain Validation Secure Server CA		 2022-07-22 -
2023-08-22		 a year crt.sh
ifs.spamkill.dev
cPanel, Inc. Certification Authority		 2022-06-18 -
2022-09-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-03 -
2022-08-01		 3 months crt.sh
tag.segmetrics.io
Amazon		 2021-11-15 -
2022-12-13		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-26 -
2022-08-05		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
statistinamics.com
R3		 2022-06-04 -
2022-09-02		 3 months crt.sh
*.exoclick.com
Go Daddy Secure Certificate Authority - G2		 2021-08-03 -
2022-09-04		 a year crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-01-27		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
visit.prayfashion.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-09-07 -
2022-09-07		 a year crt.sh
adblade.com
Amazon		 2022-04-17 -
2023-05-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
s.adroll.com
Amazon		 2022-07-03 -
2023-08-01		 a year crt.sh
acquire-mapp.skousen.dk
R3		 2022-07-01 -
2022-09-29		 3 months crt.sh
assets.revcontent.com
R3		 2022-07-16 -
2022-10-14		 3 months crt.sh
*.srv.stackadapt.com
Amazon		 2021-11-09 -
2022-12-07		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
adroll.mgr.consensu.org
Amazon		 2021-09-09 -
2022-10-08		 a year crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-02 -
2023-04-01		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.customer.io
Amazon		 2021-12-20 -
2023-01-17		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.snapchat.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-01 -
2023-01-31		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
api.customer.io
GTS CA 1D4		 2022-07-22 -
2022-10-20		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
exchange.mediavine.com
Amazon		 2022-05-05 -
2023-06-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
teads.tv
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.yieldlab.net
DigiCert SHA2 Secure Server CA		 2022-01-14 -
2023-01-13		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
s.ad.smaato.net
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh

This page contains 7 frames:

Primary Page: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Frame ID: C6FE50AED39CB1B15CF293D58E9724C9
Requests: 124 HTTP requests in this frame

Frame: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Frame ID: 58486E087B0D33F6F45236D930AA4726
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Frame ID: 0170BEBAF883ED7294E9785D61C1AFAF
Requests: 13 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=dcac7434-c37f-428b-b940-285ccbce8757&_scsid=7b076c9b-87f4-4fe8-b849-93e2e3917f53&_sclid=3a031bf8-f0ab-42d6-bffe-eb4bebbb8be0
Frame ID: 6CE648378E69D132EF1480F9B540532E
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 80DB584567F617210DA4A9581704B199
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=cf.spybriefing.com&origin=onetag
Frame ID: 0F35B3BEAC3674F77E0912A1B1F05649
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-DUeMOVlbOPP8pKmID_2U208EdD38eDNgZrJMhw&expires=30
Frame ID: 29568D8A7D4061D1101DC33E23FF00FF
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Carfighting Video

Page URL History Show full URLs

  1. https://links.spybriefing.com/a/1485/click/9349/165523/441d3f712b67c75a0551dcb3041bbb6ec813f91d/5a87b888d6... HTTP 302
    https://cf.spybriefing.com/carfighting-le HTTP 302
    https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778 Page URL

Detected technologies

Overall confidence: 75%
Detected patterns
Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • <meta property="cf:app_domain" content="app\.clickfunnels\.com"
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

172
Requests

89 %
HTTPS

38 %
IPv6

70
Domains

92
Subdomains

82
IPs

8
Countries

6888 kB
Transfer

13359 kB
Size

91
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.spybriefing.com/a/1485/click/9349/165523/441d3f712b67c75a0551dcb3041bbb6ec813f91d/5a87b888d6f8f103142380318b74a8d93287aa1e HTTP 302
    https://cf.spybriefing.com/carfighting-le HTTP 302
    https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://rdcdn.com/rt?aid=19177&e=1&img=1 HTTP 302
  • https://rdcdn.com/eow HTTP 302
  • https://rdcdn.com/images/blank.gif
Request Chain 106
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 112
  • https://s.adroll.com/j/exp/LIAFGQD4BJCQNANH5CBFII/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 139
  • https://gum.criteo.com/sid/json?origin=onetag&domain=spybriefing.com&sn=ChromeSyncframe&so=0&topUrl=cf.spybriefing.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=XLynZnxMd3Z2cGg0czhvZS9rbERBT3dkV0kwL2hmY3UvNHg3TUJ3dFUwKyt5YTFiOXB4OWVKdTRLcmRGY2RtbW1Ma3ZsTEUwcVAxNHNHUnJSaFUxYitTOGNNMDZTTDJSTjBiaEFucHgwUlA1alpER3B5YkJaYU8wbUl2SDdFZmcvM3dMUWlYNTRlSUlyM3hGR2NrMGw0S1R1Q0w3citRbmVEZjhlNUxEeDN2TFJJazNNd0dNem1UVnFMTytyb2RTeTR3K1ZHU0xPNFFycnExWGkveHovbjRqLzNnMm0rRkIyUWVMMW1oM0E4QUxpZlV6dVM0VkZQQnJxdmNuL3ppOWIvdTZsNXNxRkYva3JnTk1MQ2syWXZKWWF5dz09fA&cppv=2
Request Chain 140
  • https://sslwidget.criteo.com/event?a=94432&v=5.12.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=ikZU4F9ZYVFXeGlJb29mcVE1SmUwNDZMYXJGb1FQR1Z1RVJTJTJCSmJkdmQlMkZla09MbElJSzlZZjVGQ2VFUGlOZFo3TzlXMDUlMkZRTmZhRE5McWUlMkZqM0NPcWZOcFc4OVFtR1U0M3hzcmtmRE9Ib0pYYldsdGZHdU42MCUyQk5SdVJreW9ONG56SFJKaTJqSW1KNU9YdEJTV2lSNUM4cTZRJTNEJTNE&tld=spybriefing.com&dy=1&fu=https%253A%252F%252Fcf.spybriefing.com%252Fsales-page-4977917816267594971791630527983778&dtycbr=55509 HTTP 302
  • https://widget.us.criteo.com/event?a=94432&v=5.12.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=ikZU4F9ZYVFXeGlJb29mcVE1SmUwNDZMYXJGb1FQR1Z1RVJTJTJCSmJkdmQlMkZla09MbElJSzlZZjVGQ2VFUGlOZFo3TzlXMDUlMkZRTmZhRE5McWUlMkZqM0NPcWZOcFc4OVFtR1U0M3hzcmtmRE9Ib0pYYldsdGZHdU42MCUyQk5SdVJreW9ONG56SFJKaTJqSW1KNU9YdEJTV2lSNUM4cTZRJTNEJTNE&tld=spybriefing.com&dy=1&fu=https%253A%252F%252Fcf.spybriefing.com%252Fsales-page-4977917816267594971791630527983778&dtycbr=55509
Request Chain 142
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-DUeMOVlbOPP8pKmID_2U208EdD38eDNgZrJMhw&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-DUeMOVlbOPP8pKmID_2U208EdD38eDNgZrJMhw&expires=30
Request Chain 143
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-z3HV61lbOPP8pKmID_2U208EdD0Rw1ndTFuRLg&google_cm&google_hm=ay16M0hWNjFsYk9QUDhwS21JRF8yVTIwOEVkRDBSdzFuZFRGdVJMZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-z3HV61lbOPP8pKmID_2U208EdD0Rw1ndTFuRLg&google_gid=CAESEJOMS6257z_3mQekSecbNJM&google_cver=1&google_ula=913071,0
Request Chain 144
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3263854802001891636
Request Chain 145
  • https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-hMnhUllbOPP8pKmID_2U208EdD1MT3pS1lmgkQ&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__ HTTP 302
  • https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-hMnhUllbOPP8pKmID_2U208EdD1MT3pS1lmgkQ&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__&nut&uu=436338f1acdd4cf49eb276e4c9e48ef4 HTTP 307
  • https://cotads.adscale.de/ads/pixel/1by1.png?uid=79ef1b40293eeb02c38ec11a439ac01e89f27f4707f888059a8ae37c646e6f4d
Request Chain 147
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0N798llbOPP8pKmID_2U208EdD2Qvkf1tj4srw HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0N798llbOPP8pKmID_2U208EdD2Qvkf1tj4srw&C=1
Request Chain 148
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-hd54uVlbOPP8pKmID_2U208EdD0zV31qiLtyFA HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hd54uVlbOPP8pKmID_2U208EdD0zV31qiLtyFA
Request Chain 149
  • https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397596.gif?partner_uid=z8RFd6h041W5IS4ekvGe7ATokdgT_bYr
Request Chain 160
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-LADU_llbOPP8pKmID_2U208EdD1Wa9lKiXzyrA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-LADU_llbOPP8pKmID_2U208EdD1Wa9lKiXzyrA&verify=true
Request Chain 163
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-RLjmbVlbOPP8pKmID_2U208EdD3Qh9N5xKiGGA HTTP 303
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-RLjmbVlbOPP8pKmID_2U208EdD3Qh9N5xKiGGA&_li_chk=true&previous_uuid=a4c3fdbe08cf4e14b3173b82ec857e14 HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-RLjmbVlbOPP8pKmID_2U208EdD3Qh9N5xKiGGA
Request Chain 166
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=dA-WTBw3docFNtdt-rnk6s2BO_w3Dt2- HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=dA-WTBw3docFNtdt-rnk6s2BO_w3Dt2-
Request Chain 168
  • https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=npWRU4D2-UnzhD5QYiLUId4_5XAqGNoS
Request Chain 169
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=_sEOmywdJI4Y1KNMGU0DzrL3lJ7IsKAO

172 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sales-page-4977917816267594971791630527983778
cf.spybriefing.com/
Redirect Chain
  • https://links.spybriefing.com/a/1485/click/9349/165523/441d3f712b67c75a0551dcb3041bbb6ec813f91d/5a87b888d6f8f103142380318b74a8d93287aa1e
  • https://cf.spybriefing.com/carfighting-le
  • https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
395 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
38b4427fe010e9bbb71c90397807ac698218da22fa1cacda264c1e42472d843a
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, private
cf-cache-status
BYPASS
cf-ray
730353555cc36909-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 25 Jul 2022 07:54:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
status
200 OK
strict-transport-security
max-age=0
vary
Accept-Encoding
x-frame-options
ALLOWALL
x-powered-by
Phusion Passenger Enterprise 6.0.7
x-rack-cache
miss
x-request-id
5402f8e78ef3f7f649f4e2935021075b
x-runtime
0.453475

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
cf-cache-status
MISS
cf-ray
7303535359de6909-FRA
content-type
text/html; charset=utf-8
date
Mon, 25 Jul 2022 07:54:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
server
cloudflare
status
302 Found
strict-transport-security
max-age=0
vary
Accept-Encoding
x-frame-options
ALLOWALL
x-powered-by
Phusion Passenger Enterprise 6.0.7
x-rack-cache
miss
x-request-id
4f0254787921f01ae2fd14051e654c58
x-runtime
0.171498
lander.css
cf.spybriefing.com/assets/ 		425 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.spybriefing.com/assets/lander.css
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
528
last-modified
Thu, 21 Jul 2022 14:30:08 GMT
server
cloudflare
etag
W/"62d962f0-6a514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
730353593a446909-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Mon, 25 Jul 2022 08:14:05 GMT
all.css
use.fontawesome.com/releases/v5.9.0/css/ 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15623737
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
R6NH4GJ7K569R50W
x-amz-id-2
UMzeQ4xVVEzkt+nMXUeDEUQvy+wpjX5qBC4xjuMDX2OaDkyj9B0Hmp1pqTpRuUYIak+jxrdXODQ=
last-modified
Wed, 30 Jun 2021 15:48:06 GMT
server
cloudflare
etag
W/"dbf9d822cefe851ba6f66e1ad57e8987"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNbSn8XCjCf7iEGFAxexwFAXj7vgX9kOg2EUU1MRYW%2BX3GjffQoPmI6cajyCh7nIOoSWyIIulumGtdLukVFawWQ86MbZWf1euJVwl9lbVNtvIwrUWSpTEP3aeeQoluFtB3epbHt4sn30RxDMRGk8RPAr"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
730353595be991d8-FRA
v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15623642
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
RB5BPRT48JBAE6TP
x-amz-id-2
gCI0BCd4N0Ze41wUUC9fQ5XlRt+jkrB7evHnqcM8HM5N2U+Yr/0Hi6JfxMBuYiohKnNmeTq+oho=
last-modified
Wed, 30 Jun 2021 15:48:06 GMT
server
cloudflare
etag
W/"e140a7d32f343530f016095df3cc2ae4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EXRjQgbwNnbZG9oS9XA4JNCOKmZrglVvU51astAZ%2BOPWJKiwmqMfZhXvuuKbNjCz1Fo9jOh5W%2BPyXOkM0FyoU6b9AZ4q9BHbQIjA0Thrys22ME7a9SRDfLP%2Bh40S7iZgGQl6pZkSazctdKwqacJck9U"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
730353595bee91d8-FRA
css
fonts.googleapis.com/ 		45 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
84b5e4a70a3e74c3de277df4d596bb8a8b75ae07c5c731a1287d97b7c17a7dc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 06:57:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 25 Jul 2022 07:54:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Jul 2022 07:54:05 GMT
application.js
cf.spybriefing.com/assets/userevents/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.spybriefing.com/assets/userevents/application.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
333
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=MFMC4io4_hHZxby3lE8ymUeQ_kpgp0p_c66SZeua.pY-1658735645-0-Ac-EHAWn9RvBsyMHrcwee37tOiPl-LjM2GAcPOoWQXo166R0G-73FLvcoLoGLU3xrFUwuZCfrSiNhQlXiUn1oNUsCTwnPng3kmbAK7auumzn
last-modified
Thu, 21 Jul 2022 14:30:08 GMT
server
cloudflare
etag
W/"62d962f0-1353"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
730353593a456909-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Mon, 25 Jul 2022 08:14:05 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-164010868-2
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a35286598e523844fd5a181f9bf4fbc063f9b7f24e79c37113f3bc691647ecbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41757
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Jul 2022 07:54:05 GMT
js
www.googletagmanager.com/gtag/ 		158 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-459873033
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
caba6965fb8c9d167e9c44ed7424b0d41c9aec296d6bdd821f71f4feb93e5766
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59922
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Jul 2022 07:54:05 GMT
visit
submit.ideasquarelab.com/ 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://submit.ideasquarelab.com/visit?client=kw493
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
144.168.44.226 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS
simmba.ideasquarelab.com
Software
Apache /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:06 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
server
Apache
content-type
image/png
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.0/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 18:11:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222127
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30768
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 Jul 2023 18:11:58 GMT
72Wiix4HgjWSE5lxDYUsnv
ifs.spamkill.dev/emailverify/kw493/ 		26 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ifs.spamkill.dev/emailverify/kw493/72Wiix4HgjWSE5lxDYUsnv
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
144.168.44.226 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS
simmba.ideasquarelab.com
Software
Apache /
Resource Hash
6b3b7c60872cb8503f3701aa8f156d186e6021f0d34d134bc160dcd24ab98754

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
cache-control
max-age=0
server
Apache
content-type
text/javascript;charset=UTF-8
im-4.png
cf.spybriefing.com/hosted/images/f8/e93897e8f24ac39a5a026063d669ae/ 		491 KB
492 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.spybriefing.com/hosted/images/f8/e93897e8f24ac39a5a026063d669ae/im-4.png
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b20f16ce01a32ff4df0028215b096e56a3a4a4b1a397aeebc16dbb4b92c5c55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:05 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Jul 2021 03:25:59 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P4
etag
"b7465fe25469a6d31e54fdeec6704d0e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7303535a0b626909-FRA
content-length
502857
closemodal.png
assets.clickfunnels.com/images/ 		672 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.clickfunnels.com/images/closemodal.png
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:05 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
age
382059
cf-polished
origFmt=png, origSize=788
content-disposition
inline; filename="closemodal.webp"
content-length
672
last-modified
Sun, 10 Jul 2022 01:39:57 GMT
server
cloudflare
etag
"62ca2ded-314"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 25 Aug 2022 07:54:05 GMT
cache-control
public, max-age=2678400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7303535a299d9b67-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj
imgq:100,h2pri
Carfighting-Story-Lead-2.png
cf.spybriefing.com/hosted/images/dd/e41ea4687a4acbbee3c13d75edc867/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.spybriefing.com/hosted/images/dd/e41ea4687a4acbbee3c13d75edc867/Carfighting-Story-Lead-2.png
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eabf65365999eb485f761a255d0cd988d4503751b1c128d11cb3d34f4b86fdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
cf-cache-status
MISS
last-modified
Thu, 23 Dec 2021 19:26:53 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P4
etag
"8b20ef304ad4c90d76820a30cc752e7a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7303535a0b636909-FRA
content-length
1924576
Exceptional-Performance-Award-2005-768x593.jpg
cf.spybriefing.com/hosted/images/39/149c91952911e88d9e1de1d220cef3/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.spybriefing.com/hosted/images/39/149c91952911e88d9e1de1d220cef3/Exceptional-Performance-Award-2005-768x593.jpg
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dab3de50e1ddfa138a0572ae7f02067f29b23ddead6fcd446114e23cbe558249

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
cf-cache-status
MISS
last-modified
Wed, 01 Aug 2018 01:21:34 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P4
etag
"1cf261d5ec31a789026a38d38ce42e39"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7303535a0b656909-FRA
content-length
44753
coins.jpg
cf.spybriefing.com/hosted/images/44/32080b28ac4f77b35a09b89b84a125/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.spybriefing.com/hosted/images/44/32080b28ac4f77b35a09b89b84a125/coins.jpg
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e7db8a58e717a428cc1ef7503bc697bef2e68751f79e09ecef3bb03599fe747

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:05 GMT
cf-cache-status
MISS
last-modified
Wed, 21 Apr 2021 03:58:40 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P4
etag
"6d00e31dfa25c1d45fbc0d4fa87ba860"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7303535a0b666909-FRA
content-length
47065
im-7.png
cf.spybriefing.com/hosted/images/59/f24834b7a24ba89fd2989d5a09dfca/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.spybriefing.com/hosted/images/59/f24834b7a24ba89fd2989d5a09dfca/im-7.png
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ab317453cbdfb54fa36975a72af0d4374a56566a7e1e2239e3a11283b282b97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Jul 2021 03:41:29 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P4
etag
"cf1ffc8b56f3251cca97ae13e49036f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7303535a0b676909-FRA
content-length
49703
im-8.png
cf.spybriefing.com/hosted/images/bc/c218ee7a4c4e07b133ff4215491c36/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.spybriefing.com/hosted/images/bc/c218ee7a4c4e07b133ff4215491c36/im-8.png
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
517f1d9859f4ed0b7e2f4bc0cee432d50d96c58f4224b873dd43888190b653a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Jul 2021 03:42:50 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P4
etag
"b5b0460d1d05b450bb810f61c9bbc68f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7303535a0b696909-FRA
content-length
92555
im-9.png
cf.spybriefing.com/hosted/images/2a/c9392b1fb446a8bf568685d1434c1e/ 		665 KB
666 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.spybriefing.com/hosted/images/2a/c9392b1fb446a8bf568685d1434c1e/im-9.png
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9af9b1734f5993f127763abe432eee430905f1af2381528ba74dc3d77af319c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Jul 2021 03:45:08 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P4
etag
"a39c7ad0221fdbd8d44d41ce22f3962d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7303535a0b6a6909-FRA
content-length
680952
QDC-BONUS-2.png
cf.spybriefing.com/hosted/images/fa/e66087bb1e43b68e1875d3f2e5fea2/ 		271 KB
271 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.spybriefing.com/hosted/images/fa/e66087bb1e43b68e1875d3f2e5fea2/QDC-BONUS-2.png
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51aa24380c60e4259dd2728ec569f10b514dc418a35695e7f1df28bccf5a1020

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:05 GMT
cf-cache-status
MISS
last-modified
Tue, 13 Jul 2021 13:33:50 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P4
etag
"f387325bc155effcdbec352edf3c9fea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7303535a0b6b6909-FRA
content-length
277440
im-12.png
cf.spybriefing.com/hosted/images/0c/e2b953954c4e959a63b4af34ea5c38/ 		248 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.spybriefing.com/hosted/images/0c/e2b953954c4e959a63b4af34ea5c38/im-12.png
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f22385dfac52b7843da81c98aaf8f928d9e9dd5ecf91cac4cc12eef23766574

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Jul 2021 04:34:43 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P4
etag
"fc1ebc775a3a4fed8437f3a75f1db5b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7303535a0b6c6909-FRA
content-length
253503
im-13.png
cf.spybriefing.com/hosted/images/b3/2d7db65a7e457bbfbe340510f0c566/ 		291 KB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.spybriefing.com/hosted/images/b3/2d7db65a7e457bbfbe340510f0c566/im-13.png
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
357641ed88b06545f8b1a6e3b698a92b7f312ebdad8bc2e64d07b14db9b6c239

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Jul 2021 04:55:50 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P4
etag
"736098a9d063f1324c6439ba9fa5081e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7303535a0b706909-FRA
content-length
297582
im-14.png
cf.spybriefing.com/hosted/images/d6/53fc0f64ea4a9f82383775a191739e/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.spybriefing.com/hosted/images/d6/53fc0f64ea4a9f82383775a191739e/im-14.png
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7979f25e45feaf0c502a954832c4c5ba5e5d5f193d3898bad1e88610c4157b54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Jul 2021 05:16:44 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P4
etag
"7c62d5a0e5820db91e39984907803605"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7303535a0b726909-FRA
content-length
95794
css
fonts.googleapis.com/ 		5 KB
810 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%7CRoboto%7COpen+Sans%7COpen+Sans%7C
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d879cce1d3b8d492e394e9be9e78042509f0d46aac16250c43cace3782a5a55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 07:54:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 25 Jul 2022 07:54:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Jul 2022 07:54:05 GMT
lander.js
cf.spybriefing.com/assets/ 		2 MB
663 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.spybriefing.com/assets/lander.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bce5f5e062a57dc654368c556c67c9ee7193ac9fb6334b5794b4093d64b9c375
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
532
last-modified
Thu, 21 Jul 2022 14:31:18 GMT
server
cloudflare
etag
W/"62d96336-238c65"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
7303535a0b5d6909-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Mon, 25 Jul 2022 08:14:05 GMT
mailcheck.min.js
app.clickfunnels.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/mailcheck.min.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
6267
last-modified
Thu, 21 Jul 2022 14:30:08 GMT
server
cloudflare
etag
W/"62d962f0-a8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7303535a29b89b31-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
pushcrew.js
cf.spybriefing.com/assets/ 		637 B
725 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.spybriefing.com/assets/pushcrew.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
740
last-modified
Thu, 21 Jul 2022 14:30:07 GMT
server
cloudflare
etag
W/"62d962ef-27d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
7303535a0b736909-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Mon, 25 Jul 2022 08:14:05 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://cf.spybriefing.com/
Origin
https://cf.spybriefing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:05 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7303535a294a9b22-FRA
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae31d2c42bca396f9ad140594890b16f599b6cd8f36c809adac8ebd5eb45b2e5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26093
x-xss-protection
0
pragma
public
x-fb-debug
kg1/tiCz02D2nD4wgJstUV506Zmx9+tITJn5OQXGMocrgV4UKF9PHDrH/JFUkRXZZ1w84Cl3zvSXwxt13sMKHw==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Mon, 25 Jul 2022 07:54:05 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
a1Rnre.js
tag.segmetrics.io/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.segmetrics.io/a1Rnre.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.114.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-114-65.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4d2752c365518d29e897c4ce4465e035cce6e9f27f001b219ca869bb369df94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 04:42:58 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 00:05:52 GMT
server
AmazonS3
age
11468
etag
W/"845b20c0a12f3546c9396d69f2d4baeb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a048d6da4903d2784c23b413b9b19b16.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-C1
x-amz-cf-id
W3RcZduJjY_cnHG9j_E1Mwr2KK11OoaopbHg3M0Aj7XbJ3Bpk2Ftaw==
gtm.js
www.googletagmanager.com/ 		353 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fef573e788028e3ff9be20403181ef568fda4b985863f500f432f6d42d6c80aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120884
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Jul 2022 07:54:05 GMT
main-bg.jpg
cf.spybriefing.com/hosted/images/09/28b200b05911e88deee167a372312d/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.spybriefing.com/hosted/images/09/28b200b05911e88deee167a372312d/main-bg.jpg
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e3a28df51924c57892c425cf0e17f6509339c8c90c86f9aa71279d3295e66b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:05 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 04 Sep 2018 15:41:52 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P4
etag
"9de988dd02676a54ff16f31f7a576289"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
cf-polished
status=not_needed
accept-ranges
bytes
cf-ray
7303535a1b7d6909-FRA
content-length
1570
cf-bgj
imgq:85,h2pri
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cf.spybriefing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 23:10:25 GMT
x-content-type-options
nosniff
age
549820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 23:10:25 GMT
321845198590810
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/321845198590810?v=2.9.66&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a0498f6e4bf8444284395f532598ed8b6a16d63dd83e1b91831ce923e798d67d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
oy7quuvBQ2mr5e65CtTbgILv3zYCIuXD7GpEXIc68teuo7+jJE87lT7iGyBKfjjmiI6KDR/jZ0n3HG4Nv0E97g==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 25 Jul 2022 07:54:05 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1658735645913
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-164010868-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3980
date
Mon, 25 Jul 2022 06:47:45 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 25 Jul 2022 08:47:45 GMT
js
www.googletagmanager.com/gtag/ 		158 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-459873033&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-164010868-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
27ba75ff31633a0d0d29ca8510db16970c9c44a8fed38781611902ee64fe3a1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59928
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Jul 2022 07:54:05 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-459873033
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15160
x-xss-protection
0
server
cafe
etag
9823212955285023900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 25 Jul 2022 07:54:05 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1792738146&t=pageview&_s=1&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&ul=en-us&de=UTF-8&dt=Carfighting%20Video&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=885802430&gjid=399304596&cid=1582454745.1658735646&tid=UA-164010868-2&_gid=99824719.1658735646&_r=1&gtm=2ou7k0&z=1259835459
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cf.spybriefing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf.spybriefing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		204 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1YZK2FN9X9&l=cDataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c4855783c57812340258a56fd7411eb074c81a32c75ba301c9f4b2065588aca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:05 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73971
x-xss-protection
0
expires
Mon, 25 Jul 2022 07:54:05 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1792738146&t=pageview&_s=1&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&ul=en-us&de=UTF-8&dt=Carfighting%20Video&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1729911833&gjid=1892021996&cid=1582454745.1658735646&tid=UA-217947897-1&_gid=99824719.1658735646&_r=1&gtm=2wg7k0KP3XJLJ&z=1709560242
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cf.spybriefing.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf.spybriefing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f1c:a99:832c:e958:87e0:dc9b:7bb1 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dafa3ce4de4cc56876b0fc6c36628fbcade9f4b07d7f27e4ca67744d91b2beb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
content-encoding
gzip
etag
"77f5L8LR6ldZZZ+q4Q+xaw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 01 Aug 2022 07:54:06 GMT
core.js
s.pinimg.com/ct/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:78c::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

akamai-x-true-ttl
7200
x-cdn
akamai
etag
"c4a0eea377c5e0da574e46f4d6e838e5"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
accept-ranges
bytes
content-length
1142
access-control-expose-headers
X-CDN
obtp.js
amplify.outbrain.com/cp/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-78.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 07:54:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Jun 2022 14:06:31 GMT
Server
AkamaiNetStorage
ETag
"51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3249
Expires
Mon, 25 Jul 2022 08:14:05 GMT
C4F968F0-90C1-4C34-89CF-15D8B4DE20B8.js
ndn.statistinamics.com/cstnxtm/ 		499 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ndn.statistinamics.com/cstnxtm/C4F968F0-90C1-4C34-89CF-15D8B4DE20B8.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.205.176.157 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
statistinamics.com
Software
openresty /
Resource Hash
257c0e97fab53906527a38f70c0fa4d7c60d0fada62f6628ae02d2e4137065de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:06 GMT
cache-control
max-age=0
server
openresty
content-type
application/javascript
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag_gen.js
a.exoclick.com/ 		1 KB
953 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.exoclick.com/tag_gen.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
3f89c138ce1226da6cf58792344304839adeea6fc1fad2ba4ff9fc137abb70a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 07:54:06 GMT
Content-Encoding
gzip
Server
nginx
etag
W/"a56c0470b9aa925085e51a6271a"
X-HW
1658735646.dop122.fr8.t,1658735646.cds144.fr8.shn,1658735646.dop122.fr8.t,1658735646.cds230.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
515
mgsensor.js
a.mgid.com/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mgid.com/mgsensor.js?d=1658735645984
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f7599ba1e84432f7f3319c7ed71b84ed24ffbb9741bea6b3ec61ec370707541

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
68a9d025-ae49-44ba-af90-fb1d579c1ddd
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
7303535b9fc5693f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
mgsensor.js
a.adskeeper.co.uk/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.adskeeper.co.uk/mgsensor.js?d=1658735645984
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a398d1fae9986f6261e7aa926f343c38b5f9bd9ade434101f1d8db1d3c6b28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 25 Jul 2022 07:54:06 GMT
x-mg-request-uuid
a8fbdae8-84a1-42e7-ab35-cc28cd64b246
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7303535b9b419277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expires
Mon, 25 Jul 2022 11:54:06 GMT
scevent.min.js
sc-static.net/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.225.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-225-250.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
37890dea5b2726064a174b28b90faf16d51fed898d0f37e2fb0342161593d68c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
FRA56-P4
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
7821
via
1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-id
hBYPhkQiBiJd1ukutLtvaryLr2yWxxVe0Rsj1EoD_Fkog8wgjxgxvA==
events.js
analytics.tiktok.com/i18n/pixel/ 		127 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-230.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5f7aa90ade630ed2d5d0f980c8cee038f489af8bd0012dd6f60b18a7bd456dca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
b051c361.1e1ff72d
date
Mon, 25 Jul 2022 07:54:06 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-5.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-parent-response-time
93,23.36.161.202
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=5, inner; dur=2
pragma
no-cache
server
nginx
x-tt-logid
2022072507540601000204500773500204004700B98
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
5,23.220.104.5
x-tt-trace-host
01eac4ce884f22a7686059609c6ef666bde179bdf76ab86d9942932f632fec73a416b6c7138f7ee9f300ea53ca8686118451fa2fb730e2f67458af5739c10e419e0ecc39b39844cc92a0354b450557103e8bce99d5f37b64fcff0518134585869b
expires
Mon, 25 Jul 2022 07:54:06 GMT
postback
visit.prayfashion.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visit.prayfashion.com/postback?clickid=undefined&type=RT_View_Content
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
162.210.192.55 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
postback
visit.prayfashion.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visit.prayfashion.com/postback?clickid=null&type=RT_View_Content&gtmcb=425398892
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
162.210.192.55 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1792738146&t=event&ni=0&_s=1&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&ul=en-us&de=UTF-8&dt=Carfighting%20Video&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=ViewContent&el=ViewContent&_u=aEDAAUABAAAAAC~&jid=&gjid=&cid=1582454745.1658735646&tid=UA-217947897-1&_gid=99824719.1658735646&gtm=2wg7k0KP3XJLJ&z=1086371413
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 22:08:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
35155
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
imps.php
pixel.adblade.com/ 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adblade.com/imps.php?sgms=18028
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.26.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-26-54.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="http://www.adblade.com/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-vendor
Adiant LLC | Adiant | http://www.adiant.com
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
x-xss-protection
1; mode=block
blank.gif
rdcdn.com/images/
Redirect Chain
  • https://rdcdn.com/rt?aid=19177&e=1&img=1
  • https://rdcdn.com/eow
  • https://rdcdn.com/images/blank.gif
42 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdcdn.com/images/blank.gif
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Server
44.196.167.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-167-20.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
last-modified
Thu, 23 Dec 2021 21:40:22 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"0e70b045f8d71:0"
content-length
42
content-type
image/gif

Redirect headers

date
Mon, 25 Jul 2022 07:54:06 GMT
x-aspnetmvc-version
4.0
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
text/html; charset=utf-8
location
https://rdcdn.com/images/blank.gif
cache-control
private
content-length
151
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=321845198590810&ev=PageView&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&rl=&if=false&ts=1658735645998&sw=1600&sh=1200&v=2.9.66&r=stable&ec=0&o=30&fbp=fb.1.1658735645997.2132726940&it=1658735645795&coo=false&rqm=GET
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 25 Jul 2022 07:54:06 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-164010868-2&cid=1582454745.1658735646&jid=885802430&gjid=399304596&_gid=99824719.1658735646&_u=YEBAAUAAAAAAAC~&z=170374738
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 25 Jul 2022 07:54:06 GMT
content-type
text/plain
access-control-allow-origin
https://cf.spybriefing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-217947897-1&cid=1582454745.1658735646&jid=1729911833&gjid=1892021996&_gid=99824719.1658735646&_u=aEDAAUABAAAAAC~&z=1316980915
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 25 Jul 2022 07:54:06 GMT
content-type
text/plain
access-control-allow-origin
https://cf.spybriefing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10864675517/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10864675517/?random=1658735646099&cv=9&fst=1658735646099&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&tiba=Carfighting%20Video&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df4b1744877f5a1aeb69cc0a9df5a24363dcb66ac5d3bd1d5397aef2556383d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1043
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/459873033/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/459873033/?random=1658735646102&cv=9&fst=1658735646102&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7k0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&tiba=Carfighting%20Video&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2a5535e5545e30e40850ba3f642b88a1830329b6d2fd25c5dbd840329f7ff51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1064
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
340 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-1YZK2FN9X9&gtm=2oe7k0&_p=1792738146&_z=ccd.v9B&_gaz=1&cid=1582454745.1658735646&ul=en-us&sr=1600x1200&_s=1&sid=1658735646&sct=1&seg=0&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&dt=Carfighting%20Video&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1YZK2FN9X9&l=cDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf.spybriefing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1YZK2FN9X9&cid=1582454745.1658735646&gtm=2oe7k0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1YZK2FN9X9&l=cDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf.spybriefing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1YZK2FN9X9&cid=1582454745.1658735646&gtm=2oe7k0&aip=1&z=1716872668
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00b2c266a43b639ea810e3a99bdf26fa4d
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 07:54:06 GMT
content-encoding
gzip
X-TraceId
07e970f82ed77c300fcf55d4b9884d5c
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00b2c266a43b639ea810e3a99bdf26fa4d&obApiVersion=2.0-gtm&obtpVersion=1.8.2&name=ContentView&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&optOut=false&bust=07157968507411037&referrer=
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 07:54:06 GMT
Cache-Control
no-cache
X-TraceId
92749ea386fb347425275e7bf611aa84
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
main.32155010.js
s.pinimg.com/ct/lib/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.32155010.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:78c::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
gzip
x-cdn
akamai
etag
"fd86de14455274a7c147dc95b77e18e3"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
accept-ranges
bytes
content-length
18298
access-control-expose-headers
X-CDN
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-230.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
9c4e4bdf.1e1ffa5d
date
Mon, 25 Jul 2022 07:54:06 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-parent-response-time
112,23.36.161.202
server-timing
cdn-cache; desc=MISS, edge; dur=110, origin; dur=7, inner; dur=3
content-length
30865
pragma
no-cache
server
nginx
x-tt-logid
2022072507540601000400400773500202708356019
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
7,23.220.104.8
x-tt-trace-host
01eac4ce884f22a7686059609c6ef666bde179bdf76ab86d9942932f632fec73a40374d735331fd7c1058905b9471009a9b128858418016cb44c449bd7c0fe49ed3698e36f6aa1906c07bad8f580db35367f7e95cc2188e7da287c2dd553de3c9d
expires
Mon, 25 Jul 2022 07:54:06 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		868 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C86L4GL8U2K62KB9IPVG&hostname=cf.spybriefing.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-230.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2e08628dfbdeb5fe6ccc883c071f5fc3da5b9f94f2747d9352d2ae91261bb9cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
9c4e4d3d.1e1ffb25
date
Mon, 25 Jul 2022 07:54:06 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-parent-response-time
102,23.36.161.202
server-timing
cdn-cache; desc=MISS, edge; dur=113, origin; dur=6, inner; dur=4
content-length
346
pragma
no-cache
server
nginx
x-tt-logid
202207250754060100020030050060030111352EF31
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
6,23.220.104.8
x-tt-trace-host
01eac4ce884f22a7686059609c6ef666bde179bdf76ab86d9942932f632fec73a40374d735331fd7c1058905b9471009a901a6ce5297e14171c7b6638d9b2b3b1fac49b1685de2b2cd460e48637d24ebb92ae80b80dd7219e1a1a6084a8f5319bb
expires
Mon, 25 Jul 2022 07:54:06 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-164010868-2&cid=1582454745.1658735646&jid=885802430&_u=YEBAAUAAAAAAAC~&z=1636298744
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-164010868-2&cid=1582454745.1658735646&jid=885802430&_u=YEBAAUAAAAAAAC~&z=1636298744
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-217947897-1&cid=1582454745.1658735646&jid=1729911833&_u=aEDAAUABAAAAAC~&z=1633819583
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-217947897-1&cid=1582454745.1658735646&jid=1729911833&_u=aEDAAUABAAAAAC~&z=1633819583
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1x1.gif
a.mgid.com/ 		43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=697885&type=c&tg=&r=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&clidv=0&cmgid=0&cmtid=0&cmtuid=0&d=1658735646240
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
7303535d1bd6994b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
/
www.google.com/pagead/1p-user-list/459873033/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/459873033/?random=1658735646102&cv=9&fst=1658732400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&tiba=Carfighting%20Video&async=1&fmt=3&is_vtc=1&random=1911542613&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/459873033/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/459873033/?random=1658735646102&cv=9&fst=1658732400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&tiba=Carfighting%20Video&async=1&fmt=3&is_vtc=1&random=1911542613&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10864675517/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10864675517/?random=1658735646099&cv=9&fst=1658732400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&frm=0&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&tiba=Carfighting%20Video&async=1&fmt=3&is_vtc=1&random=663141958&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10864675517/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10864675517/?random=1658735646099&cv=9&fst=1658732400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&frm=0&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&tiba=Carfighting%20Video&async=1&fmt=3&is_vtc=1&random=663141958&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1x1.gif
a.adskeeper.co.uk/ 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.adskeeper.co.uk/1x1.gif?id=697873&type=c&tg=&r=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&clidv=0&cmgid=0&cmtid=0&cmtuid=0&d=1658735646307
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
cf-cache-status
MISS
last-modified
Mon, 25 Jul 2022 07:54:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7303535d8b3c6904-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Mon, 25 Jul 2022 11:54:06 GMT
collect
track.segmetrics.io/ 		43 B
629 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.segmetrics.io/collect?t=view&r=&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&v=2&a=a1Rnre&i=5374&uid=01G8T5JNKJQD65BFFSEBNBFJRG&fp=9d457808425f18e13d7c1a88a97278f3&mt=%7B%22fbp%22%3A%22fb.1.1658735645997.2132726940%22%2C%22ga%22%3A%22GA1.1.1582454745.1658735646%22%7D
Requested by
Host: tag.segmetrics.io
URL: https://tag.segmetrics.io/a1Rnre.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yl6CGeHLLQhSP2B5fMcc%2FSVmmvnLP798VyuxAB6pUlYkB3lMA%2FCk6kkss9dcYdQXkdDKfEFnOTUtf8XJkzsKfKv14pyJROy1cAo23HGo%2FGHnrFMtdTLSHBVYpJUBhpelMG7sOk%2BAuhqHNHKALap46s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
7303535dbb6f5b74-FRA
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
/
ct.pinterest.com/user/ 		488 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2613287533480&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&cb=1658735646328
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
akamai
akamai-grn
0.8f6656b8.1658735646.305b24d6
x-envoy-upstream-service-time
2
x-pinterest-rid
6321360581077789
pin-unauth
dWlkPVpEUTNOREppWWpNdE1qRmpZaTAwTkdGakxUbGlaVE10TUdNeVlqRXlNMlUzWkRFMg
access-control-allow-origin
https://cf.spybriefing.com
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
content-length
350
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2613287533480&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1658735646330
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:06 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.8f6656b8.1658735646.305b24e6
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
5
content-length
35
x-pinterest-rid
5007389503253069
expires
Sat, 01 Jan 2000 00:00:00 GMT
C4F968F0-90C1-4C34-89CF-15D8B4DE20B8.js
ndn.statistinamics.com/cstnxtm/ 		114 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ndn.statistinamics.com/cstnxtm/C4F968F0-90C1-4C34-89CF-15D8B4DE20B8.js?_uuid=d9bff8be-cea3-48eb-9d83-e15c70cd4f15&lsgrg=&l=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&r=
Requested by
Host: ndn.statistinamics.com
URL: https://ndn.statistinamics.com/cstnxtm/C4F968F0-90C1-4C34-89CF-15D8B4DE20B8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.205.176.157 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
statistinamics.com
Software
openresty /
Resource Hash
98ff35fbc8c931f20e15f113cdd118643f210191b767e803b39fcd8f7d9b3665

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:06 GMT
cache-control
max-age=0
server
openresty
content-type
application/javascript
etag
A071A6F4-E567-4093-A4F2-474BA0D69339
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
553 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-230.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:06 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
20220725075406010002045007735002032078EC95A
x-cache
TCP_MISS from a23-36-161-202.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
164,23.36.161.202
x-tt-trace-host
01eac4ce884f22a7686059609c6ef666bde914b0731c2901418f44f78e298e03b58775b00a1ac45d63f13d51d1111e0eb9416db1fb0c41c2fca504dc4165d85113f42dc7577a3b1b7c723a4075efbe9869
server-timing
inner; dur=10, cdn-cache; desc=MISS, edge; dur=20, origin; dur=164
x-akamai-request-id
1e1ffddd
content-length
0
expires
Mon, 25 Jul 2022 07:54:06 GMT
60cqUPxYThY
www.youtube.com/embed/ Frame 5848 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Mon, 25 Jul 2022 07:54:06 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%7CRoboto%7COpen+Sans%7COpen+Sans%7C
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cf.spybriefing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 11:57:13 GMT
x-content-type-options
nosniff
age
590213
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16720
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 11:57:13 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.9.0/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer
https://use.fontawesome.com/releases/v5.9.0/css/all.css
Origin
https://cf.spybriefing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
526922
cf-ray
7303535e78339c0d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75440
x-amz-id-2
PDE79FmngLkteSZ5Edorerjc9y7pyIDFY3zfW5YzLcDRX8ebQ5DtljDw0qBK7QOVpTKIpqm7948=
last-modified
Wed, 30 Jun 2021 15:48:27 GMT
server
cloudflare
etag
"b5cf8ae26748570d8fb95a47f46b69e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSj35UTS8WZLnngjGO0OfZG8aaNEGqYz5eafBWJqN%2BkPKkCpbk1mzTpj%2FkEaVBAblvzfeCkjB5K8R81kW6%2BC5ekXO%2FzfvfnWJ1WuziwRPDCxPzAttuiXl3OHgkNF4eKEXIvegt3MejECWwot%2BENOZDzn"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
K5RC38CPEF9QWT4R
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
vendor.js
cf.spybriefing.com/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.spybriefing.com/vendor.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-powered-by
Phusion Passenger Enterprise 6.0.7
status
200 OK
strict-transport-security
max-age=0
x-request-id
b773230f29152b13cab0b0c00a94d7fc
x-runtime
0.014372
x-content-digest
581e49c9b7bdd06dab54c00931f4256b223e620e
server
cloudflare
x-frame-options
ALLOWALL
etag
W/"7422e50efbaea439fda7ef3b0eb54ee1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, public
access-control-allow-credentials
true
cf-ray
7303535f9b016909-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache
fresh
stat.js
www.clickcease.com/monitor/ 		162 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clickcease.com/monitor/stat.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37c5d878d7cae8df42a57c44a47e5f872305557edf7d089c7b4587692a801aa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
341584
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Jul 2022 09:00:38 GMT
server
cloudflare
x-frame-options
sameorigin
etag
W/"287f5-5e44cf392c650-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWloEG8lklPTO%2BIwoCZHR9QS6RaSofLHj74HBzDYUWiVOL%2BdCzOkUO6YFzzq8T57jMKYSq7J%2BCDaWTASo76g7m8FaTW%2BTgS5QBMq8TGfRZNxYaScEFHfz%2Bkt5BpUZDrWs0BpyhUZsOiKM3AHLcws9l8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding,User-Agent
cache-control
max-age=2678400
access-control-allow-credentials
true
cf-ray
7303535fd9d568f7-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,C$
expires
Sat, 20 Aug 2022 09:01:01 GMT
/
app.clickfunnels.com/userevents/ 		0
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=WWZNWkVDTGh6d25icjRxaFI0VGxTZz09LS1vZUl3U3BaZm91U2RjL3JCUmNaZGxBPT0%3D--55f5b219a0855d1de6afe8bb63790a05de10dda2&page_id=MCtjb2xncVE0ZkFKdXpPOWo3bW44dz09LS1QQUlXQ2lSYUwweUVvM3JRZVRGRHlnPT0%3D--c2e6c4453903abd96174e625f7bbb412a4a137ff&funnel_step_id=SXBraFphaS82RE5Vbm1nMzdtSS8wQT09LS1VbVhtaDNZZXV6YVZ1RHZIcWtjQ0d3PT0%3D--d113d8598098b9a7cfeb35a822f63d309676a12e&user_id=aUd6UzZ1RTVZVTQvZU1oYWtvbThZQT09LS10R0s5T0ZsdGpYVzdKYXVyMzdTL1Z3PT0%3D--58745d9063c945138cb0922af528229666658a10&account_id=d1FPRCtTOE9RMDJBZElRUWYxVVAxdz09LS02STA5NFByUzE4cmkvZ052aDNySUF3PT0%3D--19002a116193b4e5429aebbc4a3282aefc8007fe&page_code=NDk3NzkxNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=f392f75e-e24b-4a8d-ae11-a443155b7eb9&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/userevents/application.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
access-control-request-method
*
cf-cache-status
BYPASS
access-control-allow-origin
*
x-powered-by
Phusion Passenger Enterprise 6.0.7
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=xNTLkubnupfoYThApIwLXJXgc_I6HoQDU3sDQbBhI0g-1658735646-0-AUu4QIQGmqpU_Fs-0u524nhDkFL-MFmtd_DFM1BguYjkQa99jUA9bRA92XtwAIfK8aEL-NbL7130hWKytu7qWUNz7hYSD1saE4nb63Mx58HY
status
202 Accepted
strict-transport-security
max-age=0
x-request-id
83bb31c2232571cb48861bde44fdeabf
x-runtime
0.043134
server
cloudflare
x-frame-options
ALLOWALL
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/html
pragma
no-cache
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7303536008c58fec-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache
miss
/
app.clickfunnels.com/userevents/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=WWZNWkVDTGh6d25icjRxaFI0VGxTZz09LS1vZUl3U3BaZm91U2RjL3JCUmNaZGxBPT0%3D--55f5b219a0855d1de6afe8bb63790a05de10dda2&page_id=MCtjb2xncVE0ZkFKdXpPOWo3bW44dz09LS1QQUlXQ2lSYUwweUVvM3JRZVRGRHlnPT0%3D--c2e6c4453903abd96174e625f7bbb412a4a137ff&funnel_step_id=SXBraFphaS82RE5Vbm1nMzdtSS8wQT09LS1VbVhtaDNZZXV6YVZ1RHZIcWtjQ0d3PT0%3D--d113d8598098b9a7cfeb35a822f63d309676a12e&user_id=aUd6UzZ1RTVZVTQvZU1oYWtvbThZQT09LS10R0s5T0ZsdGpYVzdKYXVyMzdTL1Z3PT0%3D--58745d9063c945138cb0922af528229666658a10&account_id=d1FPRCtTOE9RMDJBZElRUWYxVVAxdz09LS02STA5NFByUzE4cmkvZ052aDNySUF3PT0%3D--19002a116193b4e5429aebbc4a3282aefc8007fe&page_code=NDk3NzkxNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=c162dc76-170e-4882-ab3f-ebf0f4c04deb&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/userevents/application.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
access-control-request-method
*
cf-cache-status
BYPASS
access-control-allow-origin
*
x-powered-by
Phusion Passenger Enterprise 6.0.7
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=9e5TLPwBnLPJcyP6ssOAUgsFnD7Bu15vTviHsnDSjnw-1658735646-0-Aad6tfVf2l75WYjfnyc9r9sVq7nck7fx0uJyXAawo5a2ZSziHjmwASVFsCamXnzS-Zar6cATReASsiwvWVZeH1YnMlTsfJLV5Du74ZeGwQcI
status
202 Accepted
strict-transport-security
max-age=0
x-request-id
06a89fc3a735d837b9b3ce3358649686
x-runtime
0.027345
server
cloudflare
x-frame-options
ALLOWALL
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/html
pragma
no-cache
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7303536008c88fec-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache
miss
/
app.clickfunnels.com/userevents/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=WWZNWkVDTGh6d25icjRxaFI0VGxTZz09LS1vZUl3U3BaZm91U2RjL3JCUmNaZGxBPT0%3D--55f5b219a0855d1de6afe8bb63790a05de10dda2&page_id=MCtjb2xncVE0ZkFKdXpPOWo3bW44dz09LS1QQUlXQ2lSYUwweUVvM3JRZVRGRHlnPT0%3D--c2e6c4453903abd96174e625f7bbb412a4a137ff&funnel_step_id=SXBraFphaS82RE5Vbm1nMzdtSS8wQT09LS1VbVhtaDNZZXV6YVZ1RHZIcWtjQ0d3PT0%3D--d113d8598098b9a7cfeb35a822f63d309676a12e&user_id=aUd6UzZ1RTVZVTQvZU1oYWtvbThZQT09LS10R0s5T0ZsdGpYVzdKYXVyMzdTL1Z3PT0%3D--58745d9063c945138cb0922af528229666658a10&account_id=d1FPRCtTOE9RMDJBZElRUWYxVVAxdz09LS02STA5NFByUzE4cmkvZ052aDNySUF3PT0%3D--19002a116193b4e5429aebbc4a3282aefc8007fe&page_code=NDk3NzkxNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=a8b3d3af-4fb5-4e57-85f4-14e4726501ad&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/userevents/application.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
access-control-request-method
*
cf-cache-status
BYPASS
access-control-allow-origin
*
x-powered-by
Phusion Passenger Enterprise 6.0.7
status
202 Accepted
strict-transport-security
max-age=0
x-request-id
815cba91226b6e66ec1bf12d037a3009
x-runtime
0.031844
server
cloudflare
x-frame-options
ALLOWALL
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/html
pragma
no-cache
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7303536008c98fec-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache
miss
iframe_api
www.youtube.com/ 		980 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/lander.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
40b30a38dcd64ea99edd332b2134aa7cc6d7a3cef11ce2d20787a67b43f9a8f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Mon, 25 Jul 2022 07:54:06 GMT
60cqUPxYThY
www.youtube.com/embed/ Frame 0170 		56 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/lander.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6cb2e2b343c8698272a48742cda2c7e901130273382f5b3f16ffbfaa69b60b7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Mon, 25 Jul 2022 07:54:06 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
/
track.addevent.com/atc/ 		0
0
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=321845198590810&ev=Microdata&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&rl=&if=false&ts=1658735646812&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Carfighting%20Video%22%2C%22meta%3Adescription%22%3A%22description%20for%20your%20awesome%20landing%20page%22%2C%22meta%3Akeywords%22%3A%22nodo%2C%20landing%20page%2C%20editor%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%22%2C%22og%3Atitle%22%3A%22Carfighting%20Video%22%2C%22og%3Adescription%22%3A%22description%20for%20your%20awesome%20landing%20page%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.66&r=stable&ec=1&o=30&fbp=fb.1.1658735645997.2132726940&it=1658735645795&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 25 Jul 2022 07:54:06 GMT
roundtrip.js
s.adroll.com/j/LIAFGQD4BJCQNANH5CBFII/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/LIAFGQD4BJCQNANH5CBFII/roundtrip.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
22aee860d85133c05f5ff5f3f4f23a8574d67bc9a55a9efc823cf58677377466

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

X-Amz-Version-Id
Fouhg.t01r1d_Wp81u1WTcIP18R6g8uI
Content-Encoding
gzip
Etag
W/"71a4ceaa0a62dacd86d51501161cd4dd"
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Access-Control-Max-Age
600
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Sun, 24 Jul 2022 13:57:21 GMT
Server
AmazonS3
Date
Mon, 25 Jul 2022 07:54:07 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
vDBSLdzYEJZEAnr5pwgne78RMbF6JRZBrd1DnAI2MtE2UdkSjr_eXQ==
357-22803.js
m.revmizer.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://m.revmizer.com/357-22803.js?id=22803&m=357
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.236.195.67 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.195.236.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
rev.js
assets.revcontent.com/master/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/rev.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
894694eee28fc463a83875d519e70afaf5f40ac7c042d6114c4ee86d156b4067

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
content-encoding
gzip
last-modified
Wed, 09 Oct 2019 15:23:49 GMT
server
AmazonS3
x-amz-request-id
CDVA7K848BH8CRZZ
etag
"46482d4733f3f6c1f93601a6274bc264"
x-hw
1658735646.cds204.fr8.hn,1658735646.cds262.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
9617
x-amz-id-2
OnIOpWpq13PpiMzcLcnARSJ70dhEc/SRiVMJj2G3cXHuGsff4edGbzlJ+ZgsaoKSIbpkpYhpDhA=
events.js
tags.srv.stackadapt.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.171.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-171-94.compute-1.amazonaws.com
Software
/
Resource Hash
f5905a1fc3f72e48fdcc7de1fbc48cbb82189cb4030a3116182588d774482939

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 25 Jul 2022 07:54:07 GMT
Content-Encoding
gzip
Cache-Control
max-age=5
Content-Length
5405
Connection
keep-alive
Content-Type
text/javascript
uniclick.js
visit.prayfashion.com/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visit.prayfashion.com/uniclick.js?defaultcampaignid=61320f755617cb0001db7600&attribution=lastclick&regviewonce=false&cookiedomain=prayfashion.com&cookieduration=30
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
162.210.192.55 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
536fac39003de603f6c241901f38840138347a972922dba26a673b022d39e7e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 07:54:07 GMT
Server
nginx/1.21.4
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00b2c266a43b639ea810e3a99bdf26fa4d&obApiVersion=2.0-gtm&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&optOut=false&bust=022496626223966842&referrer=
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 07:54:06 GMT
Cache-Control
no-cache
X-TraceId
45c2423d61d10bac884f58dd5dea5d0f
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
rules-p-N9U2JGvJG8HTY.js
rules.quantcount.com/ 		2 B
347 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-N9U2JGvJG8HTY.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:9400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:06 GMT
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA56-P6
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
content-length
2
x-amz-cf-id
7DHMjrvRJ72KtRDSnuN26mLpQwmqRPxcHuWNw2ja4_1o1-JTEciLhg==
www-widgetapi.js
www.youtube.com/s/player/afeb58ff/www-widgetapi.vflset/ 		159 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/afeb58ff/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
913a414d89a4e99a4804e3eb208479ba090542422d952eecd4f692d2803e9183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:32:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
1321
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52518
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 00:17:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 25 Jul 2023 07:32:05 GMT
www-player.css
www.youtube.com/s/player/afeb58ff/ Frame 0170 		340 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/afeb58ff/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb599e114d2bc2f901597ac2b6cbf99e6e6e7de9501a5c1a600ea2d6bad68d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 15:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
316911
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47800
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 00:17:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 21 Jul 2023 15:52:15 GMT
www-embed-player.js
www.youtube.com/s/player/afeb58ff/www-embed-player.vflset/ Frame 0170 		307 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/afeb58ff/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27423bab6b0ee04853cec7aafd45e79df71704e6480b962515e8d2b3f44ba97f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 15:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
316911
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96985
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 00:17:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 21 Jul 2023 15:52:15 GMT
base.js
www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/ Frame 0170 		2 MB
565 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bd7731976877131e36c5fabbc778bd3f5cae51aa0865325decad5a1a3ffc90f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 19:20:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
218006
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
578155
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 00:17:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 22 Jul 2023 19:20:40 GMT
fetch-polyfill.js
www.youtube.com/s/player/afeb58ff/fetch-polyfill.vflset/ Frame 0170 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/afeb58ff/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 15:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
316911
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 00:17:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 21 Jul 2023 15:52:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0170 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 17:06:41 GMT
x-content-type-options
nosniff
age
485245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 19 Jul 2023 17:06:41 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 0170
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol
H3
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c20c8f9ac21920d3815c85938c577fc8f39d200cc13f1fa4ab236bac04292b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 25 Jul 2022 07:54:07 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 0170 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/afeb58ff/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:49:42 GMT
x-content-type-options
nosniff
age
265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Jul 2022 08:04:42 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Mon, 25 Jul 2022 07:54:07 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0170 		64 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
95329e3e5329c303107ebfa23880646eda13af7bd6be912173d310b8ec60079a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 25 Jul 2022 07:54:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
30315
x-xss-protection
0
qoe
www.youtube.com/api/stats/ Frame 0170 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?cpn=j2W6lJlecHYSBAIu&el=embedded&ns=yt&fexp=23748146%2C23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24198982%2C24199710%2C24220088%2C24222953%2C24226334%2C24230280%2C24232294%2C24238983%2C24241936%2C24245161%2C24245745%2C24248085%2C24248385%2C24252017%2C39321934&cl=462250062&seq=1&event=streamingstats&docid=60cqUPxYThY&cbr=Chrome&cbrver=103.0.5060.134&c=WEB_EMBEDDED_PLAYER&cver=1.20220720.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
X-YouTube-Client-Version
1.20220720.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtqNE1yVzRpaDVUMCiemPmWBg%3D%3D
X-YouTube-Ad-Signals
dt=1658735647044&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:07 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/ Frame 0170 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3a75b5a3c5338e8760ae0c7f541c4a9959ce09d0c86ad56eaee42d91ad05af3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 15:52:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
316907
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8115
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 00:17:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 21 Jul 2023 15:52:20 GMT
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/LIAFGQD4BJCQNANH5CBFII/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
HTTP/1.1
Server
2600:9000:225e:8c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

X-Amz-Version-Id
BTP2rshxaRFWPNdrItPYEau9DI6Y8oce
Via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
Etag
"5816cced8568d223aa09d889f300692b"
Age
39146
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
28
Last-Modified
Wed, 06 Jul 2022 18:15:57 GMT
Server
AmazonS3
Date
Sun, 24 Jul 2022 21:01:44 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA60-P4
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
BmvrYH5xc1okp-xq3B2uoSTOrMYroSIhf0W9kAOoq7bqmtyKP8UiAQ==

Redirect headers

Date
Sun, 24 Jul 2022 21:18:43 GMT
Via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
Age
38123
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA60-P4
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
WUja-iSTFlco_X_4hRz3Kxc9e4vUswK1-5zG8KN22HyAJ3sF6STTLQ==
sa.css
tags.srv.stackadapt.com/ 		65 B
292 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.171.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-171-94.compute-1.amazonaws.com
Software
/
Resource Hash
e4d0e793b9dd24807e7d368386586ec9f37fd90efa5d8fb8cf9ec3f2965aa478

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 25 Jul 2022 07:54:07 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
65
Content-Type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
881 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.171.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-171-94.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 25 Jul 2022 07:54:07 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
651
Content-Type
image/jpeg
LIAFGQD4BJCQNANH5CBFII
d.adroll.com/consent/check/ 		452 B
545 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/LIAFGQD4BJCQNANH5CBFII?arrfrr=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&_s=102f2396132c8aedc658596d3ba0e55c&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/LIAFGQD4BJCQNANH5CBFII/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.111.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-111-147.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
77c1d2cff7dccb84e95d0c508da3e61d52cd9b800feb50f56371a6862c6408ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:07 GMT
server
nginx/1.20.0
content-length
452
content-type
application/javascript
61320f755617cb0001db7600
visit.prayfashion.com/ 		558 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://visit.prayfashion.com/61320f755617cb0001db7600?format=json&referrer=&&sub19=fb.1.1658735645997.2132726940&sub20=undefined
Requested by
Host: visit.prayfashion.com
URL: https://visit.prayfashion.com/uniclick.js?defaultcampaignid=61320f755617cb0001db7600&attribution=lastclick&regviewonce=false&cookiedomain=prayfashion.com&cookieduration=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
162.210.192.55 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8013b1de929495d2bdba234c313845c60136b8b7926d00ad975c0e901ea6e83d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 07:54:07 GMT
Server
nginx/1.21.4
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
558
conv.js
web.adblade.com/js/ads/async/ 		565 B
517 B 		Script
General
Check archive.org
Download Go to
Full URL
https://web.adblade.com/js/ads/async/conv.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.26.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-26-54.compute-1.amazonaws.com
Software
/
Resource Hash
116e677ce1f72ac9525e2e6cd8d26a005c4dd4ba515fb8309023b2f0a2b3397a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:07 GMT
content-encoding
gzip
content-type
application/javascript; charset=UTF-8
beacon
r.turn.com/r/ 		43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/beacon?b2=KPANJjDjVHhDAfytnJEyTA8FukT5N393lmvJwNpKK7_6hJpIghfb409_LNc9xlydBXybU_N7H6Fx2I53UJoQfQ&cid=
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:06 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pixel;r=1737911919;source=gtm;rf=0;a=p-N9U2JGvJG8HTY;url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778;uht=2;fpan=1;fpa=P0-1685820206-1658735647311;pbc=;ns=0;ce=1...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1737911919;source=gtm;rf=0;a=p-N9U2JGvJG8HTY;url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778;uht=2;fpan=1;fpa=P0-1685820206-1658735647311;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5-20220713234410;cm=;gdpr=0;ref=;d=spybriefing.com;dst=0;et=1658735647311;tzo=0;ogl=image.%2Ctitle.Carfighting%20Video%2Cdescription.description%20for%20your%20awesome%20landing%20page%2Curl.https%3A%2F%2Fcf%252Espybriefing%252Ecom%2Fsales-page-4977917816267594971791630527983778%2Ctype.website
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f1c:a99:832c:e958:87e0:dc9b:7bb1 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:07 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0170 		98 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba7edeb93491eb658b3b96c20f4d4869db84e9364ce67834d67b44b9b672cf23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 25 Jul 2022 07:54:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Mon, 25 Jul 2022 07:54:07 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
orders_t.php
web.adblade.com/ 		43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.adblade.com/orders_t.php?id=63904&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&rnd=1658735647410
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.26.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-26-54.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="http://www.adblade.com/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-vendor
Adiant LLC | Adiant | http://www.adiant.com
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
x-xss-protection
1; mode=block
773c9580-7340-013a-c4ab-06a60fe5fe77
tag.simpli.fi/sifitag/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/773c9580-7340-013a-c4ab-06a60fe5fe77?referer=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b0.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
b5027926c44361f7719bdbbd6a0fb781e13842229b6ca68e38732b6fa40c6aa5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Mon, 25 Jul 2022 07:54:07 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
3101
x-request-id
FwUDSHOGy5WJyoCunWNB
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
consent_tcfv2.js
s.adroll.com/j/ 		410 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/consent_tcfv2.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/LIAFGQD4BJCQNANH5CBFII/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

X-Amz-Version-Id
44sIT20LqRj70wQHqyIoOw7etYYdjkbK
Content-Encoding
gzip
Etag
W/"0a7d0ea8d7d31b07e925fe340acf431b"
Age
115
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
Last-Modified
Wed, 04 May 2022 19:41:48 GMT
Server
AmazonS3
Date
Mon, 25 Jul 2022 07:52:12 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA60-P4
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
Lh7lKTn1zdq_ybjHeQ1p52lJx6i1JOcFrZYCRVrSCU9S9n8FZYHczw==
nextroll-32x32.png
s.adroll.com/i/favicon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

X-Amz-Version-Id
eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
Etag
"403a0a7dcf2d617e7ea852bfb9d11945"
Age
36084
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1615
Last-Modified
Mon, 28 Jun 2021 18:19:21 GMT
Server
AmazonS3
Date
Sun, 24 Jul 2022 21:52:44 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA60-P4
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
be6yIrane2f38NLSuSrkpWcZC8KeGbTs3jBxmenm8C-oZUhPorryrg==
ld.js
dynamic.criteo.com/js/ld/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=94432
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.140 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ee853fb9387e4862cf3420b29461fbf0f36ce1d1cb44d4ca585d92d1a4e0eb40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:07 GMT
content-encoding
br
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
track.js
assets.customer.io/assets/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.customer.io/assets/track.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:400:11:9cfd:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
765618d1667ba791f2d492d121d2da42ff7d7e079a4773462a381ac9aceab0c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:19:37 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 23:16:41 GMT
server
AmazonS3
age
16890
etag
W/"15e89eedddf82c193d5c3574b756f5a7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
BSM6YmnW4b9308_hpn8ZThfht_c2OeERyZ07cLHeiYXnKB6ckRMyWA==
view
visit.prayfashion.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://visit.prayfashion.com/view?clickid=62de4c1ff92ca00001622c80&referrer=
Requested by
Host: visit.prayfashion.com
URL: https://visit.prayfashion.com/uniclick.js?defaultcampaignid=61320f755617cb0001db7600&attribution=lastclick&regviewonce=false&cookiedomain=prayfashion.com&cookieduration=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
162.210.192.55 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 25 Jul 2022 07:54:07 GMT
Server
nginx/1.21.4
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods
GET, POST, OPTIONS
saq_pxl
tags.srv.stackadapt.com/ 		94 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=0xk6fdszdQvg5B_Yx1_8QQ&is_js=true&landing_url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&t=Carfighting%20Video&tip=5GCALq_tne6YKGvvyDbSl6zAyrUjuaGnezYTD0QxetE&host=https://cf.spybriefing.com&sa_conv_data_css_value=%20%220-9b68405e-55e5-4eba-4544-49094043c0b7%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd95251b35539de4f3078ca8d889985f672b2a2d18d&sa-user-id-v2=s%253A0-9b68405e-55e5-4eba-4544-49094043c0b7%2524ip%2524178.162.209.141.tpReqAi9KChfgKaiwimmpcRZgMxnqBmy%252BzyVNZWwcIs&sa-user-id=s%253A0-9b68405e-55e5-4eba-4544-49094043c0b7.6s4HtO%252BOAlFtuKVkoPAbY9ApUYol6gHFJu4zEoho2Dk
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.171.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-171-94.compute-1.amazonaws.com
Software
/
Resource Hash
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 07:54:07 GMT
Access-Control-Allow-Methods
GET
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://cf.spybriefing.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
94
nr-1216.min.js
js-agent.newrelic.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id
KBVH2PMAKMG74HWE
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
c40g0/PEOypibNZhpK4f4SlPZCSnAXuxKGtJ+LI/kKMS0hiuLcfL6ykVCP/ylzTky574I1FuVPM=
x-served-by
cache-fra19125-FRA
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1658735648.444057,VS0,VE0
date
Mon, 25 Jul 2022 07:54:08 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
5760
init
tr.snapchat.com/ 		126 B
191 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/init?pids=dcac7434-c37f-428b-b940-285ccbce8757
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
40c5a0b55c7388ca4e499a0d3b42fc8c1895c9a3bbd4968f4c9d0d6ec2774b99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:08 GMT
content-encoding
gzip
server
API Gateway
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://cf.spybriefing.com
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via
1.1 google
is_enabled
tr.snapchat.com/collector/ 		79 B
453 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/collector/is_enabled?pids=dcac7434-c37f-428b-b940-285ccbce8757&tld=com
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2c45b70490618728f3468dec82400bdf3fe943bfb55b46fbf8d1b55df250a16b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:08 GMT
content-encoding
gzip
server
API Gateway
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://cf.spybriefing.com
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via
1.1 google
i
tr.snapchat.com/cm/ Frame 6CE6 		0
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=dcac7434-c37f-428b-b940-285ccbce8757&_scsid=7b076c9b-87f4-4fe8-b849-93e2e3917f53&_sclid=3a031bf8-f0ab-42d6-bffe-eb4bebbb8be0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Mon, 25 Jul 2022 07:54:08 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
rum
cf.spybriefing.com/cdn-cgi/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cf.spybriefing.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
application/json

Response headers

date
Mon, 25 Jul 2022 07:54:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://cf.spybriefing.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
7303536aeae06909-FRA
vary
Origin
NRJS-fc902efb332119fff33
bam.nr-data.net/1/ 		49 B
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4538&ck=1&ref=https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778&ap=458&be=1686&fe=4464&dc=2731&perf=%7B%22timing%22:%7B%22of%22:1658735643951,%22n%22:0,%22f%22:1059,%22dn%22:1059,%22dne%22:1059,%22c%22:1059,%22ce%22:1059,%22rq%22:1059,%22rp%22:1658,%22rpe%22:1662,%22dl%22:1661,%22di%22:2729,%22ds%22:2731,%22de%22:2852,%22dc%22:4463,%22l%22:4463,%22le%22:4500%7D,%22navigation%22:%7B%7D%7D&fp=1907&fcp=1907&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 07:54:08 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
7303536b388b92a2-FRA
p
tr.snapchat.com/ Frame 80DB 		68 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://cf.spybriefing.com
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
https://cf.spybriefing.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-transform
content-length
68
content-type
text/html
date
Mon, 25 Jul 2022 07:54:08 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
page.gif
track.customer.io/events/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.customer.io/events/page.gif?name=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&c=&s=2bb9c33e-87d3-8b6b-b52e-f8c1878c5c38&site_id=e2089e4e3adc0078e2de&timestamp=1658735648500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.225.220 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
220.225.227.35.bc.googleusercontent.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:08 GMT
via
1.1 google
access-control-allow-origin
*
content-type
image/gif
status
200 OK
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding
binary
content-disposition
attachment
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
syncframe
gum.criteo.com/ Frame 0F35 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=cf.spybriefing.com&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=94432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 25 Jul 2022 07:54:08 GMT
server-processing-duration-in-ticks
2114
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 0F35
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=spybriefing.com&sn=ChromeSyncframe&so=0&topUrl=cf.spybriefing.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=XLynZnxMd3Z2cGg0czhvZS9rbERBT3dkV0kwL2hmY3UvNHg3TUJ3dFUwKyt5YTFiOXB4OWVKdTRLcmRGY2RtbW1Ma3ZsTEUwcVAxNHNHUnJSaFUxYitTOGNNMDZTTDJSTjBiaEFucHgwUlA1alpER3B5YkJaYU8wbUl2SD...
433 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=XLynZnxMd3Z2cGg0czhvZS9rbERBT3dkV0kwL2hmY3UvNHg3TUJ3dFUwKyt5YTFiOXB4OWVKdTRLcmRGY2RtbW1Ma3ZsTEUwcVAxNHNHUnJSaFUxYitTOGNNMDZTTDJSTjBiaEFucHgwUlA1alpER3B5YkJaYU8wbUl2SDdFZmcvM3dMUWlYNTRlSUlyM3hGR2NrMGw0S1R1Q0w3citRbmVEZjhlNUxEeDN2TFJJazNNd0dNem1UVnFMTytyb2RTeTR3K1ZHU0xPNFFycnExWGkveHovbjRqLzNnMm0rRkIyUWVMMW1oM0E4QUxpZlV6dVM0VkZQQnJxdmNuL3ppOWIvdTZsNXNxRkYva3JnTk1MQ2syWXZKWWF5dz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5597a5b18e17f09b2d44281c12336e30796f818cc4449d04a38209b0e8a73171
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:08 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4623
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:08 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=XLynZnxMd3Z2cGg0czhvZS9rbERBT3dkV0kwL2hmY3UvNHg3TUJ3dFUwKyt5YTFiOXB4OWVKdTRLcmRGY2RtbW1Ma3ZsTEUwcVAxNHNHUnJSaFUxYitTOGNNMDZTTDJSTjBiaEFucHgwUlA1alpER3B5YkJaYU8wbUl2SDdFZmcvM3dMUWlYNTRlSUlyM3hGR2NrMGw0S1R1Q0w3citRbmVEZjhlNUxEeDN2TFJJazNNd0dNem1UVnFMTytyb2RTeTR3K1ZHU0xPNFFycnExWGkveHovbjRqLzNnMm0rRkIyUWVMMW1oM0E4QUxpZlV6dVM0VkZQQnJxdmNuL3ppOWIvdTZsNXNxRkYva3JnTk1MQ2syWXZKWWF5dz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1550
content-length
541
expires
0
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=94432&v=5.12.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=ikZ...
  • https://widget.us.criteo.com/event?a=94432&v=5.12.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=ikZ...
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=94432&v=5.12.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=ikZU4F9ZYVFXeGlJb29mcVE1SmUwNDZMYXJGb1FQR1Z1RVJTJTJCSmJkdmQlMkZla09MbElJSzlZZjVGQ2VFUGlOZFo3TzlXMDUlMkZRTmZhRE5McWUlMkZqM0NPcWZOcFc4OVFtR1U0M3hzcmtmRE9Ib0pYYldsdGZHdU42MCUyQk5SdVJreW9ONG56SFJKaTJqSW1KNU9YdEJTV2lSNUM4cTZRJTNEJTNE&tld=spybriefing.com&dy=1&fu=https%253A%252F%252Fcf.spybriefing.com%252Fsales-page-4977917816267594971791630527983778&dtycbr=55509
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
28435ff6ea856601559e8da98982893cc26f2657a97195c282930e09e75e3c4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:09 GMT
content-encoding
gzip
server
Kestrel
timing-allow-origin
*
strict-transport-security
max-age=31536000; preload;
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
14025946
content-type
application/x-javascript
expires
0

Redirect headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:08 GMT
content-encoding
gzip
server
Kestrel
location
https://widget.us.criteo.com/event?a=94432&v=5.12.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=ikZU4F9ZYVFXeGlJb29mcVE1SmUwNDZMYXJGb1FQR1Z1RVJTJTJCSmJkdmQlMkZla09MbElJSzlZZjVGQ2VFUGlOZFo3TzlXMDUlMkZRTmZhRE5McWUlMkZqM0NPcWZOcFc4OVFtR1U0M3hzcmtmRE9Ib0pYYldsdGZHdU42MCUyQk5SdVJreW9ONG56SFJKaTJqSW1KNU9YdEJTV2lSNUM4cTZRJTNEJTNE&tld=spybriefing.com&dy=1&fu=https%253A%252F%252Fcf.spybriefing.com%252Fsales-page-4977917816267594971791630527983778&dtycbr=55509
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
6194320
timing-allow-origin
*
content-length
0
expires
0
log_event
www.youtube.com/youtubei/v1/ Frame 0170 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/afeb58ff/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
X-YouTube-Client-Version
1.20220720.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtqNE1yVzRpaDVUMCiemPmWBg%3D%3D
X-YouTube-Ad-Signals
dt=1658735647044&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date
Mon, 25 Jul 2022 07:54:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Mon, 25 Jul 2022 07:54:09 GMT
sync
x.bidswitch.net/ul_cb/ Frame 2956
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-DUeMOVlbOPP8pKmID_2U208EdD38eDNgZrJMhw&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-DUeMOVlbOPP8pKmID_2U208EdD38eDNgZrJMhw&expires=30
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-DUeMOVlbOPP8pKmID_2U208EdD38eDNgZrJMhw&expires=30
Protocol
HTTP/1.1
Server
3.122.47.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-47-104.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 07:54:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-DUeMOVlbOPP8pKmID_2U208EdD38eDNgZrJMhw&expires=30
Date
Mon, 25 Jul 2022 07:54:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 2956
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-z3HV61lbOPP8pKmID_2U208EdD0Rw1ndTFuRLg&google_cm&google_hm=ay16M0hWNjFsYk9QUDhwS21JRF8yVTIwOEVkRDBSdzFuZ...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-z3HV61lbOPP8pKmID_2U208EdD0Rw1ndTFuRLg&google_gid=CAESEJOMS6257z_3mQekSecbNJM&google_cver=1&google_ula=913071,0
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-z3HV61lbOPP8pKmID_2U208EdD0Rw1ndTFuRLg&google_gid=CAESEJOMS6257z_3mQekSecbNJM&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:09 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1631898
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-z3HV61lbOPP8pKmID_2U208EdD0Rw1ndTFuRLg&google_gid=CAESEJOMS6257z_3mQekSecbNJM&google_cver=1&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 2956
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3263854802001891636
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3263854802001891636
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:09 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3175292
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 Jul 2022 07:54:09 GMT
X-Proxy-Origin
178.162.209.141; 178.162.209.141; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
aa987f23-effe-46b1-a0d5-f4cf5cd002de
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3263854802001891636
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1by1.png
cotads.adscale.de/ads/pixel/ Frame 2956
Redirect Chain
  • https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-hMnhUllbOPP8pKmID_2U208EdD1MT3pS1lmgkQ&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__
  • https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-hMnhUllbOPP8pKmID_2U208EdD1MT3pS1lmgkQ&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__&nut&uu=436338...
  • https://cotads.adscale.de/ads/pixel/1by1.png?uid=79ef1b40293eeb02c38ec11a439ac01e89f27f4707f888059a8ae37c646e6f4d
321 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cotads.adscale.de/ads/pixel/1by1.png?uid=79ef1b40293eeb02c38ec11a439ac01e89f27f4707f888059a8ae37c646e6f4d
Protocol
H2
Server
2600:9000:225e:e600:1b:832b:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
L15pFHSGGE_bHbLCyc84fBPpy1DC4jsd
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
last-modified
Tue, 08 Sep 2020 23:05:25 GMT
server
AmazonS3
age
458044
etag
"c1ab48a971e5c1a7eae346346487762d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
date
Wed, 20 Jul 2022 00:40:06 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
321
x-amz-cf-id
K8RUhLdx5cAC_Jt-olPqlPEfZnE6wcgzu1zMne5De__Xo8b1JKq3kw==

Redirect headers

location
https://cotads.adscale.de/ads/pixel/1by1.png?uid=79ef1b40293eeb02c38ec11a439ac01e89f27f4707f888059a8ae37c646e6f4d
date
Mon, 25 Jul 2022 07:54:09 GMT
content-length
0
p3p
CP=NOI PSA OUR
sync
visitor.omnitagjs.com/visitor/ Frame 2956 		49 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-LJC7fVlbOPP8pKmID_2U208EdD0k78TPodNIoQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:09 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 2956
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0N798llbOPP8pKmID_2U208EdD2Qvkf1tj4srw
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0N798llbOPP8pKmID_2U208EdD2Qvkf1tj4srw&C=1
43 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0N798llbOPP8pKmID_2U208EdD2Qvkf1tj4srw&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
730353730c599a33-FRA
pragma
no-cache
date
Mon, 25 Jul 2022 07:54:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4zkCzGex%2B917A4zdvPdjr%2B%2BONavUpVbIVW8hcFuJdJlinrkhRrBGhtnaoo90kEyLv30dH0JdkJtGPwA8iu%2BLcKiOeoNcReaj0nZhF9F99sdtfKQ3uFHMQnduDRZR0I9rCvw"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TG677jNIUZHBI9mtDWqdfWu4TWRW1lzh%2BRI3NwcoIsEGIIWA2zub4%2BwV321ebec8c2C%2BaYzK6OsOXiS321KWnhfQDoJrOUSwahK2JGx%2FWsb%2BYuv2Poc9nboWFMasN11M6ScM"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=20&external_user_id=k-0N798llbOPP8pKmID_2U208EdD2Qvkf1tj4srw&C=1
cache-control
no-cache
cf-ray
73035372cb5f913c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
match
ad.360yield.com/ul_cb/ Frame 2956
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-hd54uVlbOPP8pKmID_2U208EdD0zV31qiLtyFA
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hd54uVlbOPP8pKmID_2U208EdD0zV31qiLtyFA
43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hd54uVlbOPP8pKmID_2U208EdD0zV31qiLtyFA
Protocol
H2
Server
52.19.67.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-67-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Jul 2022 07:54:09 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hd54uVlbOPP8pKmID_2U208EdD0zV31qiLtyFA
date
Mon, 25 Jul 2022 07:54:09 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
397596.gif
idsync.rlcdn.com/ Frame 2956
Redirect Chain
  • https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397596.gif?partner_uid=z8RFd6h041W5IS4ekvGe7ATokdgT_bYr
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/397596.gif?partner_uid=z8RFd6h041W5IS4ekvGe7ATokdgT_bYr
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:09 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

location
https://idsync.rlcdn.com/397596.gif?partner_uid=z8RFd6h041W5IS4ekvGe7ATokdgT_bYr
date
Mon, 25 Jul 2022 07:54:09 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2590
content-length
197
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
cksync.php
contextual.media.net/ Frame 2956 		45 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-DgmWxVlbOPP8pKmID_2U208EdD2maOGWQuKl7w
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 25 Jul 2022 07:54:09 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 25 Jul 2022 07:54:09 GMT
push
exchange.mediavine.com/usersync/ Frame 2956 		40 B
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Uy9UU1lbOPP8pKmID_2U208EdD3GhnRWMtlREg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.57.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-57-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:09 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame 2956 		0
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-eJwdB1lbOPP8pKmID_2U208EdD3M9I0NwlnEIA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 07:54:10 GMT
Cache-Control
no-cache
X-TraceId
43cd5c46f7b0b4cd9a9a7b57f2d1c72c
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2956 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-zlNdzllbOPP8pKmID_2U208EdD1vG8VMDAyS-A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:10 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 2956 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-xn9eNllbOPP8pKmID_2U208EdD2lxuI0QJgb-Q&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif
v1
match.sharethrough.com/sync/ Frame 2956 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Sq57NFlbOPP8pKmID_2U208EdD3kz-55fQaflw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.253.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-253-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:09 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 2956 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-a6TIfVlbOPP8pKmID_2U208EdD33_Riw-ICIaA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:09 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 2956 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-yC6dEllbOPP8pKmID_2U208EdD2XRycNLWro6g
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:09 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12346
um
criteo-sync.teads.tv/ Frame 2956 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-AyXNNllbOPP8pKmID_2U208EdD2dHS3hrbnaAA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.1.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-1-49.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:09 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 25 Jul 2022 07:54:09 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 2956 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-BdI1gVlbOPP8pKmID_2U208EdD11EmbNwS94rA&dongle=013b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 2956
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-LADU_llbOPP8pKmID_2U208EdD1Wa9lKiXzyrA
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-LADU_llbOPP8pKmID_2U208EdD1Wa9lKiXzyrA&verify=true
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-LADU_llbOPP8pKmID_2U208EdD1Wa9lKiXzyrA&verify=true
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:09 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-LADU_llbOPP8pKmID_2U208EdD1Wa9lKiXzyrA&verify=true
date
Mon, 25 Jul 2022 07:54:09 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
m
ad.yieldlab.net/ Frame 2956 		0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-FhGG71lbOPP8pKmID_2U208EdD1PwTEQilBGtA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.130.71 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-130-71.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Jul 2022 07:54:09 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Sun, 24 Jul 2022 07:54:09 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 2956 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-mPSvsVlbOPP8pKmID_2U208EdD1lyJKreKzUTw&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.170.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-170-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 25 Jul 2022 07:54:10 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
28292
i6.liadm.com/s/ Frame 2956
Redirect Chain
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-RLjmbVlbOPP8pKmID_2U208EdD3Qh9N5xKiGGA
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-RLjmbVlbOPP8pKmID_2U208EdD3Qh9N5xKiGGA&_li_chk=true&previous_uuid=a4c3fdbe08cf4e14b3173b82ec857e14
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-RLjmbVlbOPP8pKmID_2U208EdD3Qh9N5xKiGGA
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-RLjmbVlbOPP8pKmID_2U208EdD3Qh9N5xKiGGA
Protocol
HTTP/1.1
Server
2600:1f18:444a:4602:377c:45e6:1b19:7050 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 07:54:10 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-RLjmbVlbOPP8pKmID_2U208EdD3Qh9N5xKiGGA
Date
Mon, 25 Jul 2022 07:54:09 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
/
s.ad.smaato.net/c/ Frame 2956 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vnZbSllbOPP8pKmID_2U208EdD3p52zmRE2rZQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 07:54:09 GMT
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
FkBj8-XVb8X_iHoo0sAFLn_wDRT1AvqIwjeraNTFQ4uiK71d0FZ1LA==
x-cache
FunctionGeneratedResponse from cloudfront
/
sync.aralego.com/idSync/ Frame 2956 		35 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-0SPxTllbOPP8pKmID_2U208EdD2nkcNHGmk85w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 07:54:10 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
demconf.jpg
dpm.demdex.net/ Frame 2956
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=dA-WTBw3docFNtdt-rnk6s2BO_w3Dt2-
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=dA-WTBw3docFNtdt-rnk6s2BO_w3Dt2-
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=dA-WTBw3docFNtdt-rnk6s2BO_w3Dt2-
Protocol
HTTP/1.1
Server
52.17.148.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-148-115.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v037-068401fd5.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
opKrdHQuS4M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v037-0a61bcd65.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
sIhlUZyVSa0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=dA-WTBw3docFNtdt-rnk6s2BO_w3Dt2-
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
m
ad.yieldlab.net/ Frame 2956 		0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-FhGG71lbOPP8pKmID_2U208EdD1PwTEQilBGtA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.130.71 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-130-71.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Jul 2022 07:54:09 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Sun, 24 Jul 2022 07:54:09 GMT
g.pixel
aa.agkn.com/adscores/ Frame 2956
Redirect Chain
  • https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40
  • https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=npWRU4D2-UnzhD5QYiLUId4_5XAqGNoS
43 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=npWRU4D2-UnzhD5QYiLUId4_5XAqGNoS
Protocol
H2
Server
3.64.108.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-108-197.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:10 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0

Redirect headers

location
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=npWRU4D2-UnzhD5QYiLUId4_5XAqGNoS
date
Mon, 25 Jul 2022 07:54:09 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2981
content-length
208
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
cs
s.thebrighttag.com/ Frame 2956
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=_sEOmywdJI4Y1KNMGU0DzrL3lJ7IsKAO
35 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=_sEOmywdJI4Y1KNMGU0DzrL3lJ7IsKAO
Protocol
H2
Server
18.188.177.141 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-188-177-141.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
x-bt-requestid
f7a79370-0bee-11ed-918d-0000ac1702fc
server
nginx
date
Mon, 25 Jul 2022 07:54:10 GMT
p3p
CP=NOI DSP COR NID
access-control-allow-origin
cache-control
private, must-revalidate
content-type
image/gif
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=_sEOmywdJI4Y1KNMGU0DzrL3lJ7IsKAO
date
Mon, 25 Jul 2022 07:54:09 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2740
content-length
203
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-1YZK2FN9X9&gtm=2oe7k0&_p=1792738146&_z=ccd.v9B&cid=1582454745.1658735646&ul=en-us&sr=1600x1200&_s=2&sid=1658735646&sct=1&seg=0&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&dt=Carfighting%20Video&en=scroll&epn.percent_scrolled=90&_et=20
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1YZK2FN9X9&l=cDataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 07:54:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf.spybriefing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
track.addevent.com
URL
https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=736ba557-074d-41bd-6588-9689dcec2cf9&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&cache=1658735646799

Verdicts & Comments Add Verdict or Comment

432 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| NREUM object| newrelic function| __nr_require function| createGUID function| toQueryString function| setCookie function| getCookie function| logError function| done function| recordUserEvent function| setCFMetaTagsFromCookies function| setCFMetaTagsFromQueryString function| getCFMetaTag function| writeCFMetaTag function| queryStringFromCFMetaTags function| recordPageview function| recordUniqueVisitor function| recordUniquePageview function| setClientWidth function| setForm function| gtag object| dataLayer function| fbq function| _fbq object| _segq object| _segs object| cDataLayer number| timeStampInMs undefined| form undefined| j undefined| element undefined| input function| $ function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| __core-js_shared__ object| core object| regeneratorRuntime object| SegMet function| postscribe object| google_tag_manager_external object| gaplugins object| gaGlobal object| gaData object| _qevents function| pintrk function| obApi object| wtSmart object| MgSensorData function| snaptr object| r string| TiktokAnalyticsObject object| ttq function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| onYouTubeIframeAPIReady object| snaptrContext boolean| triedToSendCookieToNative object| WebJSBridge object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge object| MgSensor function| MgSensorInvoke function| MgSensorInvoke0 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgr object| _mghl function| MgSensorInvoke1 object| s object| _0xc9e function| _0xe61c object| Mailcheck function| showsuggestion function| spamkill_checkemail string| CFAppDomain boolean| domainIsCFInternal function| ouibounce function| CFbuildAudioPlayer function| evsfix function| calcTax function| cfStripeTokenHandler function| cfStripePaymentIntentFormAdder function| cfCreateElements function| cfCreateiDEALSource function| cfProcessiDEALSourceRedirect function| cfSaveiDEALSourceInfo function| cfPopulateFormForiDEAL function| cfCreateStripeToken function| cfHandlePaymentUsingSetupIntent function| cfOrderErrorMessage function| cfHandlePaymentUsingPaymentIntent function| shouldUsePaymentIntentFlow function| cfCreateStripePaymentMethod function| cfTransformStripeToken function| cfElementsFindFont function| cleanupLocalStorage function| cfHandleiDEALRedirect function| AttachStripeElements function| prettyNotify function| start_firebase function| displayPageNotifier function| start_page_notifier function| start_firebase_quantity_limiter function| readCookie function| CFExtractPayPalButtonConfiguration function| CFPaySelectPaypalTransactions function| PaySelectInit function| recalcRoundUp function| addCharityToSummary function| addSaasRedirectClickHandler function| CFInfusionsoftTokenizationHandler function| webinarDelay function| cookieWebinarTime function| getWebinarLastTime function| reportWebinarTime function| periodicAutoWebinarCheck function| periodicLessonCheck function| reportLessonProgress function| CFSanitizeCountdownElement function| CFstartBPVideos function| CFprocessBPVideos function| CFcheckForVimeo function| CFhandleWistiaBPVideo function| CFhandleAllVimeoBPVideos function| CFhandleAllYouTubeBPVideos function| CFhandleVideoLabels function| CFsetupSessionStarterBP function| CFsetupMutedVideos function| CFrenameVimeoURLAttribute undefined| checkPreview undefined| cookie_variable undefined| tag undefined| firstScriptTag undefined| elVideo_one undefined| elVideo_two undefined| elVideo_three undefined| elVideo_four undefined| elVideo_type undefined| elVideo_show undefined| elVideo_hide undefined| elVideo_numberofvideos undefined| gettheType_unlocker undefined| player undefined| playVideoText undefined| pauseVideoText undefined| playingVideoText undefined| lockedVideoText undefined| CFSurveyParticipantID boolean| cfpeorders function| recurlyDateHandler function| recurlyNameHandler function| recurlyCountryHandler number| CF_KEYCODE_ENTER number| CF_KEYCODE_SPACE undefined| checkifPreview_randomCookie undefined| elCheckVideoEndType undefined| unlockVideoDate undefined| checkifUnlockableDate undefined| checkifUnlockableEverGreenDate undefined| everGreenDates undefined| elUnlocker_startVideo undefined| onPlayerReady undefined| elvideounlockerProgress undefined| elUnlocker_changeVideo undefined| onPlayerStateChange undefined| runAnimationFade undefined| runAnimationScale undefined| runAnimationLeft undefined| runAnimationRight undefined| runAnimationTop undefined| runAnimationBottom function| getURLParameter function| cfpeRebuildOrderSummary function| formatRecurlyExpirationDate function| validateRecurlyExpirationDate function| moment object| jQuery18103452338023757695 function| JQClass function| tinycolor function| generateUniqueId object| CFUtils object| ClickFunnels function| _ object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer function| videojs function| _V_ function| $d string| proc string| _image_path string| _ate_license boolean| _ate_mouse string| _ate_css string| _ate_callback string| _ate_dropdown string| _ate_lbl_outlook string| _ate_lbl_google string| _ate_lbl_yahoo string| _ate_lbl_hotmail string| _ate_lbl_ical string| _ate_lbl_fb_event boolean| _ate_show_outlook boolean| _ate_show_google boolean| _ate_show_yahoo boolean| _ate_show_hotmail boolean| _ate_show_ical boolean| _ate_show_facebook boolean| _d_rd boolean| _ate_btn_found boolean| _ate_btn_expo object| addthisevent object| I18n object| Clickfunnels function| calcShipping undefined| cfStripeElementsCardElement function| Firebase function| ES6Promise object| cookieconsent object| options function| track_capi object| cfFacebookInitOptions function| fbAsyncInit string| page_key string| fid string| fspos string| fvrs object| cf_tracker string| cf_key string| serverUrl function| getURLParameterExact object| script undefined| target object| elem function| callbackFunction object| _pcq object| __cfBeacon object| cfpe object| getVars object| $cfSurvey_outcome object| CFSurveyQueryOutcome string| str undefined| checkVideoAttr undefined| showVideoBG string| $url object| $queries undefined| $utm_source string| $pID string| $rootID string| $variantcheck string| $userID string| $videoType undefined| $iframeCheck string| $requiredCheck object| SurveyMatcher string| $getJS string| $getDisplayType undefined| $carContestProgress string| $todayYear string| $localTime string| $autoWebinarDay1 string| $autoWebinarDay1_raw string| $selectText string| $autoWebinarDay0 string| $autoWebinarDay0_raw string| $replayText string| $autoWebinarDay2 string| $autoWebinarDay2_raw string| $autoWebinarDay3 string| $autoWebinarDay3_raw undefined| date undefined| time object| webinar_datetime object| webinar_datetime_offset object| now object| now_offset number| webinar_delay object| webinar_delay_offset boolean| $removeSelectDateOnAutoWebinar string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll function| saq function| _saq function| quantserve function| __qc object| ezt object| _qoptions function| qtrack number| funnel_stat boolean| ecookie function| loadScript function| jQueryCheck function| createCookie function| formatObject function| getFormData function| filteredMatch function| changeText boolean| replied object| sender undefined| cfUniqueVisitorID function| cfSetUniqueVisitorID function| SendData function| wait function| sleep function| checkresponse function| answered function| postpone object| formSubmitFunctions function| formAttach function| addEvent function| filtered_string object| url_params undefined| parts undefined| nv function| cf_load function| get_XmlHttp object| ccConsole boolean| ccinstalled object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytExports object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ function| rev function| __adroll__ string| adroll_sid object| __adroll function| __cmp function| __tcfapi boolean| adroll_sendrolling_cross_device object| adroll_form_fields function| adroll_tpc_callback object| adroll_exp_list object| __adroll_consent_data function| parseBool object| campaignIds string| cookieDomain number| cookieDuration boolean| registerViewOncePerSession boolean| lastPaidClickAttribution boolean| firstClickAttribution string| attribution string| referrer undefined| ourCookie string| rtkClickID function| removeParam object| urlParams string| locSearch string| rtkfbp undefined| rtkfbc string| pixelParams string| campaignID object| souceKey string| initialSrc object| rawData function| setSessionClickID object| rtkxhr object| _ajcta object| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| $jscomp string| BANNER_VERSION string| TCF_VERSION string| IABWRITE_NO_COOKIE object| __adroll_consent_banner object| __adroll_consent_prev_lastchild object| sifi_att_447 object| Criteo object| criteo_q string| deviceType object| _cio object| xhrr number| c_start object| res object| saCookies string| current_window_url_param object| f number| c_end

91 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
i.liadm.com/s Name: _li_ss
Value: MgkI_____wcQ7BI
links.spybriefing.com/ Name: _session_id
Value: 97c61ab501243002b7ada31bfad09373
.cf.spybriefing.com/ Name: __cf_bm
Value: A23G7l8r._SzEuXP2Y2bWR.gVWmsCD7X.4y1U1PKOx0-1658735645-0-AasyhiA2EfYnT0CWEw8LdVP2VZ2i3yywrKJAVDwZ9rN69svP6wm2zxoP8o9EhDQ1xhrptSWZ7hhkP4ObgBNulLdAFhNOPp4fiPPHsKN0GK7w
.clickfunnels.com/ Name: __cf_bm
Value: AkB_eUAggqbjcDsmcZAlJ_unEOF0eAgv67.a_XqgKM0-1658735645-0-Ac/dk8df4/wjZzO3QuUmMUx5jH4NzOPp1EsnCXBEjFxfjaTe/579TQqD+V7SiFlQIS2RqCeumh9RY5IDlhHo/gny7FciSDPZlhHDP1PKsRSv
.spybriefing.com/ Name: _gcl_au
Value: 1.1.1637112484.1658735646
.spybriefing.com/ Name: _gid
Value: GA1.2.99824719.1658735646
.spybriefing.com/ Name: _gat_gtag_UA_164010868_2
Value: 1
.spybriefing.com/ Name: _gat_UA-217947897-1
Value: 1
.spybriefing.com/ Name: _fbp
Value: fb.1.1658735645997.2132726940
.spybriefing.com/ Name: _ga_1YZK2FN9X9
Value: GS1.1.1658735646.1.0.1658735646.60
.spybriefing.com/ Name: _ga
Value: GA1.1.1582454745.1658735646
.mgid.com/ Name: __cf_bm
Value: ViOCxYtoTRVa9CdfT08yIUTDw5FtKx.almVQLU7KQ1g-1658735646-0-ASAiWRbrV4+jMDoY3U0mVZaJpSf9ifrtG41zwPUJsR11GkOVYPvUcJuDORTIfJaHRljohAZ9fD+Mgf4mUbimOQs=
cf.spybriefing.com/ Name: MgidSensorNVis
Value: 1
cf.spybriefing.com/ Name: MgidSensorHref
Value: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
cf.spybriefing.com/ Name: AdskeeperSensorNVis
Value: 1
cf.spybriefing.com/ Name: AdskeeperSensorHref
Value: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
.spybriefing.com/ Name: _seg_uid_5374
Value: 01G8T5JNKJQD65BFFSEBNBFJRG
.spybriefing.com/ Name: _seg_uid
Value: 01G8T5JNKJQD65BFFSEBNBFJRG
.spybriefing.com/ Name: _seg_visitor_5374
Value: {"referrer":null}
.tiktok.com/ Name: _ttp
Value: 2CQXBWNFc9MbNDKYKieK8bWc9Oq
.spybriefing.com/ Name: _tt_enable_cookie
Value: 1
.spybriefing.com/ Name: _ttp
Value: 440680ce-e6e2-4dc7-96c2-c57f495eb2e1
.statistinamics.com/ Name: scgrg
Value: %7B%22grg%22%3A%2202B98BF2-EE0B-ED11-B47A-0003FFD78AAD32AF58A0-A484-4DE1-B9C7-CF87E9B06001%22%7D
rdcdn.com/ Name: aid
Value: 19177
rdcdn.com/ Name: ref
Value: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
rdcdn.com/ Name: img
Value: http://rdcdn.com/rt?aid=19177&e=1&img=1
.youtube.com/ Name: YSC
Value: e0CXXMu942s
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: j4MrW4ih5T0
.cf.spybriefing.com/ Name: _pin_unauth
Value: dWlkPVpEUTNOREppWWpNdE1qRmpZaTAwTkdGakxUbGlaVE10TUdNeVlqRXlNMlUzWkRFMg
cf.spybriefing.com/ Name: cf:aff_sub2
Value:
cf.spybriefing.com/ Name: cf:aff_sub3
Value:
cf.spybriefing.com/ Name: cf:aff_sub
Value:
cf.spybriefing.com/ Name: cf:affiliate_id
Value:
cf.spybriefing.com/ Name: cf:cf_affiliate_id
Value:
cf.spybriefing.com/ Name: cf:content
Value:
cf.spybriefing.com/ Name: cf:medium
Value:
cf.spybriefing.com/ Name: cf:name
Value:
cf.spybriefing.com/ Name: cf:source
Value:
cf.spybriefing.com/ Name: cf:term
Value:
cf.spybriefing.com/ Name: cf:NDk3NzkxNzc
Value: :visited=true
cf.spybriefing.com/ Name: cf:visitor_id
Value: 70983042-6888-43b0-a3f3-977ce94aecf2
cf.spybriefing.com/ Name: addevent_track_cookie
Value: 736ba557-074d-41bd-6588-9689dcec2cf9
cf.spybriefing.com/ Name: outbrain_cid_fetch
Value: true
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-9b68405e-55e5-4eba-4544-49094043c0b7.6s4HtO%2BOAlFtuKVkoPAbY9ApUYol6gHFJu4zEoho2Dk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Am2hAXlXlTrpFREkJQEPAt7Ki0Y0.mLFUXqIEY%2ByTppOVPQ6Apc7XBo2%2FLxgOyW%2Fv5Kg40%2Bg
cf.spybriefing.com/ Name: sa-user-id
Value: s%253A0-9b68405e-55e5-4eba-4544-49094043c0b7.6s4HtO%252BOAlFtuKVkoPAbY9ApUYol6gHFJu4zEoho2Dk
cf.spybriefing.com/ Name: sa-user-id-v2
Value: s%253A0-9b68405e-55e5-4eba-4544-49094043c0b7%2524ip%2524178.162.209.141.tpReqAi9KChfgKaiwimmpcRZgMxnqBmy%252BzyVNZWwcIs
.simpli.fi/ Name: suid
Value: FAF38E69119E4CB9BD7F7764383F7B67
.quantserve.com/ Name: mc
Value: 62de4c1f-62270-aa2cd-57195
.turn.com/ Name: uid
Value: 7661530491173669639
.spybriefing.com/ Name: __qca
Value: P0-1685820206-1658735647311
.spybriefing.com/ Name: _scid
Value: ab3d6f92-1473-4079-8dcb-a8205c09f08e
.spybriefing.com/ Name: _cioanonid
Value: 2bb9c33e-87d3-8b6b-b52e-f8c1878c5c38
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBiREAIAgDsIm4qwJFx8FvCoY3iQc+RZd90MTMITM6Bbk2IvOSWtXoI9Rpo/ABjE+fvDIAAAA=
.criteo.com/ Name: uid
Value: 58d11b8e-1718-45f6-89b4-37edadfbae9b
.nr-data.net/ Name: JSESSIONID
Value: b1848b9d2b29955
.spybriefing.com/ Name: cto_bundle
Value: ikZU4F9ZYVFXeGlJb29mcVE1SmUwNDZMYXJGb1FQR1Z1RVJTJTJCSmJkdmQlMkZla09MbElJSzlZZjVGQ2VFUGlOZFo3TzlXMDUlMkZRTmZhRE5McWUlMkZqM0NPcWZOcFc4OVFtR1U0M3hzcmtmRE9Ib0pYYldsdGZHdU42MCUyQk5SdVJreW9ONG56SFJKaTJqSW1KNU9YdEJTV2lSNUM4cTZRJTNEJTNE
.adscale.de/ Name: uu
Value: 436338f1acdd4cf49eb276e4c9e48ef4
.adscale.de/ Name: cct
Value: 1658735649722
.ih.adscale.de/ Name: tu
Value: 4#1102116167#40~k-hMnhUllbOPP8pKmID_2U208EdD1MT3pS1lmgkQ~460759~0~0
.adnxs.com/ Name: uuid2
Value: 3263854802001891636
.doubleclick.net/ Name: IDE
Value: AHWqTUnxU_8drvuExd2X7nEhRhKJUdWi01B5slt82cnqMdWcBpSWvWWd51Zcd9p9CXg
.casalemedia.com/ Name: CMID
Value: Yt5MIUIgsM7oz9rZnn7fRQAA
.casalemedia.com/ Name: CMPS
Value: 1194
.casalemedia.com/ Name: CMPRO
Value: 1194
.media.net/ Name: visitor-id
Value: 3017372491492531000V10
.media.net/ Name: data-c-ts
Value: 1658735649
.media.net/ Name: data-c
Value: k-DgmWxVlbOPP8pKmID_2U208EdD2maOGWQuKl7w~~3
.bidswitch.net/ Name: tuuid
Value: 74b77fd1-adc8-486e-a31e-ab3a14ef5916
.bidswitch.net/ Name: c
Value: 1658735649
.bidswitch.net/ Name: tuuid_lu
Value: 1658735649
.casalemedia.com/ Name: CMTS
Value: 1121
.360yield.com/ Name: tuuid
Value: 1f1ab040-ef48-4c90-ba2e-6d9144804fb0
.360yield.com/ Name: tuuid_lu
Value: 1658735649
.360yield.com/ Name: um
Value: !38,xPcBjfckqAOptSEuNrPxB.5L5fAB4jZFs4uDhWlZj-oqe7Rv3diBiUSPtmly.urc0eoKmZgj,1666511649
.360yield.com/ Name: umeh
Value: !38,0,1720943649,-1
.yahoo.com/ Name: A3
Value: d=AQABBCFM3mICEIjR-5bVfLcl0Pzk4Uy_i4MFEgEBAQGd32LoYgAAAAAA_eMAAA&S=AQAAAh0wG5w456Ag4kn_M7RNc_k
.yieldlab.net/ Name: id
Value: c6fe1ee3-8630-4ba2-acf2-04985f829c6a
.analytics.yahoo.com/ Name: IDSYNC
Value: 18zh~267j
.demdex.net/ Name: demdex
Value: 34085632249730996910806521596253841767
.dpm.demdex.net/ Name: dpm
Value: 34085632249730996910806521596253841767
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22f76c1110-0bee-11ed-8f61-a398ac63d6e9%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: mv_tokens_invalidate-verizon-pushes
Value: %7B%22mv_uuid%22%3A%22f76c1110-0bee-11ed-8f61-a398ac63d6e9%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-Uy9UU1lbOPP8pKmID_2U208EdD3GhnRWMtlREg%22%2C%22version%22%3A%22criteo%22%7D
.agkn.com/ Name: ab
Value: 0001%3AoZD2AGeNfjl8ZQWD7E4RwOdA3uyPSP9w
.outbrain.com/ Name: obuid
Value: 7967820e-b974-4239-89d5-04ac1e04caea
.outbrain.com/ Name: criteo
Value: k-eJwdB1lbOPP8pKmID_2U208EdD3M9I0NwlnEIA
.liadm.com/ Name: lidid
Value: a4c3fdbe-08cf-4e14-b317-3b82ec857e14
.aralego.com/ Name: gdpr
Value: 1
.aralego.com/ Name: sspid
Value: 0b59b539-0fe5-357c-946a-fb342c7378ac

5 Console Messages

Source Level URL
Text
network error URL: https://visit.prayfashion.com/postback?clickid=undefined&type=RT_View_Content
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://visit.prayfashion.com/postback?clickid=null&type=RT_View_Content&gtmcb=425398892
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=736ba557-074d-41bd-6588-9689dcec2cf9&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&cache=1658735646799
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://m.revmizer.com/357-22803.js?id=22803&m=357
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://idsync.rlcdn.com/397596.gif?partner_uid=z8RFd6h041W5IS4ekvGe7ATokdgT_bYr
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.adskeeper.co.uk
a.exoclick.com
a.mgid.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ajax.googleapis.com
amplify.outbrain.com
analytics.tiktok.com
app.clickfunnels.com
assets.clickfunnels.com
assets.customer.io
assets.revcontent.com
bam.nr-data.net
cf.spybriefing.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
cotads.adscale.de
criteo-sync.teads.tv
ct.pinterest.com
d.adroll.com
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
ifs.spamkill.dev
ih.adscale.de
jnn-pa.googleapis.com
js-agent.newrelic.com
links.spybriefing.com
m.revmizer.com
match.sharethrough.com
mug.criteo.com
ndn.statistinamics.com
pixel.adblade.com
pixel.quantserve.com
pixel.rubiconproject.com
r.casalemedia.com
r.turn.com
rdcdn.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.ad.smaato.net
s.adroll.com
s.pinimg.com
s.thebrighttag.com
sc-static.net
secure.quantserve.com
simage2.pubmatic.com
sslwidget.criteo.com
static.cloudflareinsights.com
static.doubleclick.net
stats.g.doubleclick.net
submit.ideasquarelab.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.aralego.com
sync.outbrain.com
tag.segmetrics.io
tag.simpli.fi
tags.srv.stackadapt.com
tr.outbrain.com
tr.snapchat.com
track.addevent.com
track.customer.io
track.segmetrics.io
ups.analytics.yahoo.com
use.fontawesome.com
visit.prayfashion.com
visitor.omnitagjs.com
web.adblade.com
widget.us.criteo.com
www.clickcease.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
x.bidswitch.net
track.addevent.com
104.18.19.126
104.18.26.174
104.19.133.78
104.75.88.209
104.90.130.71
141.226.228.48
142.250.186.162
142.250.74.194
144.168.44.226
151.101.2.137
151.139.128.11
162.210.192.55
162.247.241.14
169.50.137.176
178.250.0.157
178.250.2.140
178.250.2.151
18.157.60.148
18.188.177.141
184.24.1.49
185.64.190.80
185.86.137.132
185.89.210.180
192.96.200.41
195.244.31.11
2.18.235.93
2001:4860:4802:34::36
2001:4860:4802:38::178
2001:4de0:ac19::1:b:2a
2001:678:cb4:bbbb::11
23.36.163.230
2600:1f18:444a:4602:377c:45e6:1b19:7050
2600:1f1c:a99:832c:e958:87e0:dc9b:7bb1
2600:9000:223c:400:11:9cfd:9400:93a1
2600:9000:223f:2600:1b:5138:8a40:93a1
2600:9000:225e:8c00:6:9280:1080:93a1
2600:9000:225e:e600:1b:832b:ac00:93a1
2600:9000:2490:9400:6:44e3:f8c0:93a1
2606:4700:20::681a:105
2606:4700:20::ac43:4470
2606:4700:3033::6815:3f36
2606:4700:440e::ac40:9c1a
2606:4700::6810:10c2
2606:4700::6810:ec2
2606:4700::6810:fc2
2a00:1450:4001:801::2002
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2006
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2004
2a00:1450:400c:c1b::9d
2a00:1450:400e:80c::200a
2a02:2638::1c
2a02:26f0:1700:78c::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.122.47.104
3.126.56.137
3.213.171.94
3.224.57.214
3.64.108.197
34.203.132.51
34.239.26.54
34.249.170.53
35.157.253.202
35.190.43.134
35.227.225.220
35.236.195.67
35.238.129.105
35.244.174.68
44.196.167.20
52.16.111.147
52.17.148.115
52.19.67.137
52.222.225.250
64.202.112.191
67.205.176.157
69.173.144.138
74.119.119.150
76.223.111.18
88.221.169.78
99.86.114.65
004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
0e7db8a58e717a428cc1ef7503bc697bef2e68751f79e09ecef3bb03599fe747
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
116e677ce1f72ac9525e2e6cd8d26a005c4dd4ba515fb8309023b2f0a2b3397a
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
22aee860d85133c05f5ff5f3f4f23a8574d67bc9a55a9efc823cf58677377466
257c0e97fab53906527a38f70c0fa4d7c60d0fada62f6628ae02d2e4137065de
27423bab6b0ee04853cec7aafd45e79df71704e6480b962515e8d2b3f44ba97f
27ba75ff31633a0d0d29ca8510db16970c9c44a8fed38781611902ee64fe3a1f
28435ff6ea856601559e8da98982893cc26f2657a97195c282930e09e75e3c4e
2c45b70490618728f3468dec82400bdf3fe943bfb55b46fbf8d1b55df250a16b
2d879cce1d3b8d492e394e9be9e78042509f0d46aac16250c43cace3782a5a55
2e08628dfbdeb5fe6ccc883c071f5fc3da5b9f94f2747d9352d2ae91261bb9cb
2f7599ba1e84432f7f3319c7ed71b84ed24ffbb9741bea6b3ec61ec370707541
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
357641ed88b06545f8b1a6e3b698a92b7f312ebdad8bc2e64d07b14db9b6c239
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
37890dea5b2726064a174b28b90faf16d51fed898d0f37e2fb0342161593d68c
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37c5d878d7cae8df42a57c44a47e5f872305557edf7d089c7b4587692a801aa8
38b4427fe010e9bbb71c90397807ac698218da22fa1cacda264c1e42472d843a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f22385dfac52b7843da81c98aaf8f928d9e9dd5ecf91cac4cc12eef23766574
3f89c138ce1226da6cf58792344304839adeea6fc1fad2ba4ff9fc137abb70a0
40b30a38dcd64ea99edd332b2134aa7cc6d7a3cef11ce2d20787a67b43f9a8f1
40c5a0b55c7388ca4e499a0d3b42fc8c1895c9a3bbd4968f4c9d0d6ec2774b99
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
517f1d9859f4ed0b7e2f4bc0cee432d50d96c58f4224b873dd43888190b653a8
51aa24380c60e4259dd2728ec569f10b514dc418a35695e7f1df28bccf5a1020
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
536fac39003de603f6c241901f38840138347a972922dba26a673b022d39e7e0
540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5597a5b18e17f09b2d44281c12336e30796f818cc4449d04a38209b0e8a73171
5b20f16ce01a32ff4df0028215b096e56a3a4a4b1a397aeebc16dbb4b92c5c55
5bd7731976877131e36c5fabbc778bd3f5cae51aa0865325decad5a1a3ffc90f
5e3a28df51924c57892c425cf0e17f6509339c8c90c86f9aa71279d3295e66b4
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
5f7aa90ade630ed2d5d0f980c8cee038f489af8bd0012dd6f60b18a7bd456dca
678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee
67a398d1fae9986f6261e7aa926f343c38b5f9bd9ade434101f1d8db1d3c6b28
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b3b7c60872cb8503f3701aa8f156d186e6021f0d34d134bc160dcd24ab98754
6cb2e2b343c8698272a48742cda2c7e901130273382f5b3f16ffbfaa69b60b7d
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
765618d1667ba791f2d492d121d2da42ff7d7e079a4773462a381ac9aceab0c5
77c1d2cff7dccb84e95d0c508da3e61d52cd9b800feb50f56371a6862c6408ca
7979f25e45feaf0c502a954832c4c5ba5e5d5f193d3898bad1e88610c4157b54
7ab317453cbdfb54fa36975a72af0d4374a56566a7e1e2239e3a11283b282b97
8013b1de929495d2bdba234c313845c60136b8b7926d00ad975c0e901ea6e83d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0
84b5e4a70a3e74c3de277df4d596bb8a8b75ae07c5c731a1287d97b7c17a7dc1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
894694eee28fc463a83875d519e70afaf5f40ac7c042d6114c4ee86d156b4067
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8eabf65365999eb485f761a255d0cd988d4503751b1c128d11cb3d34f4b86fdc
91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b
913a414d89a4e99a4804e3eb208479ba090542422d952eecd4f692d2803e9183
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
95329e3e5329c303107ebfa23880646eda13af7bd6be912173d310b8ec60079a
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ff35fbc8c931f20e15f113cdd118643f210191b767e803b39fcd8f7d9b3665
9af9b1734f5993f127763abe432eee430905f1af2381528ba74dc3d77af319c0
a0498f6e4bf8444284395f532598ed8b6a16d63dd83e1b91831ce923e798d67d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a35286598e523844fd5a181f9bf4fbc063f9b7f24e79c37113f3bc691647ecbe
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ae31d2c42bca396f9ad140594890b16f599b6cd8f36c809adac8ebd5eb45b2e5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b5027926c44361f7719bdbbd6a0fb781e13842229b6ca68e38732b6fa40c6aa5
ba7edeb93491eb658b3b96c20f4d4869db84e9364ce67834d67b44b9b672cf23
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bce5f5e062a57dc654368c556c67c9ee7193ac9fb6334b5794b4093d64b9c375
c20c8f9ac21920d3815c85938c577fc8f39d200cc13f1fa4ab236bac04292b40
c4855783c57812340258a56fd7411eb074c81a32c75ba301c9f4b2065588aca6
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caba6965fb8c9d167e9c44ed7424b0d41c9aec296d6bdd821f71f4feb93e5766
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d2a5535e5545e30e40850ba3f642b88a1830329b6d2fd25c5dbd840329f7ff51
d3a75b5a3c5338e8760ae0c7f541c4a9959ce09d0c86ad56eaee42d91ad05af3
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dab3de50e1ddfa138a0572ae7f02067f29b23ddead6fcd446114e23cbe558249
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dafa3ce4de4cc56876b0fc6c36628fbcade9f4b07d7f27e4ca67744d91b2beb7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df4b1744877f5a1aeb69cc0a9df5a24363dcb66ac5d3bd1d5397aef2556383d7
e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d0e793b9dd24807e7d368386586ec9f37fd90efa5d8fb8cf9ec3f2965aa478
e4d2752c365518d29e897c4ce4465e035cce6e9f27f001b219ca869bb369df94
ee853fb9387e4862cf3420b29461fbf0f36ce1d1cb44d4ca585d92d1a4e0eb40
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f5905a1fc3f72e48fdcc7de1fbc48cbb82189cb4030a3116182588d774482939
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
fb599e114d2bc2f901597ac2b6cbf99e6e6e7de9501a5c1a600ea2d6bad68d91
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fef573e788028e3ff9be20403181ef568fda4b985863f500f432f6d42d6c80aa