www.clubpremier.com Open in urlscan Pro
2606:4700::6812:9d71 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
Submission: On December 06 via api (December 6th 2021, 10:59:36 pm UTC) from US — Scanned from DE

Summary HTTP 160 Redirects Links 41 Behaviour Indicators

Summary

This website contacted 53 IPs in 8 countries across 64 domains to perform 160 HTTP transactions. The main IP is 2606:4700::6812:9d71, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.clubpremier.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2021. Valid for: a year.

This is the only time www.clubpremier.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	2606:4700::68... 2606:4700::6812:9d71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::6815:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
12	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
1 7	52.208.103.128 52.208.103.128	16509 (AMAZON-02) (AMAZON-02)
8	2600:9000:206... 2600:9000:206f:f600:7:ea02:ad80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	65.9.68.65 65.9.68.65	16509 (AMAZON-02) (AMAZON-02)
1 2	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2 16	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
1 2	54.217.249.13 54.217.249.13	16509 (AMAZON-02) (AMAZON-02)
1	104.111.218.85 104.111.218.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	54.93.135.255 54.93.135.255	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.142 185.86.138.142	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	54.93.162.63 54.93.162.63	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.185.209.98 18.185.209.98	16509 (AMAZON-02) (AMAZON-02)
3 4	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 3	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
2 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 ^_^) (CDN77 ^_^)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	52.211.146.69 52.211.146.69	16509 (AMAZON-02) (AMAZON-02)
1	52.218.98.67 52.218.98.67	16509 (AMAZON-02) (AMAZON-02)
1	51.210.112.236 51.210.112.236	16276 (OVH) (OVH)
5 5	212.71.252.71 212.71.252.71	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	139.162.147.24 139.162.147.24	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	80.82.217.94 80.82.217.94	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4 4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	85.90.245.27 85.90.245.27	63949 (LINODE-AP...) (LINODE-AP Linode)
1	52.30.98.117 52.30.98.117	16509 (AMAZON-02) (AMAZON-02)
3 4	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	65.9.68.72 65.9.68.72	16509 (AMAZON-02) (AMAZON-02)
2 2	3.228.116.73 3.228.116.73	14618 (AMAZON-AES) (AMAZON-AES)
2 2	46.137.57.74 46.137.57.74	16509 (AMAZON-02) (AMAZON-02)
1 1	18.130.94.173 18.130.94.173	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.16.11 3.126.16.11	16509 (AMAZON-02) (AMAZON-02)
1 2	51.195.5.38 51.195.5.38	16276 (OVH) (OVH)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	88.99.214.77 88.99.214.77	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:205... 2600:9000:2057:ec00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	52.208.138.90 52.208.138.90	16509 (AMAZON-02) (AMAZON-02)
1	52.0.73.248 52.0.73.248	14618 (AMAZON-AES) (AMAZON-AES)
160	53

31 2606:4700::6812:9d71 (United States)

ASN13335 (CLOUDFLARENET, US)

www.clubpremier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s3media.clubpremier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.208.103.128 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:206f:f600:7:ea02:ad80:93a1 (United States)

ASN16509 (AMAZON-02, US)

execution-ci360.clubpremier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.68.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-65.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.49 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 37.157.6.241 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.217.249.13 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-249-13.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.135.255 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-135-255.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.142 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.162.63 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-162-63.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.209.98 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-209-98.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.147.45 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

usermatch.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.60.138 (Ballerup Municipality, Denmark) 3 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.125.70.222 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.146.69 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-146-69.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.98.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.210.112.236 (France)

ASN16276 (OVH, FR)
PTR: pikafka-1.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 212.71.252.71 (London, United Kingdom) 5 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li625-71.members.linode.com

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.147.24 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: tags2.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.82.217.94 (Düsseldorf, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.90.245.27 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1428-27.members.linode.com

cm.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.98.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-98-117.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.36 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.68.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-72.fra56.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.228.116.73 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-116-73.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.137.57.74 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-57-74.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.130.94.173 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-130-94-173.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.16.11 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-16-11.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.195.5.38 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: p16.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.214.77 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-214-77.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:ec00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Ljubljana, Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.138.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-138-90.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.73.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-73-248.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	clubpremier.com www.clubpremier.com s3media.clubpremier.com execution-ci360.clubpremier.com	2 MB
19	adform.net 3 redirects s2.adform.net a2.adform.net c1.adform.net dmp.adform.net	39 KB
12	youtube.com www.youtube.com	753 KB
10	crwdcntrl.net 1 redirects ad.crwdcntrl.net tags.crwdcntrl.net sync.crwdcntrl.net bcp.crwdcntrl.net	20 KB
9	doubleclick.net 5 redirects stats.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net	3 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	95 KB
6	adsafety.net 6 redirects cm.adsafety.net tags.adsafety.net	10 KB
6	facebook.com www.facebook.com	519 B
6	googletagmanager.com www.googletagmanager.com	346 KB
5	googleapis.com fonts.googleapis.com jnn-pa.googleapis.com	22 KB
4	adsrvr.org 4 redirects match.adsrvr.org	2 KB
4	semasio.net 3 redirects uipglob.semasio.net	3 KB
4	adnxs.com secure.adnxs.com Failed	4 KB
4	google-analytics.com www.google-analytics.com	20 KB
4	facebook.net connect.facebook.net	288 KB
3	bluekai.com tags.bluekai.com	1 KB
3	exelator.com 2 redirects loadm.exelator.com load77.exelator.com	2 KB
3	eyeota.net 1 redirects ps.eyeota.net	2 KB
3	yahoo.com 2 redirects ups.analytics.yahoo.com cms.analytics.yahoo.com	2 KB
3	google.com www.google.com	14 KB
2	3lift.com 1 redirects eb2.3lift.com	718 B
2	tapad.com 2 redirects pixel.tapad.com	905 B
2	1dmp.io 1 redirects sync.1dmp.io	805 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	520 B
2	id5-sync.com 1 redirects id5-sync.com	2 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	audrte.com 2 redirects a.audrte.com	1 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com	913 B
2	smartstream.tv 1 redirects ads.smartstream.tv cm.smartstream.tv	849 B
2	rlcdn.com idsync.rlcdn.com	396 B
2	mathtag.com 2 redirects pixel.mathtag.com	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	1rx.io 2 redirects sync.1rx.io	743 B
2	unrulymedia.com 1 redirects usermatch.targeting.unrulymedia.com sync.targeting.unrulymedia.com	614 B
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	advertising.com 2 redirects pixel.advertising.com	676 B
2	adscale.de 2 redirects ih.adscale.de	691 B
2	360yield.com 1 redirects ad.360yield.com	826 B
1	thrtle.com thrtle.com
1	ml314.com ml314.com	422 B
1	contentexchange.me match.contentexchange.me	49 B
1	smaato.net s.ad.smaato.net	238 B
1	teads.tv sync.teads.tv	172 B
1	agkn.com 1 redirects aa.agkn.com	344 B
1	userreport.com pdw-adf.userreport.com	444 B
1	pubmatic.com simage2.pubmatic.com	544 B
1	krxd.net beacon.krxd.net	338 B
1	onaudience.com pixel.onaudience.com	247 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net	406 B
1	openx.net eu-u.openx.net	275 B
1	stickyadstv.com ads.stickyadstv.com	713 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	rubiconproject.com token.rubiconproject.com	214 B
1	yieldlab.net ad.yieldlab.net	522 B
1	ytimg.com i.ytimg.com	15 KB
1	ggpht.com yt3.ggpht.com	2 KB
1	fontawesome.com use.fontawesome.com	8 KB
0	ib-ibi.com Failed global.ib-ibi.com Failed
0	seadform.net Failed a1.seadform.net Failed
0	google.de Failed www.google.de Failed
0	googleoptimize.com Failed www.googleoptimize.com Failed
0	googleadservices.com Failed www.googleadservices.com Failed
160	64

	Domain	Requested by
25	s3media.clubpremier.com	www.clubpremier.com s3media.clubpremier.com
12	c1.adform.net	2 redirects a2.adform.net c1.adform.net
12	www.youtube.com	www.clubpremier.com s3media.clubpremier.com www.googletagmanager.com www.youtube.com
8	execution-ci360.clubpremier.com	www.clubpremier.com execution-ci360.clubpremier.com
6	www.facebook.com	www.clubpremier.com
6	www.googletagmanager.com	www.clubpremier.com www.googletagmanager.com
6	www.clubpremier.com	www.clubpremier.com s3media.clubpremier.com
5	cm.adsafety.net	5 redirects
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	dmp.adform.net	c1.adform.net
4	cm.g.doubleclick.net	4 redirects
4	match.adsrvr.org	4 redirects
4	uipglob.semasio.net	3 redirects c1.adform.net
4	jnn-pa.googleapis.com	www.youtube.com
4	secure.adnxs.com	www.clubpremier.com c1.adform.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	connect.facebook.net	www.clubpremier.com connect.facebook.net
3	bcp.crwdcntrl.net	tags.crwdcntrl.net bcp.crwdcntrl.net
3	tags.bluekai.com	c1.adform.net bcp.crwdcntrl.net
3	sync.crwdcntrl.net	1 redirects c1.adform.net bcp.crwdcntrl.net
3	ps.eyeota.net	1 redirects c1.adform.net
3	www.google.com	www.clubpremier.com www.youtube.com
3	tags.crwdcntrl.net	www.googletagmanager.com tags.crwdcntrl.net
2	eb2.3lift.com	1 redirects c1.adform.net
2	pixel.tapad.com	2 redirects
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	id5-sync.com	1 redirects c1.adform.net
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	a.audrte.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	idsync.rlcdn.com	c1.adform.net bcp.crwdcntrl.net
2	loadm.exelator.com	2 redirects
2	pixel.mathtag.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	sync.1rx.io	2 redirects
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects c1.adform.net
2	pixel.advertising.com	2 redirects
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	a2.adform.net	1 redirects www.clubpremier.com
1	thrtle.com	bcp.crwdcntrl.net
1	ml314.com	bcp.crwdcntrl.net
1	cms.analytics.yahoo.com	1 redirects
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	cm.smartstream.tv	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	pixel.onaudience.com	c1.adform.net
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	sync.targeting.unrulymedia.com	c1.adform.net
1	usermatch.targeting.unrulymedia.com	1 redirects
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	ad.crwdcntrl.net	www.googletagmanager.com
1	s2.adform.net	www.clubpremier.com
1	fonts.googleapis.com	s3media.clubpremier.com
1	use.fontawesome.com	www.clubpremier.com
0	global.ib-ibi.com Failed	c1.adform.net
0	a1.seadform.net Failed	www.clubpremier.com
0	www.google.de Failed	www.clubpremier.com
0	www.googleoptimize.com Failed	www.googletagmanager.com
0	www.googleadservices.com Failed	www.googletagmanager.com
160	82

This site contains links to these domains. Also see Links.

Domain
member.clubpremier.com
viajeropremier.clubpremier.com
crucerosenlinea.clubpremier.com
hotelesenlinea.clubpremier.com
www.americanexpressaeromexico.clubpremier.com
santander.clubpremier.com
vuelaconpuntos.clubpremier.com
tienda.clubpremier.com
subastas.clubpremier.com
experiencias.clubpremier.com
corporativo.clubpremier.com
aeromexico.com
americanexpressaeromexico.clubpremier.com
play.google.com
itunes.apple.com
amfacturacion.aeromexico.com
www.facebook.com
twitter.com
www.instagram.com
api.whatsapp.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-15` - `2021-12-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
execution-ci360.clubpremier.com Amazon	`2021-07-20` - `2022-08-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-11-24` - `2022-04-26`	5 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.onaudience.com Certyfikat SSL	`2021-05-28` - `2022-05-28`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.userreport.com Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-06-04`	a year	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
*.thrtle.com Go Daddy Secure Certificate Authority - G2	`2021-03-22` - `2022-04-23`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
Frame ID: 48F9FBC2E8D4844C8B46954A071287F9
Requests: 83 HTTP requests in this frame

Frame: https://www.youtube.com/embed/DUNhPfIRKys?enablejsapi=1&version=3&playerapiid=ytplayer
Frame ID: 50CFBDFB5A054C186761C2D4333DA290
Requests: 21 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4760B0B21410246BBD5FDA0972013697
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Frame ID: 26BF751A2E5191F0DB54143DF44048AB
Requests: 45 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6A415BB822A4C35BB69E42483C850D7B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 254855A746559ABC99E99670E6B8DEFE
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=11784
Frame ID: A503169D23F51CDAD50E017652DABD99
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=41%2C61%2C14%2C12%2C125%2C2&c=11784
Frame ID: E3975E103FE38B4C9C3E195A5E78FA1D
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Toma Todo | Club Premierauctionauctionsbankbuy-pointscalculatorcarcardcarechains-hotelcine#shape-email-30x14.8entertainmentexpfaq#shape-finances-30x14.8flight-productsflightgift-cardiconosiconosiconosiconosiconosiconosiconosiconosiconoshotelicon-beneficio1icon-beneficio2icon-beneficio3icon-beneficio4insurancelocatemallicon-memeber#shape-menu-aerolineas-30x14.8#shape-menu-asistencias-22.15x30bancos#shape-menu-caculadora-21.83x30iconos#shape-menu-comparte-30x24.95#shape-menu-compra-puntos-30x27.88#shape-menu-cruise-30x30#shape-menu-entretenimiento-30x27.2#shape-menu-experiencias-23.76x30#shape-menu-gasolineras-26.33x30#shape-menu-hoteles-30x16.72iconos#shape-menu-otros-30x29.44#shape-menu-productos-vuelo-30x25.91#shape-menu-recupera-puntos-30x27.88#shape-menu-regalo-30x20.23#shape-menu-salon-premier-30x27.88#shape-menu-seguro-27.57x30servicios financieros#shape-menu-servicios-viaje-30x24.06#shape-menu-subastas-30x30#shape-menu-taxi-30x25.34#shape-menu-tickets-30x25.81#shape-menu-tienda-linea-30x24.13#shape-menu-tiendas-21.38x30#shape-menu-transferencia-30x30#shape-menu-transporte-30x23.43#shape-menu-vacaciones-30x21.73#shape-multiply-30x14.8othericon-memeberplayerpoints-suitcaseicon-memeber#shape-promotions-30x29.09pump#shape-raffle-curves-30x27.88raffle-facesraffleretrieve-pointssalon-premiershareshop-onlineshop#shape-special-premier-30x27.88icon-memeber#shape-stop-sign-30x14.8Group 3Fill 1Group 3Group 2Group 3Group 4taxiticketstransfer#shape-transfers-30x14.8traveltripwinners

Page Statistics

160
Requests

76 %
HTTPS

28 %
IPv6

64
Domains

82
Subdomains

53
IPs

8
Countries

3887 kB
Transfer

10517 kB
Size

110
Cookies

41 Outgoing links

These are links going to different origins than the main page.

URL: https://member.clubpremier.com/individual/recuperacuenta
Title: Recupera tu No. de Cuenta

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/recuperar-nip
Title: Olvidé mi contraseña

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/
Title: Inicia sesión

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/registro
Title: Inscríbete

Search URL Search Domain Scan URL

URL: https://viajeropremier.clubpremier.com/
Title: Viajero Premier

Search URL Search Domain Scan URL

URL: https://crucerosenlinea.clubpremier.com/
Title: Cruceros en Línea

Search URL Search Domain Scan URL

URL: https://hotelesenlinea.clubpremier.com/c/home/es-MX/
Title: Hoteles en linea

Search URL Search Domain Scan URL

URL: https://www.americanexpressaeromexico.clubpremier.com/clubpremier
Title: Las Tarjetas American Express® Aeroméxico

Search URL Search Domain Scan URL

URL: https://santander.clubpremier.com/
Title: Las Tarjetas Santander Aeroméxico

Search URL Search Domain Scan URL

URL: https://vuelaconpuntos.clubpremier.com/
Title: Vuelos

Search URL Search Domain Scan URL

URL: https://tienda.clubpremier.com/
Title: Tienda en Línea

Search URL Search Domain Scan URL

URL: https://subastas.clubpremier.com/
Title: Subastas Premier

Search URL Search Domain Scan URL

URL: https://experiencias.clubpremier.com/?es
Title: Experiencias Premier

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/redenciones-g500-compras
Title: Microredenciones G500

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/individual/mis-datos
Title: Mi Perfil

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/individual/movimientos-por-fecha
Title: Estado de Cuenta

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/individual/reportar-tarjeta-robada
Title: Reposición de Tarjeta

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/unificacion-de-cuentas
Title: Unificación de cuentas

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/individual/acreditacion-retroactiva-aeromexico
Title: Aeroméxico

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/individual/acreditacion-retroactiva-otras-aerolineas
Title: SkyTeam y Otras Aerolíneas

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/htlArrRegister/register
Title: Hoteles y Arrendadoras

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/individual/programa-familiar
Title: Mi Grupo

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/individual/transferir
Title: Transfiere Puntos Premier

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/invita-a-un-amigo
Title: Invita a un amigo

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/toma-todo
Title: Toma Todo

Search URL Search Domain Scan URL

URL: https://corporativo.clubpremier.com/?enviroment=mx&lang=es
Title: EMPRESAS

Search URL Search Domain Scan URL

URL: https://corporativo.clubpremier.com/mx/corporativo/descubre?corpCategory=descubre&lang=es
Title: Descubre Club Premier Corporativo

Search URL Search Domain Scan URL

URL: https://corporativo.clubpremier.com/login/auth?lang=es
Title: Mi Cuenta Corporativa

Search URL Search Domain Scan URL

URL: https://aeromexico.com/es-mx
Title: AEROMÉXICO

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/individual/tutoriales
Title: Tutoriales

Search URL Search Domain Scan URL

URL: https://americanexpressaeromexico.clubpremier.com/clubpremier/
Title: Las Tarjetas American Express® Aeroméxico

Search URL Search Domain Scan URL

URL: http://experiencias.clubpremier.com/?es
Title: Experiencias Premier

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/ticket/index
Title: Tiendas y Más

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/santander/toma-todo
Title: Conoce tu Objetivo

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.clubpremier.loyalty.android

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/mx/app/club-premier/id592240448?mt=8&ign-mpt=uo%3D4

Search URL Search Domain Scan URL

URL: https://amfacturacion.aeromexico.com/
Title: Facturación Electrónica

Search URL Search Domain Scan URL

URL: https://www.facebook.com/clubpremiermexico

Search URL Search Domain Scan URL

URL: https://twitter.com/clubpremier_mx

Search URL Search Domain Scan URL

URL: https://www.instagram.com/clubpremier/

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=5215515194040&text=Hola&source=&data=

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://a2.adform.net/Serving/TrackPoint/?pm=2358553&ADFPageName=www.clubpremier.com%7C%2Fmx%2Ftoma-todo%2F%7Chttps%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&ADFdivider=%7C&ord=598786562045&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2358553&ADFPageName=www.clubpremier.com%7C%2Fmx%2Ftoma-todo%2F%7Chttps%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&ADFdivider=%7C&ord=598786562045&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo

Request Chain 71

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 105

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=5404479822701235357&Expiration=1640041172 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5404479822701235357&Expiration=1640041172

Request Chain 108

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5404479822701235357&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5404479822701235357&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=aad55974d00a47a5b3ff2ef08b3cdaba HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=0c09e67edf4732a6e228e30136b1105e1dbf73589d5e791a8f984665bbc2ce33

Request Chain 110

https://pixel.advertising.com/ups/55944/sync?uid=5404479822701235357&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55944/sync?uid=5404479822701235357&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=5404479822701235357&_origin=1&apid=UP2c894eb0-56e8-11ec-a9b7-0633aa71edb2 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=5404479822701235357&_origin=1&apid=UP2c894eb0-56e8-11ec-a9b7-0633aa71edb2&verify=true

Request Chain 112

https://x.bidswitch.net/sync?dsp_id=70&user_id=5404479822701235357 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=5404479822701235357 HTTP 302
https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/9a7602f7-4fa0-456a-8db7-791bd5b32fd1?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/9a7602f7-4fa0-456a-8db7-791bd5b32fd1?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/9a7602f7-4fa0-456a-8db7-791bd5b32fd1?zcc=1&dspret=0&cb=1638831572232 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f8cad750-1e47-455a-96a3-f2f951e3eb71-003

Request Chain 113

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5404479822701235357&expiration=1640041172 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5404479822701235357&expiration=1640041172&C=1

Request Chain 114

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=5404479822701235357&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=5404479822701235357&sInitiator=external HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal HTTP 302
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=e82961ae-95d4-4100-a83b-2de6e9bfa3d5&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=b57c236f-377c-4b5c-b93e-cb0e19bcca4d

Request Chain 115

https://ps.eyeota.net/match?uid=5404479822701235357&bid=9gdtmu1 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=5404479822701235357&bid=9gdtmu1

Request Chain 116

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5404479822701235357 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5404479822701235357&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 118

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5404479822701235357 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5404479822701235357

Request Chain 121

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 123

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=5404479822701235357 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM12021120622ee22db733db07055a9e&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=c123640d253a1eb75b24b34d3bc2b388 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12021120622ee22db733db07055a9e&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=c123640d253a1eb75b24b34d3bc2b388&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMTEyMDYyMmVlMjJkYjczM2RiMDcwNTVhOWU HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEIfgidRHKwyGDf4jtPigM2E&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12021120622ee22db733db07055a9e HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=5404479822701235357 HTTP 302
https://dsp.adfarm1.adition.com/cookie/?ssp=6 HTTP 302
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7038728005402622095

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTQwNDQ3OTgyMjcwMTIzNTM1Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=NTQwNDQ3OTgyMjcwMTIzNTM1Nw&google_tc= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAnV6OOkx06wdZ3byaEtrIo&google_cver=1&google_ula=1641347,0

Request Chain 127

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=9094245443045402010&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=5404479822701235357

Request Chain 130

https://a.audrte.com/a?adform_uid=5404479822701235357 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEJixIzpkFsQYf1AoQ2VCXCg&google_cver=1 HTTP 302
https://ps.eyeota.net/match?bid=kh51m51&uid=ig3-SRoHm8iSrmRyp5j-xt0OA&gdpr=0&gdpr_consent=

Request Chain 131

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=5404479822701235357&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=5404479822701235357&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=08907420839677329792983669137149364687&noredirect=1

Request Chain 132

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=5404479822701235357 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164860203992000545728

Request Chain 133

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7038728005402622095

Request Chain 135

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=e82961ae-95d4-4100-a83b-2de6e9bfa3d5

Request Chain 136

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=mu27Je2X1MUmXi5

Request Chain 137

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=84394e9d-5aa2-4f6c-9018-5c0989a46e0f

Request Chain 139

https://id5-sync.com/s/10/0.gif?puid=5404479822701235357 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=5404479822701235357&gdpr=1&gdpr_consent=

Request Chain 140

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1819680647 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=CP1hsykFWmSXsyvStEhN8.

Request Chain 142

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=5404479822701235357 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=5404479822701235357&cs=1

Request Chain 144

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=5404479822701235357&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=5404479822701235357&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=e275065b-6279-4593-992c-70cbbb17bac7

Request Chain 146

https://eb2.3lift.com/xuid?mid=7354&xuid=5404479822701235357&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=5404479822701235357&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

Request Chain 154

https://cms.analytics.yahoo.com/cms?partner_id=LOTME HTTP 302
https://bcp.crwdcntrl.net/cmap/c=5437/tp=DTAX/tpidqp=tpidqa?tpidqa=y-yj9kWJxE2pzeQixt.D7kGp8s3jHAaC3AMbw-~A

Request Chain 159

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=25551966%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 302
https://sync.crwdcntrl.net/map/c=281/rand=25551966/tpid=9094245443045402010/tp=ANXS

160 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.clubpremier.com/mx/toma-todo/ 215 KB
61 KB 1541ms
1501ms Document
text/html 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.16

Resource Hash

b1be8ac8036ec31bf44d53a36ad10d85216b127c849f7ca67142c958e043dd34

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.16
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
link: <https://www.clubpremier.com/mx/wp-json/>; rel="https://api.w.org/" <https://www.clubpremier.com/mx/wp-json/wp/v2/pages/56625>; rel="alternate"; type="application/json" <https://www.clubpremier.com/mx/?p=56625>; rel=shortlink
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' *.fontawesome.com *.hotjar.com *.adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com *.cybba.solutions *.cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net *.yimg.com *.crwdcntrl.net *.amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info *.clubpremier.info *.clubpremier.com *.ve.vom *.ve.com *.veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com *.cloudflare.com *.bootstrapcdn.com *.ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net *.amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com *.poder.io *.krxd.net *.facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem *.datatables.net *.angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b991ff9c8f859d7-MXP
content-encoding: gzip

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.8/css/ 35 KB
8 KB 468ms
429ms Stylesheet
text/css 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.8/css/all.css
Requested by: Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4080b83d8afc4487b8229308be2f196372bd2123613b46388048f14159f07181

Request headers

Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
Origin: https://www.clubpremier.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: HPTMZWCG0689HRJJ
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2: vZhUOH/te/Xfpzw3nrtKUtJmN+4RVvElh3ekTig4i2Jq5MzU1vIqb87V5RNprdMaewFbG8zfOuo=
last-modified: Wed, 30 Jun 2021 15:28:03 GMT
server: cloudflare
etag: W/"265a36ec650d63e307e611cdf14d9b89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mB9TaPXw33iMxwBWh4%2FCDNe%2BpnmbrtEZN6rsxKVvRJkkbS4S5FN2YaGyPkKlpI0%2BydUDTopY8x9NGYk9TsU3VUBu5r5vyup%2Fv8oi0YyFiOMkFOYA6cY31tqYTBI6qb3YczkNQngdtcdUPdnlMUO9ALiq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6b9920038e7f5a1f-MXP

GET
H2 200 style.min.css
www.clubpremier.com/wp-includes/css/dist/block-library/ 57 KB
9 KB 34ms
33ms Stylesheet
text/css 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clubpremier.com/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 340723
vary: Accept-Encoding
content-length: 8685
x-xss-protection: 1;mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Apr 2021 23:50:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "e33b-5bf567a917900-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/css
cache-control: public, max-age=31195277
content-security-policy: default-src 'self' *.fontawesome.com *.hotjar.com *.adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com *.cybba.solutions *.cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net *.yimg.com *.crwdcntrl.net *.amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info *.clubpremier.info *.clubpremier.com *.ve.vom *.ve.com *.veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com *.cloudflare.com *.bootstrapcdn.com *.ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net *.amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com *.poder.io *.krxd.net *.facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem *.datatables.net *.angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
accept-ranges: bytes
cf-ray: 6b9920034df359d7-MXP
expires: Sat, 03 Dec 2022 00:20:47 GMT

GET
H2 200 vendor.css
s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/css/ 5 KB
3 KB 95ms
47ms Stylesheet
text/css 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/css/vendor.css?sha384-s3XR/YaINPSlJwWlIg2ctdUf5SH8xF0QMw2L0LmMl3HRMPB38XKbOy6ovHPXVkni

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

083939fc72b72ed3c52b9648462f3f7320f8806f042b2d1dcd9caf329f69a7ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
Origin: https://www.clubpremier.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 306915
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: D4EJAK49J8JC3MH9
x-amz-id-2: IGLoh1GIbjDlYbScn7VBAae2oEUjA8ZL+U9iPnSQXWqD/KbbXc3y8piKfGbQ53Kp3hZPMka5V0M=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Dec 2021 23:53:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "3981202c964a6878a36d7a9f80dd13cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
content-security-policy: default-src 'self' *.fontawesome.com *.hotjar.com *.adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com *.cybba.solutions *.cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net *.yimg.com *.crwdcntrl.net *.amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info *.clubpremier.info *.clubpremier.com *.ve.vom *.ve.com *.veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com *.cloudflare.com *.bootstrapcdn.com *.ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net *.amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com *.poder.io *.krxd.net *.facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem *.datatables.net *.angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
cf-ray: 6b9920039cf9375b-MXP
access-control-allow-headers: cache-control, content-type
expires: Thu, 06 Jan 2022 22:59:30 GMT

GET
H2 200 main.css
s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/css/ 472 KB
97 KB 82ms
34ms Stylesheet
text/css 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/css/main.css?sha384-eyWtXN6txQJi/0FErj9k9zQimHVeFEDpqMumSMsynqHLI9qnLIWVLa3oEw7mmkj+

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

877bc9a3e0552defae9c38eb8e93410597c4b188a44447268be4651de807c41d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
Origin: https://www.clubpremier.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92445
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: PMC8T7BM3CEE0B8H
x-amz-id-2: 38BIt9t/KUQ7oxzBZBMupEPNiR5jMubg2TahGdLAhm5/+8CDTPFltL7+rfsuo4ltgOFuAKi4HNE=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Dec 2021 23:53:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "cfccd1b0867631fac0ea267232a33c28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
cf-ray: 6b9920039cfd375b-MXP
access-control-allow-headers: cache-control, content-type
expires: Thu, 06 Jan 2022 22:59:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 324 KB
74 KB 71ms
44ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W56R6Q

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a7286cb0a20e4c1fedac6a0a58e7998f3adc1947d97b16f992de1edb8731779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75639
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Dec 2021 22:59:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 318 KB
63 KB 44ms
44ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5GRGL9T

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a10af4925fb7640381c6bc22a86e9f31fa1b09787e747a8f9dfa6568864114da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64112
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Dec 2021 22:59:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 294 KB
64 KB 33ms
28ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TS973S

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c4c10d40ef7724dcd828b0cf4bdec5dff7eceb5ae76fc38ca02002781d6d8fec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65356
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Dec 2021 22:59:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 159 KB
46 KB 27ms
22ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KN68QHM

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed2419166bfac2307c33e6afae17887b9482da3d2336622b383262fb84f6842f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47107
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Dec 2021 22:59:30 GMT

GET
H2 200 logo-cp.svg
s3media.clubpremier.com/club_premier/ 6 KB
3 KB 50ms
45ms Image
image/svg+xml 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/club_premier/logo-cp.svg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e029a201d8fb650079023726b6644a7a6eccb791abeeb2634774e063ef286221

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 101401
content-type: image/svg+xml
vary: Accept-Encoding
x-amz-request-id: M678XVMX4YR7M1CK
x-amz-id-2: bnrQe46L5YJHF8ifaox8I4S/NI7sRu1QJfs0ckcbjC5mn/dsT/lKvu5vCp5ylGRxgj1OIlhSPu4=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Nov 2016 22:42:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"29a1ea51787baabb5e50eea1d4ca9b77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: null
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
content-security-policy: default-src 'self' *.fontawesome.com *.hotjar.com *.adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com *.cybba.solutions *.cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net *.yimg.com *.crwdcntrl.net *.amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info *.clubpremier.info *.clubpremier.com *.ve.vom *.ve.com *.veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com *.cloudflare.com *.bootstrapcdn.com *.ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net *.amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com *.poder.io *.krxd.net *.facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem *.datatables.net *.angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
cf-ray: 6b9920065cd059d7-MXP
access-control-allow-headers: cache-control, content-type
expires: Thu, 06 Jan 2022 22:59:30 GMT

GET
H2 200 hd-tomatodo.gif
s3media.clubpremier.com/CPcms/21/hd/ 326 KB
327 KB 50ms
46ms Image
image/gif 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/21/hd/hd-tomatodo.gif

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

336f697e0cb8fe3930fe257bc673fbe383e7c919b5e9dd348b44ed20c22278b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92444
cf-polished: origSize=338160
vary: Accept-Encoding
x-amz-request-id: A7FEEQX1TTXTNKWZ
x-amz-id-2: OlI2a4zdddVPscbDi5KIOJx0fsTDIIZ6kzKBkcjvrMV6jKdkvwDdocGcPycK8qh0Laf5/bXjdak=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 06 Jan 2022 22:59:30 GMT
last-modified: Thu, 21 Oct 2021 22:07:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "857c07e4d9b9a62f1eb102f9246b3637"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: 4zAsLK.mupp27v8XHSiBJMbdrtqkJ2Tq
content-length: 334047
cf-ray: 6b9920064ca759d7-MXP
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 papa-uno.png
s3media.clubpremier.com/CPcms/21/cn/ 46 KB
46 KB 43ms
38ms Image
image/png 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/21/cn/papa-uno.png

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

330306ee94186a08fc0f5203c3c25cab9db4bfd09eeb22f71d1eedfd83af063c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92444
cf-polished: origSize=54354
vary: Accept-Encoding
x-amz-request-id: A7FD3S1W60YXV680
x-amz-id-2: nR/V3lTbhvBAO0GKZAmYY3dKJYD2F/0bFlg0fMFUZSoc66y4+T6rIITJ9A76wP73QB6URCRH45k=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 06 Jan 2022 22:59:30 GMT
last-modified: Thu, 21 Oct 2021 21:50:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "df1e8e0cb2d556d1be84b9e30368544e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: AvUJo9MPvvKZwKBsBnHeu8w3UVwN1w5v
content-length: 47202
cf-ray: 6b9920064ca959d7-MXP
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 papa-dos.png
s3media.clubpremier.com/CPcms/21/cn/ 45 KB
45 KB 50ms
46ms Image
image/png 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/21/cn/papa-dos.png

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d16b4d12be66bb6c3b865d7c37d5bd335f4015de3f923f281082e4abd3158d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92444
cf-polished: origSize=52425
vary: Accept-Encoding
x-amz-request-id: A7F79S9BCS8JY3K6
x-amz-id-2: MJ/akKS2kLp6n57kQEZiieQ2/uHIL0yB5k+CGav7aOM1AVRLqt2E32Mv/Fvk22gFSSPMmQB/Aoc=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 06 Jan 2022 22:59:30 GMT
last-modified: Thu, 21 Oct 2021 21:50:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "06f63b11d34e8fbfe76efba1f109efe2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: zjYFCfja_wq4MsfpOKrtJ9lChwOHb58p
content-length: 45754
cf-ray: 6b9920064caa59d7-MXP
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 papa-tres.png
s3media.clubpremier.com/CPcms/21/cn/ 45 KB
46 KB 37ms
32ms Image
image/png 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/21/cn/papa-tres.png

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d6b0994de4daebf4c729000c7e75b7eba093d2281481cecd4ad4868ed5f2128

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92444
cf-polished: origSize=49191
vary: Accept-Encoding
x-amz-request-id: A7FFS4F4V9N7FRVN
x-amz-id-2: R3WOUdt11tDV3XSgFtggR7d9hqFQ1y4KECR64RO4szs3E+ldkMQMs7yNlzLRdUY2U2Cvr0VjPo4=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 06 Jan 2022 22:59:30 GMT
last-modified: Thu, 21 Oct 2021 21:50:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "f33d8633561dabec3fd3ebce1a9e86eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: Mb9gD.wdldFfYM3GZWYmv84li9wXIMPj
content-length: 46464
cf-ray: 6b9920064cad59d7-MXP
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 papa-vacaciones.png
s3media.clubpremier.com/CPcms/21/cn/ 110 KB
110 KB 47ms
43ms Image
image/png 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/21/cn/papa-vacaciones.png

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bd10e33c334ec8aa3ef7089aaccaac17e5ec60ace7f1b0bbc1661c7a5a6f530

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92444
cf-polished: origSize=119365
vary: Accept-Encoding
x-amz-request-id: A7F79BZC4BX4ARAZ
x-amz-id-2: D1g9hrUjWGxgYQ4XFKuW/aaVNpudsQf8ioee3+1p55eLHR4DFCsYIkZ257fH95q6zSkzDt9UtuQ=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 06 Jan 2022 22:59:30 GMT
last-modified: Thu, 21 Oct 2021 21:50:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5735313aebd7a0b1622c7d1bf0bab453"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: k2kHKpxtfpHqQLxdNr5lFI.rqABBclEZ
content-length: 112614
cf-ray: 6b9920064caf59d7-MXP
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 premio-cel-caribe.jpg
s3media.clubpremier.com/CPcms/21/cn/ 9 KB
10 KB 35ms
31ms Image
image/jpeg 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/21/cn/premio-cel-caribe.jpg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ab1bdcdc9caa1c7573e7d221e8cef7549ba6c2c4d67603aa9af0ae65c68dd0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92444
cf-polished: degrade=85, origSize=34975
vary: Accept-Encoding
x-amz-request-id: A7F0B57N0YPP6NQ3
x-amz-id-2: VN6d12g5UC/O0luzs7R0bEKaCFu/77l12+NqJPi4DW17+3jskUshkHlC/cB7GszYgXn1bm4GtuY=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 06 Jan 2022 22:59:30 GMT
last-modified: Thu, 21 Oct 2021 21:50:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "a8003ef5a359deb654d0c3656d5a5e3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: 4Hfl.eJbKHunnp_OBVSe3a5wFuOEntU_
content-length: 9593
cf-ray: 6b9920064cb059d7-MXP
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 premio-puntospremier.jpg
s3media.clubpremier.com/CPcms/21/cn/ 9 KB
9 KB 36ms
32ms Image
image/jpeg 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/21/cn/premio-puntospremier.jpg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15d2b3b815538a66e96747a543d9ac01d71e2d062df76f63fccb3c74d8ba06e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92444
cf-polished: degrade=85, origSize=32877
vary: Accept-Encoding
x-amz-request-id: A7F6ZHHJ29TCC34S
x-amz-id-2: Ne89+vIqCtSN9k62iR48KPzhAFBjIc+8GhTZ7WwsFie2AauSaWTzg+H9b4NtXjAwbAs0JKgVSrc=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 06 Jan 2022 22:59:30 GMT
last-modified: Thu, 21 Oct 2021 21:50:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "c12d3770a96873514004add0574d4d18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: .dV8oeUca73lXLc_.V19uCWEV120XNbM
content-length: 8889
cf-ray: 6b9920064cb359d7-MXP
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 premio-lapaz.jpg
s3media.clubpremier.com/CPcms/21/cn/ 9 KB
9 KB 34ms
30ms Image
image/jpeg 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/21/cn/premio-lapaz.jpg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a148b744df4ce54a86de0f4cbde02e86f987357d72c718ff835f8eb81e52b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92444
cf-polished: degrade=85, origSize=33910
vary: Accept-Encoding
x-amz-request-id: A7F8QV5KWKBBQ353
x-amz-id-2: HcJJK1DkuYuHxnLki4nDy69e6oBCvCEsAFY/yNHPFfGH2VgraqOBB5fqDY3zjUSv1YrNcpAAmr8=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 06 Jan 2022 22:59:30 GMT
last-modified: Thu, 21 Oct 2021 21:50:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "163d0e8081b71f0581e30ce9685044d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: 1wAbetEE5ejylTinni4mpyNUQR07w9Qp
content-length: 9041
cf-ray: 6b9920064cb459d7-MXP
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 premio-g500.jpg
s3media.clubpremier.com/CPcms/21/cn/ 9 KB
9 KB 48ms
45ms Image
image/jpeg 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/21/cn/premio-g500.jpg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e38dc593509e1d43d8c6f1ea75d16726a8438fb17c569dec47b4ccbe6f663e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92444
cf-polished: degrade=85, origSize=31247
vary: Accept-Encoding
x-amz-request-id: A7F4H92HVWCSEWAS
x-amz-id-2: YwClBBxD95NXll59KcANQqKR75FV5X7RvcMsaTKgaomFQLSxn0rQkQD9u0lHo/Ed3ZD3O2/vyiA=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 06 Jan 2022 22:59:30 GMT
last-modified: Thu, 21 Oct 2021 21:50:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d320afee587757785855105d186d809e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: 7cC8i7K8JE02ScheGYQMfdRDsuA5RLtD
content-length: 8903
cf-ray: 6b9920064cb559d7-MXP
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 premio-tabletas.jpg
s3media.clubpremier.com/CPcms/21/cn/ 9 KB
10 KB 48ms
44ms Image
image/jpeg 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/21/cn/premio-tabletas.jpg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b890609ad2b91e9291e2ed45eeab7039e9ad0c043368930de8cbc8945061d90

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92444
cf-polished: degrade=85, origSize=38523
vary: Accept-Encoding
x-amz-request-id: A7F34582BX9A1MJG
x-amz-id-2: EGJvoLcJFvnz3m6lo0oR/9jCKNDDiRUY/GHcQpLnkGmNuS+XwxOVn67qaZ04Ourzk4nJ5rUeOi0=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 06 Jan 2022 22:59:30 GMT
last-modified: Thu, 21 Oct 2021 21:50:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5ab079cb2680a13970e5652e1e92e756"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: vbC.fTWIE9HqlJBMFKhAfYayzkhzRvd_
content-length: 9682
cf-ray: 6b9920064cb659d7-MXP
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 premio-celular.jpg
s3media.clubpremier.com/CPcms/21/cn/ 7 KB
7 KB 49ms
45ms Image
image/jpeg 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/21/cn/premio-celular.jpg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f49d467215cf38a44d1eb059db84876d0cd69487c3535f5b9bf3c0df60a5ea33

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92444
cf-polished: degrade=85, origSize=22500
vary: Accept-Encoding
x-amz-request-id: A7FBZ9BM2EDM0PBX
x-amz-id-2: H0X55+bJRKa2dqkzAdys55jbtwu0ZqxnhjxOOBB5kLCJ3y2uttjj5oW4WaTLfMXygpkj1xOSrxs=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 06 Jan 2022 22:59:30 GMT
last-modified: Thu, 21 Oct 2021 21:50:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6fda4041337db67d0f2b44e8e38d17ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: 6nZqR9SBNwl7kIP9M9NsJhRwEoqFlbkw
content-length: 6719
cf-ray: 6b9920065ccd59d7-MXP
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 premio-certderegalos.jpg
s3media.clubpremier.com/CPcms/21/cn/ 9 KB
9 KB 48ms
44ms Image
image/jpeg 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/21/cn/premio-certderegalos.jpg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a10dfcf82dd45a07cab17caa3b12cd542420f2a35ad2d0361256e7b9c7f5333c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92444
cf-polished: degrade=85, origSize=33363
vary: Accept-Encoding
x-amz-request-id: A7F12RF7VTFWPF2Y
x-amz-id-2: 5kfs9S0vMdzG35BPi01cZm82Li+HbZo8S3z5p7s/1dzDxE9jUkFivXYIPh6zPvoZrrfuMKuad78=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 06 Jan 2022 22:59:30 GMT
last-modified: Thu, 21 Oct 2021 21:50:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0ab53db90317192dfa102dcb5d4cc13a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: ElJoXRvjG3uBzrIk697SMDow8P5nxEca
content-length: 9120
cf-ray: 6b9920065cce59d7-MXP
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 tt-aeromexico.png
s3media.clubpremier.com/CPcms/21/cn/ 3 KB
3 KB 57ms
54ms Image
image/png 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/21/cn/tt-aeromexico.png

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1582b4c7a0cfb514b0a2802236cb99167baca86779e4b17055f171d340933c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92444
cf-polished: origSize=4254
vary: Accept-Encoding
x-amz-request-id: A7F5JTK28GQB3FVY
x-amz-id-2: g6YBJDmDsQev0ZUniEoRWE/llUaOihA3UTRbqvjNfYy1ocTQleXFmBto91pjfz3iSUBdrpLkj84=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 06 Jan 2022 22:59:30 GMT
last-modified: Thu, 21 Oct 2021 21:50:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "a4cc8f3a2479b4f456c6664579837c97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: C8.dHp3KcynKOT1GAjWZ7AXcHdhuOkOD
content-security-policy: default-src 'self' *.fontawesome.com *.hotjar.com *.adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com *.cybba.solutions *.cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net *.yimg.com *.crwdcntrl.net *.amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info *.clubpremier.info *.clubpremier.com *.ve.vom *.ve.com *.veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com *.cloudflare.com *.bootstrapcdn.com *.ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net *.amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com *.poder.io *.krxd.net *.facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem *.datatables.net *.angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
content-length: 2669
cf-ray: 6b9920065cd259d7-MXP
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 tt-cel.png
s3media.clubpremier.com/CPcms/21/cn/ 3 KB
4 KB 47ms
45ms Image
image/png 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/21/cn/tt-cel.png

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80493588ff7857d73ba8c07e93b7ec0095ff7625d55bad8adc92ff611de72c01

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92444
cf-polished: origSize=4797
vary: Accept-Encoding
x-amz-request-id: A7F4A8NG61A23R0T
x-amz-id-2: ztMRHy/c5DD0uWOEQy2fpO09bH4NUpT69zQJNVbTEgGkMbBxVhBjLytZ6FG19ds/30MgttNI36I=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 06 Jan 2022 22:59:30 GMT
last-modified: Thu, 21 Oct 2021 21:50:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2d50738c8cc4c3bbcc13c0b5bf5e54a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: W9THvm.4XSjel67EBjpEXQXYJFyp6WCZ
content-security-policy: default-src 'self' *.fontawesome.com *.hotjar.com *.adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com *.cybba.solutions *.cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net *.yimg.com *.crwdcntrl.net *.amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info *.clubpremier.info *.clubpremier.com *.ve.vom *.ve.com *.veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com *.cloudflare.com *.bootstrapcdn.com *.ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net *.amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com *.poder.io *.krxd.net *.facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem *.datatables.net *.angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
content-length: 2969
cf-ray: 6b9920065cd459d7-MXP
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 tt-g500.png
s3media.clubpremier.com/CPcms/21/cn/ 2 KB
4 KB 56ms
54ms Image
image/png 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/21/cn/tt-g500.png

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a499df836dc927b877f5d18d5ea842a4acfb55044fa4c32bb53a31728c83d622

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92444
cf-polished: origSize=3956
vary: Accept-Encoding
x-amz-request-id: A7F9CQN684V9MB6X
x-amz-id-2: z0hQBFEvohhayfTrUISR1z1IkQCU5ARiHArpA7xFENWPcG0XwLIOPMusw6gJ6vQNYIxMjbbf46g=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 06 Jan 2022 22:59:30 GMT
last-modified: Thu, 21 Oct 2021 21:50:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "716a0bb267461f22d67d05d181b1316f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: cbcH8Kgwt6.Mnt.nLsrxZsOWCiDOMD1V
content-security-policy: default-src 'self' *.fontawesome.com *.hotjar.com *.adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com *.cybba.solutions *.cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net *.yimg.com *.crwdcntrl.net *.amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info *.clubpremier.info *.clubpremier.com *.ve.vom *.ve.com *.veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com *.cloudflare.com *.bootstrapcdn.com *.ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net *.amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com *.poder.io *.krxd.net *.facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem *.datatables.net *.angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
content-length: 2326
cf-ray: 6b9920065cd659d7-MXP
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 google-play-badge.svg
s3media.clubpremier.com/club_premier/img/footer/ 18 KB
7 KB 48ms
46ms Image
image/svg+xml 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/club_premier/img/footer/google-play-badge.svg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d8b61c6408c4958ee4e6b3cc18292b1c400c0fd73b8a410b9312350c61ebf69

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 323371
content-type: image/svg+xml
vary: Accept-Encoding
x-amz-request-id: XZJVQ3WBCFZHMTQ1
x-amz-id-2: Jl1whxHrDtzBChCC+LkD7JXqfpqNneEM5qCFyuaKI5U7INqJvPZJfxsaLRX/yRVKSoGKl/TqOhk=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 17 Oct 2018 15:14:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"72b3aecd40f50986abeca799f0f58cbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: null
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
cf-ray: 6b9920065cd759d7-MXP
access-control-allow-headers: cache-control, content-type
expires: Thu, 06 Jan 2022 22:59:30 GMT

GET
H2 200 app-store-badge.svg
s3media.clubpremier.com/club_premier/img/footer/ 24 KB
9 KB 46ms
44ms Image
image/svg+xml 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/club_premier/img/footer/app-store-badge.svg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3a7a908c325e84fb1b4fffa2b996f3f3ec813e08d969c382569ec075cc20aff

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 340774
content-type: image/svg+xml
vary: Accept-Encoding
x-amz-request-id: 4XMV19SVCRXJ0G12
x-amz-id-2: 1N3ci3tFw3LPMWVYPXGisQQxuesgie54RrkjI1IL8+LKcx27qAbj4ZUMSyeeANUMEJd+QNaja3A=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 17 Oct 2018 15:14:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3291ce858cee0ac5f2edc4a1c254765d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: null
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
cf-ray: 6b9920065cd959d7-MXP
access-control-allow-headers: cache-control, content-type
expires: Thu, 06 Jan 2022 22:59:30 GMT

GET
H2 200 email-decode.min.js Show response
www.clubpremier.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
814 B 19ms
19ms Script
application/javascript 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clubpremier.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Dec 2021 12:21:00 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61a768ac-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800, public
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b992003ff5e59d7-MXP
expires: Wed, 08 Dec 2021 22:59:30 GMT

GET
H2 200 vendor.js Show response
s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/js/ 2 MB
860 KB 39ms
38ms Script
application/javascript 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/js/vendor.js?sha384-s1Weu2H8g5AU1ZgIG5yl1w3Ewk/bzJhFM8609zY7lCYuGX6U7uZW++/Bz6KKeJIM

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdcdc615d4099dd79d4a437b12dc3656f7e643bb9a0118c2b4a6391b6cc66743

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
Origin: https://www.clubpremier.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 306915
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: D4EY0K5WJ09GC08J
x-amz-id-2: UgwTSfVy0pO2Iq7ks9Q721JRNicpBAVYiSYl81B8CqgSw2NnEK3sbtyDTmHwjloOGBRm4729kow=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Dec 2021 23:53:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "fb9930c1b3c59521fc609ca72f044ee4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
cf-ray: 6b9920043e19375b-MXP
access-control-allow-headers: cache-control, content-type
expires: Thu, 06 Jan 2022 22:59:30 GMT

GET
H2 200 clear_cache.js Show response
www.clubpremier.com/wp-content/plugins/cp-settings/js/ 664 B
491 B 33ms
33ms Script
application/x-javascript 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clubpremier.com/wp-content/plugins/cp-settings/js/clear_cache.js

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daf6c4ff2592cba88d5e4ef8efd1f6c2d27840af0101195dd4aea7bdec3a8213

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19251
vary: Accept-Encoding
content-length: 313
x-xss-protection: 1;mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Dec 2021 22:46:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "298-5d2318eb0fbf7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/x-javascript
cache-control: public, max-age=31516749
content-security-policy: default-src 'self' *.fontawesome.com *.hotjar.com *.adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com *.cybba.solutions *.cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net *.yimg.com *.crwdcntrl.net *.amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info *.clubpremier.info *.clubpremier.com *.ve.vom *.ve.com *.veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com *.cloudflare.com *.bootstrapcdn.com *.ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net *.amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com *.poder.io *.krxd.net *.facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem *.datatables.net *.angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
accept-ranges: bytes
cf-ray: 6b992004d91959d7-MXP
expires: Tue, 06 Dec 2022 17:38:39 GMT

GET
H2 200 app.js Show response
s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/js/ 357 KB
108 KB 32ms
30ms Script
application/javascript 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/js/app.js?sha384-bOliKh95Aq1Dn6wUMbcI1Dt75tNplt4iti4He1r7v+V8i2jztwZ6bvVSeOHqAwpd

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75e01166818b7365e2b190a6ee78b65af5ec27b15aa0a127cb4036b1b3feb914

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
Origin: https://www.clubpremier.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 195087
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: K1NAXJXF5E8AZAHY
x-amz-id-2: tRdBS2b0yXpCuarLNF7nfvdcihwBBQUWaJLdg0Zse/qfY4PccUJboqXP/DNnoCNbvZnS6l1fWfc=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Dec 2021 23:53:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "18f214cecdfbd1926891e803afcfa587"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
cf-ray: 6b9920053faf375b-MXP
access-control-allow-headers: cache-control, content-type
expires: Thu, 06 Jan 2022 22:59:30 GMT

GET
H2 200 wp-embed.min.js Show response
www.clubpremier.com/wp-includes/js/ 1 KB
901 B 48ms
47ms Script
application/x-javascript 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clubpremier.com/wp-includes/js/wp-embed.min.js

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 340723
vary: Accept-Encoding
content-length: 765
x-xss-protection: 1;mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "592-5b83cfce57d00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/x-javascript
cache-control: public, max-age=31195277
content-security-policy: default-src 'self' *.fontawesome.com *.hotjar.com *.adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com *.cybba.solutions *.cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net *.yimg.com *.crwdcntrl.net *.amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info *.clubpremier.info *.clubpremier.com *.ve.vom *.ve.com *.veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com *.cloudflare.com *.bootstrapcdn.com *.ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net *.amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com *.poder.io *.krxd.net *.facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem *.datatables.net *.angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
accept-ranges: bytes
cf-ray: 6b9920058ab259d7-MXP
expires: Sat, 03 Dec 2022 00:20:47 GMT

GET
H2 200 css2
fonts.googleapis.com/ 15 KB
1 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Mono:wght@400;700&family=Roboto:wght@100;300;400;500;700&display=swap

Requested by

Host: s3media.clubpremier.com
URL: https://s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/css/main.css?sha384-eyWtXN6txQJi/0FErj9k9zQimHVeFEDpqMumSMsynqHLI9qnLIWVLa3oEw7mmkj+

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e9563d1009491605b88a891ee8aea583d2af5342a8240cc5ad10d6e002c043b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/css/main.css?sha384-eyWtXN6txQJi/0FErj9k9zQimHVeFEDpqMumSMsynqHLI9qnLIWVLa3oEw7mmkj+
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 22:59:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Dec 2021 22:59:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Dec 2021 22:59:30 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 25ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: XngrMEOdNVIiS9HYjvtTpBV7Gl1avN+BIAouGdq9n2Uu1QkrPP8QViF2feung/bz9O71cGWkND5ubn3NLOhjLA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 06 Dec 2021 22:59:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 DUNhPfIRKys
www.youtube.com/embed/ Frame 50CF 60 KB
0 82ms
58ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/DUNhPfIRKys?enablejsapi=1&version=3&playerapiid=ytplayer

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Dec 2021 22:59:30 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 374 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04a8622622058fbd3430e352bf4a9e4c53f28a973b7e2553032fe28674e388ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 30ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Mono:wght@400;700&family=Roboto:wght@100;300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.clubpremier.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 05:33:18 GMT
x-content-type-options: nosniff
age: 494772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 05:33:18 GMT

GET
H2 200 fa-solid-900.woff2
s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/webfonts/ 120 KB
121 KB 39ms
38ms Font
binary/octet-stream 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/webfonts/fa-solid-900.woff2

Requested by

Host: s3media.clubpremier.com
URL: https://s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/css/main.css?sha384-eyWtXN6txQJi/0FErj9k9zQimHVeFEDpqMumSMsynqHLI9qnLIWVLa3oEw7mmkj+

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

741ff0931a0d2097b2ecaa880274a38aa7766973adfe2ae84273641783cdce16

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/css/main.css?sha384-eyWtXN6txQJi/0FErj9k9zQimHVeFEDpqMumSMsynqHLI9qnLIWVLa3oEw7mmkj+
Origin: https://www.clubpremier.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 195086
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: TY2T82YV9CMTXJKN
x-amz-id-2: xA5OVjyySnAw6SIcOESWEpm9aK9dLa94bUO0QG4A+eHARif0tFMmWcg+UrWUdsJSpJVeo3n98tQ=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Dec 2021 23:53:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "9da86093a2d65e04263bde02923a502f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
content-length: 123060
cf-ray: 6b992006698f375b-MXP
access-control-allow-headers: cache-control, content-type
expires: Thu, 06 Jan 2022 22:59:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 34ms
11ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Mono:wght@400;700&family=Roboto:wght@100;300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.clubpremier.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:45:42 GMT
x-content-type-options: nosniff
age: 458028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 15:45:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 37ms
14ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Mono:wght@400;700&family=Roboto:wght@100;300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.clubpremier.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 11:22:37 GMT
x-content-type-options: nosniff
age: 473813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 11:22:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 42ms
19ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Mono:wght@400;700&family=Roboto:wght@100;300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.clubpremier.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 20:07:55 GMT
x-content-type-options: nosniff
age: 528695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 20:07:55 GMT

GET
H2 200 fa-brands-400.woff2
s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/webfonts/ 73 KB
73 KB 42ms
42ms Font
binary/octet-stream 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/webfonts/fa-brands-400.woff2

Requested by

Host: s3media.clubpremier.com
URL: https://s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/css/main.css?sha384-eyWtXN6txQJi/0FErj9k9zQimHVeFEDpqMumSMsynqHLI9qnLIWVLa3oEw7mmkj+

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

433d970f04c9cfdfe1eef18106807714cffa2ec96651af41c1be35d00a87bc1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/css/main.css?sha384-eyWtXN6txQJi/0FErj9k9zQimHVeFEDpqMumSMsynqHLI9qnLIWVLa3oEw7mmkj+
Origin: https://www.clubpremier.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 195086
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: TY2PW35B8DNVMQDJ
x-amz-id-2: 4taKAntuBo+KTGbylDJTd7JfrgPyzWcPn1Yg6SXMRCo5j0Us3I09jKHOddpAysKAKrI9sr8fM+Y=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Dec 2021 23:53:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "c658415c34d6c562735029d37053bf8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
content-length: 74652
cf-ray: 6b9920066990375b-MXP
access-control-allow-headers: cache-control, content-type
expires: Thu, 06 Jan 2022 22:59:30 GMT

GET
H3 200 DUNhPfIRKys Show response
www.youtube.com/embed/ Frame 50CF 60 KB
24 KB 74ms
59ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/DUNhPfIRKys?enablejsapi=1&version=3&playerapiid=ytplayer

Requested by

Host: s3media.clubpremier.com
URL: https://s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/js/vendor.js?sha384-s1Weu2H8g5AU1ZgIG5yl1w3Ewk/bzJhFM8609zY7lCYuGX6U7uZW++/Bz6KKeJIM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f0e5c35d80dd65aaae9e794083a033305d3624c5bb2d58ee93b60e47ceb1fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Dec 2021 22:59:31 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-encoding: br
server: ESF
x-xss-protection: 0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fa-light-300.woff2
s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/webfonts/ 161 KB
161 KB 34ms
33ms Font
binary/octet-stream 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/webfonts/fa-light-300.woff2

Requested by

Host: s3media.clubpremier.com
URL: https://s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/css/main.css?sha384-eyWtXN6txQJi/0FErj9k9zQimHVeFEDpqMumSMsynqHLI9qnLIWVLa3oEw7mmkj+

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f9936bcdcd5fd28c0f811afc230ba3c0253ba00284673299475e3c8aa43309f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/css/main.css?sha384-eyWtXN6txQJi/0FErj9k9zQimHVeFEDpqMumSMsynqHLI9qnLIWVLa3oEw7mmkj+
Origin: https://www.clubpremier.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 195086
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: K4XXBXP6BV51568P
x-amz-id-2: NmDiiu8tY4mUpqNgWd5cQPLIs2PL1Dmb4Lah2ue1fox7O7cX8lcU7xJ49dSZ6pzJKID8jmOULZQ=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Dec 2021 23:53:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d2347916288965e5c93e098a74c839b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
content-length: 164968
cf-ray: 6b992007ac05375b-MXP
access-control-allow-headers: cache-control, content-type
expires: Thu, 06 Jan 2022 22:59:31 GMT

POST
H2 404 winners Show response
www.clubpremier.com/mx/toma-todo/undefined/santander/toma-todo/ 5 KB
3 KB 643ms
643ms XHR
text/html 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clubpremier.com/mx/toma-todo/undefined/santander/toma-todo/winners

Requested by

Host: s3media.clubpremier.com
URL: https://s3media.clubpremier.com/clubpremierstyleguide/cpstyleguide/js/vendor.js?sha384-s1Weu2H8g5AU1ZgIG5yl1w3Ewk/bzJhFM8609zY7lCYuGX6U7uZW++/Bz6KKeJIM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.22

Resource Hash

64863c4f2958105506884043a128daeda2a748da8b370ecfac0eb96b263353c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept: application/json
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: PHP/7.4.22
x-xss-protection: 1;mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/html; charset=UTF-8
content-security-policy: default-src 'self' *.fontawesome.com *.hotjar.com *.adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com *.cybba.solutions *.cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net *.yimg.com *.crwdcntrl.net *.amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info *.clubpremier.info *.clubpremier.com *.ve.vom *.ve.com *.veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com *.cloudflare.com *.bootstrapcdn.com *.ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net *.amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com *.poder.io *.krxd.net *.facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem *.datatables.net *.angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
cf-ray: 6b992007b88359d7-MXP
link: <https://www.clubpremier.com/mx/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
60 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B7583M6EK7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W56R6Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

86ec75c04b47dc8fa44ee976e8746cca3bb428a2152b5c9bd430f9fd04c3d0cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61856
x-xss-protection: 0
expires: Mon, 06 Dec 2021 22:59:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W56R6Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 7104
date: Mon, 06 Dec 2021 21:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 06 Dec 2021 23:01:07 GMT

GET conversion_async.js
www.googleadservices.com/pagead/ 0
0

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 79 KB
28 KB 101ms
35ms Script
application/x-javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:31 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:57:08 GMT
server: nginx
etag: W/"613888f4-13bd1"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET optimize.js
www.googleoptimize.com/ 0
0

GET seg
secure.adnxs.com/ 0
0

GET
H3 200 1894296550831305 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 64ms
55ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1894296550831305?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3c317a6aa32c23b16ce96353a8537f47b0ae5b877fc56f4c6cb303c4da8e2e41

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: CxW40jAXDnRuJgDvD/uzDaOoedLJW6IMGmSQduOML3RkhzXMi+eTWJ9KtHqSM5FaJnxLj2jYcdFWANPgidgSJg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 06 Dec 2021 22:59:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 iframe_api Show response
www.youtube.com/ 980 B
513 B 45ms
45ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W56R6Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfb416f542c3ed137ea4e44f1bf97101652d271887060f5d971bdfedd20aadda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires: Mon, 06 Dec 2021 22:59:31 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/8040e515/ Frame 50CF 336 KB
46 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8040e515/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DUNhPfIRKys?enablejsapi=1&version=3&playerapiid=ytplayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d98637a1c12b32b467e6238367e35c66a1af6ee1d7cf1ec86fa8762b5e613fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/DUNhPfIRKys?enablejsapi=1&version=3&playerapiid=ytplayer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 01:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 163693
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47245
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 00:07:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 05 Dec 2022 01:31:18 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/8040e515/www-embed-player.vflset/ Frame 50CF 217 KB
71 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8040e515/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DUNhPfIRKys?enablejsapi=1&version=3&playerapiid=ytplayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74bd1062da373eabae4c6bb2e0da3831272ca2b25ac3a19649b65dd188bd5fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/DUNhPfIRKys?enablejsapi=1&version=3&playerapiid=ytplayer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 11:24:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41696
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72751
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 00:07:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Dec 2022 11:24:35 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/ Frame 50CF 2 MB
524 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DUNhPfIRKys?enablejsapi=1&version=3&playerapiid=ytplayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bd4a9f952e5929601bd170da52e68f0e6313e954091cd5a87c10fdda17979e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/DUNhPfIRKys?enablejsapi=1&version=3&playerapiid=ytplayer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 01:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 163697
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 535989
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 00:07:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 05 Dec 2022 01:31:14 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/8040e515/fetch-polyfill.vflset/ Frame 50CF 8 KB
3 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8040e515/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DUNhPfIRKys?enablejsapi=1&version=3&playerapiid=ytplayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/DUNhPfIRKys?enablejsapi=1&version=3&playerapiid=ytplayer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 21:40:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4735
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 00:07:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Dec 2022 21:40:36 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 30ms
13ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-B7583M6EK7&gtm=2oec10&_p=1742095046&sr=1600x1200&ul=en-us&cid=422585125.1638831571&_s=1&dl=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&dt=Toma%20Todo%20%7C%20Club%20Premier&sid=1638831571&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B7583M6EK7&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.clubpremier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 50CF 15 KB
15 KB 24ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DUNhPfIRKys?enablejsapi=1&version=3&playerapiid=ytplayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 11:18:05 GMT
x-content-type-options: nosniff
age: 560486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 11:18:05 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1742095046&t=pageview&_s=1&dl=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&ul=en-us&de=UTF-8&dt=Toma%20Todo%20%7C%20Club%20Premier&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=1486213391&gjid=2011399215&cid=422585125.1638831571&tid=UA-42285521-1&_gid=922231731.1638831571&_r=1&gtm=2wgc10W56R6Q&z=1187943598

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.clubpremier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1742095046&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&ul=en-us&de=UTF-8&dt=Toma%20Todo%20%7C%20Club%20Premier&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=SAS%20360&ea=Set%20dimension%2020&el=segmentacion_ci360&_u=YADAAAABAAAAAC~&jid=1982022375&gjid=1419599215&cid=422585125.1638831571&tid=UA-42285521-1&_gid=455018901.1638831571&_r=1&gtm=2wgc10W56R6Q&cd20=segmentacion_ci360&z=183871905

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.clubpremier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-641009633

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN68QHM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ec00e8a8a10bd441d162d91b5187f2bc3d3bd6bc9091e0a48a8c1c882ec9852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39596
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Dec 2021 22:59:31 GMT

GET
H2 200 var=ccauds Show response
ad.crwdcntrl.net/5/c=11783/pe=y/ 70 B
306 B 115ms
31ms Script
application/javascript 52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=11783/pe=y/var=ccauds
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN68QHM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8c3b4dc6462c11e820587fef21d3425d418b380ef8654185b31e61ac840bca21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:31 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.26.132
content-type: application/javascript;charset=utf-8
content-length: 70
expires: 0

GET
H2 200 ot-all.min.js Show response
execution-ci360.clubpremier.com/js/ 21 KB
9 KB 153ms
12ms Script
application/javascript 2600:9000:206f:f600:7:ea02:ad80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-ci360.clubpremier.com/js/ot-all.min.js
Requested by: Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f600:7:ea02:ad80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 78c86efc2099928e8d64991ee31c352c0c8155737d2d3fbc86d81242facfe441

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:54:14 GMT
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
age: 317
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
cache-control: max-age=1800
content-disposition: inline;filename=f.txt
x-amz-cf-pop: FRA56-C1
content-encoding: gzip
x-amz-cf-id: mArrOvAtzbHQnI5dkDIhwWvIcDzAZKZ-3POF-louhOBzUvd0IIa-WQ==

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/11784/ 44 KB
14 KB 37ms
9ms Script
text/javascript 65.9.68.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/11784/lt.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN68QHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 778a25df4bf3f56b246b91649c40d3783b7c1fe0486a99ea4b5f10981053b79d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 06 Dec 2021 17:18:17 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 19:37:02 GMT
server: AmazonS3
age: 20475
etag: W/"11d1b872e64301d78e8255a4c4e69ebc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: -JT1VZv-rK5c69ZJofiKijeTLoWVTmyatgBvbpSFFOCDD3VP1F08jA==

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2358553&ADFPageName=www.clubpremier.com%7C%2Fmx%2Ftoma-todo%2F%7Chttps%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_med...
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2358553&ADFPageName=www.clubpremier.com%7C%2Fmx%2Ftoma-todo%2F%7Chttps%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26ut...

963 B
1 KB

273ms
272ms

Script
text/javascript

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2358553&ADFPageName=www.clubpremier.com%7C%2Fmx%2Ftoma-todo%2F%7Chttps%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&ADFdivider=%7C&ord=598786562045&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

de5ff26ce7af2425a2f936bed87f485b2adeee2894b9c17da6c7c2f1f545ea48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:31 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 750
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:31 GMT
server: nginx
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2358553&ADFPageName=www.clubpremier.com%7C%2Fmx%2Ftoma-todo%2F%7Chttps%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&ADFdivider=%7C&ord=598786562045&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-42285521-1&cid=422585125.1638831571&jid=1486213391&gjid=2011399215&_gid=922231731.1638831571&_u=YADAAAAAAAAAAC~&z=1358924542

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 06 Dec 2021 22:59:31 GMT
content-type: text/plain
access-control-allow-origin: https://www.clubpremier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 58ms
20ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-42285521-1&cid=422585125.1638831571&jid=1982022375&gjid=1419599215&_gid=455018901.1638831571&_u=YADAAAABAAAAAC~&z=1925215904

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 06 Dec 2021 22:59:31 GMT
content-type: text/plain
access-control-allow-origin: https://www.clubpremier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/8040e515/www-widgetapi.vflset/ 148 KB
48 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8040e515/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28a367ad31b0c6d2f4f3811be3a1b0f222edf79f01e4908a92dd0cac1ce781b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 18:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49081
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 00:07:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Dec 2022 18:24:33 GMT

GET
H3 200 906484853467925 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/906484853467925?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83fa970421b449d9c555dc25c337c2cb61448fa70c45a2c12e8d47b6f2731b31

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89192
x-xss-protection: 0
pragma: public
x-fb-debug: MLbCL3PbJeLD3a1DqRHrdK2gVc1KwqBh4YuAzAA3oVUy0bPT1VlqoMaklOc2FbfH9nuS0GhZip5h7DtSBazEBQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 06 Dec 2021 22:59:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 22ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1894296550831305&ev=PageView&dl=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&rl=&if=false&ts=1638831571395&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638831571394.249747698&it=1638831571267&coo=false&rqm=GET

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 06 Dec 2021 22:59:31 GMT

GET conversion_async.js
www.googleadservices.com/pagead/ 0
0

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 50CF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

30ms
15ms

XHR
application/json

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DUNhPfIRKys?enablejsapi=1&version=3&playerapiid=ytplayer

Protocol

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f2f0d3d647c005be623017f74bd10a7f1e76e80bfa3930d50cec19db07d1965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 06 Dec 2021 22:59:31 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 50CF 29 B
588 B 31ms
6ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:50:27 GMT
x-content-type-options: nosniff
age: 544
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Dec 2021 23:05:27 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 42ms
19ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42285521-1&cid=422585125.1638831571&jid=1486213391&_u=YADAAAAAAAAAAC~&z=278932847

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 41ms
18ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42285521-1&cid=422585125.1638831571&jid=1982022375&_u=YADAAAABAAAAAC~&z=1630808974

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 53ms
17ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Origin: https://www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.youtube.com
vary: origin referer x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 06 Dec 2021 22:59:31 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 50CF 43 KB
20 KB 43ms
28ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b697cec7e8a3c402de9e16bfb94405210949c450d18d657f27c4f03d19a915fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 06 Dec 2021 22:59:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 20950
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/ Frame 50CF 94 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c3adb86cfa340f1bc98bc36d09dd5d1aad7590641f4fcf893328d1e9da6b7f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/DUNhPfIRKys?enablejsapi=1&version=3&playerapiid=ytplayer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 01:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 163697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29853
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 00:07:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 05 Dec 2022 01:31:14 GMT

GET
H2 200 X91DEWQIO8k93DoQiyzxLpOdvXUBhBD4UdpkLUEPiVw.js Show response
www.google.com/js/th/ Frame 50CF 35 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/X91DEWQIO8k93DoQiyzxLpOdvXUBhBD4UdpkLUEPiVw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fdd431164083bc93ddc3a108b2cf12e939dbd75018410f851da642d410f895c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 06:07:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 492702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13448
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 17:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Dec 2022 06:07:49 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/ Frame 50CF 24 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3697e3d917558effa3f5954febde4851eaedce36c31ba854ef067187c875829e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/DUNhPfIRKys?enablejsapi=1&version=3&playerapiid=ytplayer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 01:31:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 163689
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 00:07:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 05 Dec 2022 01:31:22 GMT

GET
H3 200 114029469923923 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 11ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/114029469923923?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c165db5d5b3265804c6c2569ef2c5dce4ab2697759fdbd9c5363e457688be329

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89294
x-xss-protection: 0
pragma: public
x-fb-debug: yXKo/W7Uvt7J+v5EN6rkGdcateDTPk1IyCzYyHK1yr2DJNEKSZhsyvmkData+m5MTwXTNFVyj538Pea+QTnYkw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 06 Dec 2021 22:59:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 18ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=906484853467925&ev=PageView&dl=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&rl=&if=false&ts=1638831571517&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22500089607718465%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22vehicle%22%2C%22offers%22%3A%7B%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22387960195992653%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%2C%22productID%22%3A%22Toma%20todas%20las%20piezas%20y%20arma%20un%20incre%C3%ADble%20premio%22%7D%7D&fbp=fb.1.1638831571394.249747698&it=1638831571267&coo=false&rqm=GET

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 06 Dec 2021 22:59:31 GMT

GET
DATA 200
OK truncated
/ Frame 50CF 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLSicDrPnGr9LFGi6bq7gOX0i7t0EPMCvHJJoJv1=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 50CF 2 KB
2 KB 46ms
21ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLSicDrPnGr9LFGi6bq7gOX0i7t0EPMCvHJJoJv1=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DUNhPfIRKys?enablejsapi=1&version=3&playerapiid=ytplayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6301d9d3aa8e61f7fff08b41f5556a2eaa7527acb56fc6d0a7d9e420950edfa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:31 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2131
x-xss-protection: 0
server: fife
etag: "v7e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 28 Nov 2021 23:05:36 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/DUNhPfIRKys/ Frame 50CF 14 KB
15 KB 150ms
127ms Image
image/webp 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/DUNhPfIRKys/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DUNhPfIRKys?enablejsapi=1&version=3&playerapiid=ytplayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e6f9f84c3ccb53a351ab7184ecb9a3ed9cf0ca5e713ace4deca2d7a9e7e4c58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:31 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14586
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Dec 2021 00:59:31 GMT

GET conversion_async.js
www.googleadservices.com/pagead/ 0
0

GET
H2 200 ot-min.js Show response
execution-ci360.clubpremier.com/js/ 172 KB
41 KB 22ms
22ms Script
application/javascript 2600:9000:206f:f600:7:ea02:ad80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-ci360.clubpremier.com/js/ot-min.js
Requested by: Host: execution-ci360.clubpremier.com
URL: https://execution-ci360.clubpremier.com/js/ot-all.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f600:7:ea02:ad80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 014752d6726385251808c831b4f036922cff2d0e03b9fc870e977ca728c1739e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:31:13 GMT
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
age: 1698
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
cache-control: max-age=1800
content-disposition: inline;filename=f.txt
x-amz-cf-pop: FRA56-C1
content-encoding: gzip
x-amz-cf-id: qLzU0F2UfTV-omk49C_InGFJ6YqJdtOZ-B6zAZ8B9QIwN6ZrAWQ0WQ==

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=114029469923923&ev=PageView&dl=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&rl=&if=false&ts=1638831571578&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22330206698479246%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22538168760874317%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22MXN%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22506204897169702%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22vehicle%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22317796106556991%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%22404185380807896%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%2C%22productID%22%3A%22Toma%20todas%20las%20piezas%20y%20arma%20un%20incre%C3%ADble%20premio%22%7D%7D&par[5]=%7B%22extractorID%22%3A%222812627125665478%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%2C%22productID%22%3A%22Toma%20todas%20las%20piezas%20y%20arma%20un%20incre%C3%ADble%20premio%22%7D%7D&fbp=fb.1.1638831571394.249747698&it=1638831571267&coo=false&rqm=GET

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 06 Dec 2021 22:59:31 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 50CF 4 KB
3 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Dec 2021 22:59:31 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 50CF 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?rKAMJg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/DUNhPfIRKys?enablejsapi=1&version=3&playerapiid=ytplayer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/DUNhPfIRKys?enablejsapi=1&version=3&playerapiid=ytplayer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 1638831571565 Show response
execution-ci360.clubpremier.com/t/s/c/cc4298b0a100010453d287a0/ 55 KB
13 KB 126ms
125ms Script
application/javascript 2600:9000:206f:f600:7:ea02:ad80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-ci360.clubpremier.com/t/s/c/cc4298b0a100010453d287a0/1638831571565?version=1.1.0&domain=www.clubpremier.com&p=%2Fmx%2Ftoma-todo%2F&params=utm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&page_title=Toma%20Todo%20%7C%20Club%20Premier&referrer=&uri=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&requestedfile=%2Fmx%2Ftoma-todo%2F&cts=1638831571565&tzo=0&platform=Linux%20x86_64&port=&protocol=https&flash_enabled=false&flash_version=&java_enabled=false&java_version=&screen_info=1600x1200@24&browser_language=en-US&character_set=UTF-8&csz=229491&bsz=1600x1200&tab_id=646872512348
Requested by: Host: execution-ci360.clubpremier.com
URL: https://execution-ci360.clubpremier.com/js/ot-all.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f600:7:ea02:ad80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 522e20c4f9c615c2766aa6f7816cd4cd3b7383b13bd6fa143ae7ae689e111d64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:31 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
x-amz-cf-id: V0YA2vsXHeCfwvCeyDl2v09Va4DZkxzV4P4-eO0tAHK4HybKPK2rug==
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/96/ Frame 50CF 52 KB
15 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/96/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 15:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15236
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 15:10:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Tue, 07 Dec 2021 15:16:25 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 50CF 98 B
142 B 20ms
20ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f9c823e79b1c3472f22158c36433e528dd0c4df29d803633d9bbe35774f4621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 06 Dec 2021 22:59:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 16ms
15ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Origin: https://www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.youtube.com
vary: origin referer x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 06 Dec 2021 22:59:31 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cc4298b0a100010453d287a0 Show response
execution-ci360.clubpremier.com/t/s/p/ 3 KB
2 KB 106ms
105ms Script
application/javascript 2600:9000:206f:f600:7:ea02:ad80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-ci360.clubpremier.com/t/s/p/cc4298b0a100010453d287a0?version=1.1.0&domain=www.clubpremier.com&p=%2Fmx%2Ftoma-todo%2F&params=utm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&page_title=Toma%20Todo%20%7C%20Club%20Premier&referrer=&uri=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&requestedfile=%2Fmx%2Ftoma-todo%2F&platform=Linux%20x86_64&port=&protocol=https&browser_language=en-US&character_set=UTF-8
Requested by: Host: execution-ci360.clubpremier.com
URL: https://execution-ci360.clubpremier.com/js/ot-all.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f600:7:ea02:ad80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0ec46ce16730da5f1c8e534828ba91cfaba17e131b7497e36f853553fc2e2179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:31 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
x-amz-cf-id: hNm9T1lJ3uHZTitY2blakM4mBOIG0_02kLldDhRc1pBA9mlaxtbudQ==
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 4760 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.clubpremier.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Response headers

content-type: text/plain
access-control-allow-origin: https://www.clubpremier.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Mon, 06 Dec 2021 22:59:31 GMT

POST
H2 200 cc4298b0a100010453d287a0 Show response
execution-ci360.clubpremier.com/t/e/ 2 B
1 KB 275ms
275ms XHR
text/plain 2600:9000:206f:f600:7:ea02:ad80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-ci360.clubpremier.com/t/e/cc4298b0a100010453d287a0
Requested by: Host: execution-ci360.clubpremier.com
URL: https://execution-ci360.clubpremier.com/js/ot-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f600:7:ea02:ad80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 06 Dec 2021 22:59:32 GMT
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.clubpremier.com
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
content-length: 2
x-amz-cf-id: JF5ULIZZtwd1f3dtk8H__6F-rg0EThtWtYZgNp1Hrvx89i5pbagJvA==

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 26BF 5 KB
2 KB 90ms
22ms Document
text/html 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=2358553&ADFPageName=www.clubpremier.com%7C%2Fmx%2Ftoma-todo%2F%7Chttps%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&ADFdivider=%7C&ord=598786562045&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f9b0123f24b1276cfc414dd01d9394593ec3b2ae6b197f84421d6777f7b01c5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Response headers

server: nginx
date: Mon, 06 Dec 2021 22:59:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

GET /
a1.seadform.net/serving/cookie/sync/ 0
0

GET
H2 200 ot-api.min.js Show response
execution-ci360.clubpremier.com/js/ 65 KB
20 KB 19ms
19ms Script
application/javascript 2600:9000:206f:f600:7:ea02:ad80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-ci360.clubpremier.com/js/ot-api.min.js
Requested by: Host: execution-ci360.clubpremier.com
URL: https://execution-ci360.clubpremier.com/js/ot-all.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f600:7:ea02:ad80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 01a31bb48cf4958d49acc5aa9c622d2c95aaa9d1793f8fff9f2042c233f35b56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:31:17 GMT
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
age: 1695
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
cache-control: max-age=1800
content-disposition: inline;filename=f.txt
x-amz-cf-pop: FRA56-C1
content-encoding: gzip
x-amz-cf-id: lZDc60xaUY2LpBjaCJlvb-m1rp9FwKwgJLOJWaxdqRJIOJwrIjqeCw==

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 6A41 0
15 B 9ms
8ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.clubpremier.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Response headers

content-type: text/plain
access-control-allow-origin: https://www.clubpremier.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Mon, 06 Dec 2021 22:59:32 GMT

GET
H2 200 cc4298b0a100010453d287a0 Show response
execution-ci360.clubpremier.com/t/s/c/ 336 B
1 KB 291ms
290ms XHR
application/json 2600:9000:206f:f600:7:ea02:ad80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-ci360.clubpremier.com/t/s/c/cc4298b0a100010453d287a0?domain=www.clubpremier.com&vid=3fc437ce162f204ec1a5d063&sid=36bc56d938800121bc251772&hb=13&loadId=9a3c80526ede5c528b0313bc&p=%2Fmx%2Ftoma-todo%2F&params=utm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&page_title=Toma%20Todo%20%7C%20Club%20Premier&referrer=&uri=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&cts=1638831572040&tzo=0&platform=Linux%20x86_64&port=&protocol=https&screen_info=1600x1200@24&browser_language=en-US&character_set=UTF-8&csz=232566&bsz=1600x1200&tab_id=646872512348&java_enabled=false&flash_enabled=false
Requested by: Host: execution-ci360.clubpremier.com
URL: https://execution-ci360.clubpremier.com/js/ot-api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f600:7:ea02:ad80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8875c5427885e3f2df8a7a6d71bac1ce8e72b04a36283405c6ac15b14d79324c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:32 GMT
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.clubpremier.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
content-length: 336
x-amz-cf-id: 3nf5tiJrZjsaV3eTvaJsO5LqtJkTaH8brIew1mfyJBRu6O4fTQet1Q==

GET
H2 200 plf
c1.adform.net/imatch/ Frame 26BF 0
261 B 22ms
21ms Image
text/plain 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:32 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 26BF
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=5404479822701235357&Expiration=1640041172
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5404479822701235357&Expiration=1640041172

43 B
422 B

33ms
33ms

Image
image/gif

54.217.249.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5404479822701235357&Expiration=1640041172
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: H2
Server: 54.217.249.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-249-13.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 06 Dec 2021 22:59:32 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5404479822701235357&Expiration=1640041172
date: Mon, 06 Dec 2021 22:59:32 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 26BF 0
522 B 99ms
46ms Image
text/plain 104.111.218.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=5404479822701235357

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Dec 2021 22:59:32 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 05 Dec 2021 22:59:32 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 26BF 0
214 B 40ms
9ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5253&puid=5404479822701235357
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 26BF
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5404479822701235357&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5404479822701235357&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=aad55974d00a47a5b...
https://c1.adform.net/serving/cookie/match?party=9&uid=0c09e67edf4732a6e228e30136b1105e1dbf73589d5e791a8f984665bbc2ce33

35 B
468 B

22ms
22ms

Image
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=0c09e67edf4732a6e228e30136b1105e1dbf73589d5e791a8f984665bbc2ce33

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380

Protocol

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=0c09e67edf4732a6e228e30136b1105e1dbf73589d5e791a8f984665bbc2ce33
date: Mon, 06 Dec 2021 22:59:32 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 26BF 43 B
163 B 94ms
24ms Image
image/gif 185.86.138.142
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=5404479822701235357&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:31 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame 26BF
Redirect Chain

https://pixel.advertising.com/ups/55944/sync?uid=5404479822701235357&_origin=1
https://pixel.advertising.com/ups/55944/sync?uid=5404479822701235357&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55944/sync?uid=5404479822701235357&_origin=1&apid=UP2c894eb0-56e8-11ec-a9b7-0633aa71edb2
https://ups.analytics.yahoo.com/ups/55944/sync?uid=5404479822701235357&_origin=1&apid=UP2c894eb0-56e8-11ec-a9b7-0633aa71edb2&verify=true

0
331 B

10ms
10ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=5404479822701235357&_origin=1&apid=UP2c894eb0-56e8-11ec-a9b7-0633aa71edb2&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:32 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=5404479822701235357&_origin=1&apid=UP2c894eb0-56e8-11ec-a9b7-0633aa71edb2&verify=true
date: Mon, 06 Dec 2021 22:59:32 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 26BF 43 B
713 B 111ms
30ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=5404479822701235357
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Dec 2021 22:59:32 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1638831572208078-402
Expires: Mon, 06 Dec 2021 22:59:32 GMT

GET
H2

200

RX-f8cad750-1e47-455a-96a3-f2f951e3eb71-003
sync.targeting.unrulymedia.com/csync/ Frame 26BF
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=5404479822701235357
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=5404479822701235357
https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/9a7602f7-4fa0-456a-8db7-791bd5b32fd1?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/9a7602f7-4fa0-456a-8db7-791bd5b32fd1?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/9a7602f7-4fa0-456a-8db7-791bd5b32fd1?zcc=1&dspret=0&cb=1638831572232
https://sync.targeting.unrulymedia.com/csync/RX-f8cad750-1e47-455a-96a3-f2f951e3eb71-003

43 B
395 B

22ms
13ms

Image
image/gif

213.19.147.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-f8cad750-1e47-455a-96a3-f2f951e3eb71-003
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: H2
Server: 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:32 GMT
server: Tengine
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-f8cad750-1e47-455a-96a3-f2f951e3eb71-003
pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
cache-control: no-store, no-cache, must-revalidate
server: Tengine
content-type: text/html
expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 26BF
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5404479822701235357&expiration=1640041172
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5404479822701235357&expiration=1640041172&C=1

43 B
1006 B

31ms
31ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5404479822701235357&expiration=1640041172&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Dec 2021 22:59:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 06 Dec 2021 22:59:32 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 06 Dec 2021 22:59:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5404479822701235357&expiration=1640041172&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 309
Expires: Mon, 06 Dec 2021 22:59:32 GMT

GET
H/1.1

200
OK

info
uipglob.semasio.net/tradedesk/1/ Frame 26BF
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=5404479822701235357&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=5404479822701235357&sInitiator=external
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=e82961ae-95d4-4100-a83b-2de6e9bfa3d5&sInitiator=internal&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=b57c236f-377c-4b5c-b93e-cb0e19bcca4d

42 B
603 B

33ms
33ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=b57c236f-377c-4b5c-b93e-cb0e19bcca4d
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: HTTP/1.1
Server: 77.243.60.138 Ballerup Municipality, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
frontend-id: 5
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=b57c236f-377c-4b5c-b93e-cb0e19bcca4d
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame 26BF
Redirect Chain

https://ps.eyeota.net/match?uid=5404479822701235357&bid=9gdtmu1
https://ps.eyeota.net/match/bounce/?uid=5404479822701235357&bid=9gdtmu1

70 B
440 B

8ms
8ms

Image
image/gif

3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=5404479822701235357&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: HTTP/1.1
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 22:59:32 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=5404479822701235357&bid=9gdtmu1
Date: Mon, 06 Dec 2021 22:59:32 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 26BF
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5404479822701235357
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5404479822701235357&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
336 B

70ms
25ms

Image
image/gif

2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: H2
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-nzt: AcO1rzXDzfP/AXIEAA==
x-accel-expires: @1639577043
date: Mon, 06 Dec 2021 22:59:32 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: ErZbZJCJk9g=
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 291329
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Mon, 06 Dec 2021 22:59:32 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 400 398366.gif
idsync.rlcdn.com/ Frame 26BF 0
0 41ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=5404479822701235357
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2

200

tpid=5404479822701235357
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/ Frame 26BF
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5404479822701235357
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5404479822701235357

49 B
736 B

41ms
41ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5404479822701235357
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: H2
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.11.142
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5404479822701235357
cache-control: no-cache
x-server: 10.45.26.170
content-length: 0
expires: 0

GET
H/1.1 200
OK 29729
tags.bluekai.com/site/ Frame 26BF 62 B
304 B 224ms
163ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=5404479822701235357
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 22:59:32 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 26BF 43 B
275 B 38ms
16ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5404479822701235357
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
via: 1.1 google
server: OXGW/16.221.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 26BF
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

139ms
41ms

Image
image/gif

52.218.98.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: HTTP/1.1
Server: 52.218.98.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 22:59:33 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: P5SY6CG37J5ZW9YD
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: jBiTaGZ1meptPK3Sye3L/MxvTrrbw1oV+dxskXAuhnEvcbajD9oNFDcV8A2webHaaPm6LfMBq0U=

Redirect headers

X-Error-Reason: Missing UserId
Date: Mon, 06 Dec 2021 22:59:31 GMT
Server: akka-http/10.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 137

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame 26BF 35 B
247 B 57ms
15ms Image
image/gif 51.210.112.236
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?mapped=5404479822701235357&partner=68
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.112.236 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-1.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H/1.1

403
Forbidden

/
cm.smartstream.tv/ Frame 26BF
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=5404479822701235357
https://tags.adsafety.net/v1/cm?cm_uid=CM12021120622ee22db733db07055a9e&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=c123640d253a1eb75b24b34d3bc2b388
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12021120622ee22db733db07055a9e&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=c123640d253a1eb75b24b34d3bc2b388&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMTEyMDYyMmVlMjJkYjczM2RiMDcwNTVhOWU
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEIfgidRHKwyGDf4jtPigM2E&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12021120622ee22db733db07055a9e
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=5404479822701235357
https://dsp.adfarm1.adition.com/cookie/?ssp=6
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7038728005402622095

0
0

34ms
7ms

Image
text/html

85.90.245.27
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7038728005402622095
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: HTTP/1.1
Server: 85.90.245.27 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1428-27.members.linode.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

Location: https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7038728005402622095
Date: Mon, 06 Dec 2021 22:59:32 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 26BF 0
338 B 104ms
30ms Image
text/plain 52.30.98.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=5404479822701235357
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.98.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-98-117.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:32 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1638831572
x-served-by: beacon-n001-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 26BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTQwNDQ3OTgyMjcwMTIzNTM1Nw
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=NTQwNDQ3OTgyMjcwMTIzNTM1Nw&google_tc=
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAnV6OOkx06wdZ3byaEtrIo&google_cver=1&google_ula=1641347,0

35 B
468 B

22ms
21ms

Image
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAnV6OOkx06wdZ3byaEtrIo&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380

Protocol

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAnV6OOkx06wdZ3byaEtrIo&google_cver=1&google_ula=1641347,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 26BF 0
261 B 24ms
21ms Image
text/plain 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:32 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame 26BF
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=9094245443045402010&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=5404479822701235357

43 B
994 B

20ms
20ms

Image
image/gif

37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=5404479822701235357

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380

Protocol

HTTP/1.1

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Dec 2021 22:59:32 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f9637d6a-9ee4-4902-ba96-b06d86cb1c9b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
server: nginx
location: https://secure.adnxs.com/setuid?entity=91&code=5404479822701235357
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 26BF 42 B
544 B 79ms
19ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5404479822701235357
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:32 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug004:0:483
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 26BF 43 B
444 B 47ms
9ms Image
image/gif 65.9.68.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-72.fra56.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 07:49:37 GMT
Via: 1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.18.0
Age: 54595
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C1
Content-Length: 43
X-Amz-Cf-Id: IJgLEfBiinhBU_LdgHvagB-RZvCo8dssZYVv5jewNZeV_tHuSxlmJg==

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 26BF
Redirect Chain

https://a.audrte.com/a?adform_uid=5404479822701235357
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEJixIzpkFsQYf1AoQ2VCXCg&google_cver=1
https://ps.eyeota.net/match?bid=kh51m51&uid=ig3-SRoHm8iSrmRyp5j-xt0OA&gdpr=0&gdpr_consent=

70 B
440 B

102ms
102ms

Image
image/gif

3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=kh51m51&uid=ig3-SRoHm8iSrmRyp5j-xt0OA&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: HTTP/1.1
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 22:59:32 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Mon, 06 Dec 2021 22:59:32 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://ps.eyeota.net/match?bid=kh51m51&uid=ig3-SRoHm8iSrmRyp5j-xt0OA&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 26BF
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=5404479822701235357&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=5404479822701235357&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=08907420839677329792983669137149364687&noredirect=1

35 B
468 B

21ms
21ms

Image
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=08907420839677329792983669137149364687&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380

Protocol

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-2-v020-0e0e67b8c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: lrzaAYe5S+A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=08907420839677329792983669137149364687&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 26BF
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=5404479822701235357
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164860203992000545728

35 B
477 B

22ms
21ms

Image
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164860203992000545728

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380

Protocol

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164860203992000545728
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 26BF
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7038728005402622095

35 B
468 B

22ms
21ms

Image
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7038728005402622095

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380

Protocol

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7038728005402622095
Date: Mon, 06 Dec 2021 22:59:32 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK 33302
tags.bluekai.com/site/ Frame 26BF 62 B
725 B 211ms
176ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=5404479822701235357
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 22:59:32 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 2c47
Content-Type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 26BF
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=e82961ae-95d4-4100-a83b-2de6e9bfa3d5

35 B
468 B

21ms
21ms

Image
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=e82961ae-95d4-4100-a83b-2de6e9bfa3d5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380

Protocol

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Mon, 06 Dec 2021 22:59:32 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x26 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=e82961ae-95d4-4100-a83b-2de6e9bfa3d5
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Mon, 06 Dec 2021 22:59:31 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 26BF
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=mu27Je2X1MUmXi5

35 B
468 B

22ms
22ms

Image
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=mu27Je2X1MUmXi5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380

Protocol

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Mon, 06 Dec 2021 22:59:32 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-02cbf440f9d738c39@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=mu27Je2X1MUmXi5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 26BF
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=84394e9d-5aa2-4f6c-9018-5c0989a46e0f

35 B
468 B

21ms
21ms

Image
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=84394e9d-5aa2-4f6c-9018-5c0989a46e0f

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380

Protocol

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=84394e9d-5aa2-4f6c-9018-5c0989a46e0f
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 225

GET image.sbmx
global.ib-ibi.com/ Frame 26BF 0
0

GET
H/1.1

200

1.gif
id5-sync.com/c/10/10/2/ Frame 26BF
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=5404479822701235357
https://id5-sync.com/c/10/10/2/1.gif?puid=5404479822701235357&gdpr=1&gdpr_consent=

43 B
1009 B

8ms
8ms

Image
image/gif

51.195.5.38
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/10/10/2/1.gif?puid=5404479822701235357&gdpr=1&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380

Protocol

HTTP/1.1

Server

51.195.5.38 , France, ASN16276 (OVH, FR),

Reverse DNS

p16.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 22:59:21 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/10/10/2/1.gif?puid=5404479822701235357&gdpr=1&gdpr_consent=
Date: Mon, 06 Dec 2021 22:59:21 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 26BF
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1819680647
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=CP1hsykFWmSXsyvStEhN8.

35 B
468 B

22ms
21ms

Image
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=CP1hsykFWmSXsyvStEhN8.

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380

Protocol

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
via: 1.1 google
last-modified: Mon, 06 Dec 2021 22:59:32 GMT
server: nginx/1.12.0
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=CP1hsykFWmSXsyvStEhN8.
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 26BF 23 B
172 B 118ms
46ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=5404479822701235357
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 06 Dec 2021 22:59:32 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 26BF
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=5404479822701235357
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=5404479822701235357&cs=1

35 B
376 B

11ms
11ms

Image
image/gif

88.99.214.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=5404479822701235357&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: H2
Server: 88.99.214.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-214-77.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:32 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=5404479822701235357&cs=1
date: Mon, 06 Dec 2021 22:59:32 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 26BF 0
238 B 34ms
7ms Image
text/plain 2600:9000:2057:ec00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=5404479822701235357
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ec00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:32 GMT
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 1qctvQO3-l5qKpGS3UmjcJegHANcLC_TmB-roRiSaAADRZqIJ-ERyw==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 26BF
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=5404479822701235357&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=5404479822701235357&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=e275065b-6279-4593-992c-70cbbb17bac7

35 B
477 B

22ms
22ms

Image
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=e275065b-6279-4593-992c-70cbbb17bac7

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380

Protocol

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:32 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=2007&cid=e275065b-6279-4593-992c-70cbbb17bac7
date: Mon, 06 Dec 2021 22:59:32 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 5404479822701235357
match.contentexchange.me/adform/ Frame 26BF 0
49 B 96ms
28ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/5404479822701235357?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 Ljubljana, Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:32 GMT
content-length: 0
server: nginx/1.16.1

GET
H2

200

xuid
eb2.3lift.com/ Frame 26BF
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=5404479822701235357&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=5404479822701235357&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=5404479822701235357&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=5404479822701235357&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
date: Mon, 06 Dec 2021 22:59:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 26BF 0
261 B 22ms
21ms Image
text/plain 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=5404479822701235357&agencyId=6285&advertiserId=2094403&src=tp&rnd=528380
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 22:59:32 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 2548 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.clubpremier.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Response headers

content-type: text/plain
access-control-allow-origin: https://www.clubpremier.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Mon, 06 Dec 2021 22:59:32 GMT

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/11784/ 465 B
950 B 25ms
10ms XHR
application/json 65.9.68.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/11784/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/11784/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 310d932bfa1b18ddd48c8fcb11cf6db2258c032c38f635bd0219e613b165ced1

Request headers

Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 06 Dec 2021 17:24:23 GMT
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
age: 20111
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 465
last-modified: Tue, 23 Nov 2021 19:37:02 GMT
server: AmazonS3
etag: "f1733bf89cf54944857a55b3b459df08"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: FuFru5-X63WhyE2P1op-esXLVEmAhB4vY0-CuI9Fm2HPDSsWCUmK2g==

POST
H2 200 cc4298b0a100010453d287a0 Show response
execution-ci360.clubpremier.com/t/e/ 2 B
1 KB 275ms
274ms XHR
text/plain 2600:9000:206f:f600:7:ea02:ad80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-ci360.clubpremier.com/t/e/cc4298b0a100010453d287a0
Requested by: Host: execution-ci360.clubpremier.com
URL: https://execution-ci360.clubpremier.com/js/ot-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f600:7:ea02:ad80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 06 Dec 2021 22:59:33 GMT
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.clubpremier.com
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
content-length: 2
x-amz-cf-id: 7DlkRwtY2rRJKYfSk17nkAqhCaxBGKmwBJeU9O-KDVRtRllvRHCfFg==

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 141 B
968 B 73ms
63ms XHR
application/json 52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/11784/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 81719ca64d96cb3f4a2f64dd31024fe013dc69324d1ef5c2863e4dbe04332185

Request headers

Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:33 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.clubpremier.com
cache-control: no-cache
x-server: 10.45.1.12
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 141
expires: 0

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame A503 2 KB
1 KB 7ms
6ms Document
text/html 65.9.68.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=11784
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/11784/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo

Response headers

content-type: text/html
date: Mon, 06 Dec 2021 17:15:14 GMT
last-modified: Mon, 01 Feb 2021 20:35:17 GMT
etag: W/"6fcf4f5197ab24c92d090f6ac8d87e01"
x-amz-server-side-encryption: AES256
cache-control: max-age: 86400
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: beYe3CmQ4NpjG9zUYp-0MDL5dRQ4Pwwe6bR8htdCmRq6nJCvPrTfGQ==
age: 20660

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame E397 742 B
935 B 31ms
30ms Document
text/html 52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?s=41%2C61%2C14%2C12%2C125%2C2&c=11784
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=11784
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 502f1c67e8d184cade462f5865ba9383fcff11e3681337ccb67bf765d2deb8a7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tags.crwdcntrl.net/

Response headers

date: Mon, 06 Dec 2021 22:59:33 GMT
content-type: text/html
content-length: 742
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.30.36
server: Jetty(9.4.38.v20210224)

GET
H2

200

tpidqp=tpidqa
bcp.crwdcntrl.net/cmap/c=5437/tp=DTAX/ Frame E397
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=LOTME
https://bcp.crwdcntrl.net/cmap/c=5437/tp=DTAX/tpidqp=tpidqa?tpidqa=y-yj9kWJxE2pzeQixt.D7kGp8s3jHAaC3AMbw-~A

49 B
264 B

33ms
33ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/cmap/c=5437/tp=DTAX/tpidqp=tpidqa?tpidqa=y-yj9kWJxE2pzeQixt.D7kGp8s3jHAaC3AMbw-~A
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=41%2C61%2C14%2C12%2C125%2C2&c=11784
Protocol: H2
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:33 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.6.184
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

date: Mon, 06 Dec 2021 22:59:33 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://bcp.crwdcntrl.net/cmap/c=5437/tp=DTAX/tpidqp=tpidqa?tpidqa=y-yj9kWJxE2pzeQixt.D7kGp8s3jHAaC3AMbw-~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK utsync.ashx
ml314.com/ Frame E397 43 B
422 B 129ms
29ms Image
image/gif 52.208.138.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50146&et=0&fp=f3ffbb568aeffae4b49fb89b14867767&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=41%2C61%2C14%2C12%2C125%2C2&c=11784
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.138.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-138-90.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Dec 2021 22:59:32 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Tue, 07 Dec 2021 17:59:33 GMT

GET
H2 200 382416.gif
idsync.rlcdn.com/ Frame E397 42 B
396 B 24ms
23ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/382416.gif?partner_uid=f3ffbb568aeffae4b49fb89b14867767&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=41%2C61%2C14%2C12%2C125%2C2&c=11784
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 22:59:33 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H/1.1 200
OK 5907
tags.bluekai.com/site/ Frame E397 62 B
304 B 173ms
172ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=b833632952032cb03e93e1ace4136a25
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=41%2C61%2C14%2C12%2C125%2C2&c=11784
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 22:59:33 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2 404 insync
thrtle.com/ Frame E397 0
0 306ms
99ms Image
text/html 52.0.73.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?vxii_pid=10014&vxii_pdid=f3ffbb568aeffae4b49fb89b14867767
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=41%2C61%2C14%2C12%2C125%2C2&c=11784
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.73.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-73-248.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2

200

tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=25551966/tpid=9094245443045402010/ Frame E397
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=25551966%2Ftpid%3D%24UID%2Ftp%3DANXS
https://sync.crwdcntrl.net/map/c=281/rand=25551966/tpid=9094245443045402010/tp=ANXS

49 B
264 B

34ms
34ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/rand=25551966/tpid=9094245443045402010/tp=ANXS
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=41%2C61%2C14%2C12%2C125%2C2&c=11784
Protocol: H2
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 22:59:33 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.24.39
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 06 Dec 2021 22:59:33 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 6b4d963c-2361-4066-8c32-698a0e124399
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.crwdcntrl.net/map/c=281/rand=25551966/tpid=9094245443045402010/tp=ANXS
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 50CF 28 B
54 B 23ms
22ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8040e515/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/DUNhPfIRKys?enablejsapi=1&version=3&playerapiid=ytplayer
X-YouTube-Client-Version: 1.20211201.01.02
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtXWWFGOXA3amhtQSjTq7qNBg%3D%3D
X-YouTube-Ad-Signals: dt=1638831571434&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C538%2C360&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 06 Dec 2021 22:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 06 Dec 2021 22:59:33 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Domain: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=GTM-KFMZFLX

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/seg?add=23287336&t=2

Domain: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42285521-1&cid=422585125.1638831571&jid=1486213391&_u=YADAAAAAAAAAAC~&z=278932847

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42285521-1&cid=422585125.1638831571&jid=1982022375&_u=YADAAAABAAAAAC~&z=1630808974

Domain: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Domain: a1.seadform.net
URL: https://a1.seadform.net/serving/cookie/sync/?uid=5404479822701235357&stamp=OodsQ1R5PGcDvP-67D9Y4w2

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=5404479822701235357

Verdicts & Comments Add Verdict or Comment

273 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

110 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clubpremier.com/	1970-01-20 07:59:27	Name: qtrans_front_language Value: mx
www.clubpremier.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: emndi6gdr502rvlv6u6pgmjag8
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: YMEiO6bEGd0
.youtube.com/	1970-01-20 03:33:03	Name: VISITOR_INFO1_LIVE Value: WYaF9p7jhmA
.clubpremier.com/	1970-01-20 01:23:27	Name: _gcl_au Value: 1.1.170947954.1638831571
.clubpremier.com/	1970-01-20 16:45:03	Name: _ga_B7583M6EK7 Value: GS1.1.1638831571.1.0.1638831571.0
.clubpremier.com/	1970-01-20 16:45:03	Name: _ga Value: GA1.1.422585125.1638831571
.clubpremier.com/	1970-01-20 01:23:27	Name: _fbp Value: fb.1.1638831571394.249747698
.clubpremier.com/	1970-01-19 23:13:51	Name: lotame_domain_check Value: clubpremier.com
.adform.net/	1970-01-19 23:58:29	Name: C Value: 1
execution-ci360.clubpremier.com/	1969-12-31 23:59:59	Name: _SI_VS_3.cc4298b0a100010453d287a0 Value: 36bc56d938800121bc251772
execution-ci360.clubpremier.com/	1970-01-20 16:45:03	Name: _SI_VID_3.cc4298b0a100010453d287a0 Value: 3fc437ce162f204ec1a5d063
execution-ci360.clubpremier.com/	1969-12-31 23:59:59	Name: _SI_DID_3.cc4298b0a100010453d287a0 Value: c78e1dc0-b4aa-3473-9dd6-9520d0ae637c
.clubpremier.com/	1970-01-20 16:45:03	Name: _SI_VID_1.cc4298b0a100010453d287a0 Value: 3fc437ce162f204ec1a5d063
.clubpremier.com/	1969-12-31 23:59:59	Name: _SI_DID_1.cc4298b0a100010453d287a0 Value: c78e1dc0-b4aa-3473-9dd6-9520d0ae637c
.adform.net/	1970-01-20 00:40:15	Name: uid Value: 5404479822701235357
.adform.net/	1970-01-19 23:15:17	Name: CM Value: 1\|1
.adform.net/	1970-01-19 23:34:01	Name: CM14 Value: 1638917972_1638831572_1_Hu7u4e4e4e7u7u4REREeERERERHhEA
.adscale.de/	1970-01-20 07:56:07	Name: uu Value: aad55974d00a47a5b3ff2ef08b3cdaba
.adscale.de/	1970-01-20 07:56:07	Name: cct Value: 1638831572111
.ih.adscale.de/	1970-01-20 07:56:07	Name: tu Value: 4#402022827#42~5404479822701235357~455230~0~0
.advertising.com/	1970-01-20 08:00:53	Name: APID Value: UP2c894eb0-56e8-11ec-a9b7-0633aa71edb2
.bidswitch.net/	1970-01-20 07:59:27	Name: tuuid Value: 9a7602f7-4fa0-456a-8db7-791bd5b32fd1
.bidswitch.net/	1970-01-20 07:59:27	Name: c Value: 1638831572
.bidswitch.net/	1970-01-20 07:59:27	Name: tuuid_lu Value: 1638831572
.eyeota.net/	1970-01-20 07:59:27	Name: mako_uid Value: 17d91f944ba-7f400000010f5bbd
.eyeota.net/	1970-01-19 23:13:52	Name: SERVERID Value: 23485~DM
.yieldlab.net/	1970-01-20 07:59:27	Name: id Value: abbe64d0-2ceb-4dd8-8d64-123ef18313ba
.casalemedia.com/	1970-01-20 07:59:27	Name: CMID Value: Ya6V1MmpXb7sPY9ftSSvYwAA
.casalemedia.com/	1970-01-20 01:23:27	Name: CMPS Value: 5221
.yahoo.com/	1970-01-20 07:59:49	Name: A3 Value: d=AQABBNSVrmECEIxeWWDzoRqBBR10Lp5NXcoFEgEBAQHnr2G4YQAAAAAA_eMAAA&S=AQAAAsELALUlwa-jyDA_h3eozMM
ads.stickyadstv.com/	1970-01-20 00:40:15	Name: uid-bp-617 Value: 5404479822701235357
ads.stickyadstv.com/	1970-01-19 23:57:03	Name: UID Value: de18e2e61afbdcc02baaea7bbddb288
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 5782ae2b243ae4b6c60521d6d456181
.analytics.yahoo.com/	1970-01-20 08:00:53	Name: IDSYNC Value: 1760~21xy
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP2c894eb0-56e8-11ec-a9b7-0633aa71edb2
.yahoo.com/	1970-01-19 23:15:17	Name: APIDTS Value: 1638831572
.360yield.com/	1970-01-20 01:23:27	Name: tuuid Value: 7177a941-3795-4c34-b6d9-4dfcb0937ccd
.360yield.com/	1970-01-20 01:23:27	Name: tuuid_lu Value: 1638831572
.casalemedia.com/	1970-01-20 01:23:27	Name: CMPRO Value: 1157
.casalemedia.com/	1970-01-19 23:15:17	Name: CMST Value: Ya6V1GGuldQA
.casalemedia.com/	1970-01-20 07:59:27	Name: CMRUM3 Value: 6f61ae95d427605404479822701235357
.360yield.com/	1970-01-20 01:23:27	Name: um Value: !42,seDqN5hTXU8Llwzbebro5oEf1NovstoK-XNw5eF1dZdF,1640041172
.360yield.com/	1970-01-20 01:23:27	Name: umeh Value: !42,0,1701039572,-1
.semasio.net/	1970-01-20 07:59:27	Name: SEUNCY Value: 5415E0C6F6B0B196
.1rx.io/	1970-01-20 07:59:27	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f8cad750-1e47-455a-96a3-f2f951e3eb71-003%22%7D
.crwdcntrl.net/	1970-01-20 05:42:36	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 05:42:36	Name: _cc_id Value: f3ffbb568aeffae4b49fb89b14867767
.onaudience.com/	1970-01-20 07:59:27	Name: cookie Value: 25d1cd9ffa0aead5
.exelator.com/	1970-01-20 02:06:39	Name: EE Value: "b2f6d4fe0d9fa598bdb0cf3c678235d5"
.targeting.unrulymedia.com/	1970-01-20 07:59:27	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f8cad750-1e47-455a-96a3-f2f951e3eb71-003%22%7D
cm.adsafety.net/	1970-01-20 07:59:27	Name: UID Value: CM12021120622ee22db733db07055a9e
.adsafety.net/	1970-01-20 07:59:27	Name: cm_uid Value: CM12021120622ee22db733db07055a9e
.adnxs.com/	1970-01-20 01:23:27	Name: uuid2 Value: 9094245443045402010
.exelator.com/	1970-01-20 02:06:39	Name: ud Value: "eJxrXxzq6XKLQSHJKM0sxSQt1SDFMi3R1NIiKSXJIDnNONnM3MLI2DTFdHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJsSX5RZvoiF9fFRSlpDItKik8F7zvxFwC6YSuK"
.doubleclick.net/	1970-01-20 08:35:27	Name: IDE Value: AHWqTUlaLakBIeOVnVcA4Y8ez-boN1E9t6Vl49_d6MckVd9XacAMZjVc7pzGQRorlc8
tags.adsafety.net/	1970-01-20 07:59:27	Name: UID Value: c123640d253a1eb75b24b34d3bc2b388
tags.adsafety.net/	1970-01-20 07:59:27	Name: DID Value: c123640d253a1eb75b24b34d3bc2b388
tags.adsafety.net/	1970-01-20 07:59:27	Name: IDT Value: 100
tags.adsafety.net/	1970-01-20 07:59:27	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-19 23:57:03	Name: block_reset Value: 1
.adsafety.net/	1970-01-20 07:59:27	Name: ct_uid Value: c123640d253a1eb75b24b34d3bc2b388
.adsafety.net/	1970-01-20 07:59:27	Name: ct_did Value: c123640d253a1eb75b24b34d3bc2b388
.adsafety.net/	1970-01-20 07:59:27	Name: ct_idt Value: 100
.krxd.net/	1970-01-20 03:33:03	Name: _kuid_ Value: Ohn05NlR
.pubmatic.com/	1970-01-19 23:57:03	Name: KRTBCOOKIE_391 Value: 22924-5404479822701235357&KRTB&23263-5404479822701235357
.pubmatic.com/	1970-01-19 23:57:03	Name: PugT Value: 1638831572
.pubmatic.com/	1970-01-20 01:23:27	Name: PUBMDCID Value: 3
cm.adsafety.net/	1970-01-20 07:59:27	Name: permanent Value: 1
.adnxs.com/	1970-01-20 01:23:27	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2GVIvRpBM!]tbPl1M66+q([OUf!LKNZk8tZ4p'taYlL>_+T#0aaSOab9e0YbpRzqF1`*b`gv(Szl%
.mathtag.com/	1970-01-20 08:39:46	Name: uuid Value: e82961ae-95d4-4100-a83b-2de6e9bfa3d5
.adfarm1.adition.com/	1970-01-20 01:23:27	Name: UserID1 Value: 7038728005402622095
ads.smartstream.tv/	1970-01-20 07:59:27	Name: DID Value: c123640d253a1eb75b24b34d3bc2b388
ads.smartstream.tv/	1970-01-20 07:59:27	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 07:59:27	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-19 23:57:03	Name: cm_uid Value: CM12021120622ee22db733db07055a9e
.agkn.com/	1970-01-20 07:59:27	Name: ab Value: 0001%3AkVnBlArX%2BSgLi7c2N2ZzlE%2BPPO%2BoK82A
.w55c.net/	1970-01-20 08:44:05	Name: wfivefivec Value: mu27Je2X1MUmXi5
.w55c.net/	1970-01-19 23:57:03	Name: matchadform Value: 5
.id5-sync.com/	1970-01-19 23:13:51	Name: cf Value:
.id5-sync.com/	1970-01-19 23:13:51	Name: cip Value:
.id5-sync.com/	1970-01-19 23:13:51	Name: cnac Value:
.id5-sync.com/	1970-01-19 23:13:51	Name: car Value:
.id5-sync.com/	1970-01-19 23:13:51	Name: gdpr Value:
.id5-sync.com/	1970-01-19 23:13:51	Name: id5 Value: 5f55cb77-2768-4669-8514-c5d00e33d03f#1638831561455#1
.id5-sync.com/	1970-01-19 23:13:51	Name: callback Value:
.demdex.net/	1970-01-20 03:33:03	Name: demdex Value: 08907420839677329792983669137149364687
.dpm.demdex.net/	1970-01-20 03:33:03	Name: dpm Value: 08907420839677329792983669137149364687
cm.adsafety.net/	1970-01-20 07:59:27	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaeEhiNEJYb1p0N3NjNGIxZ2R2N0JoTlIrbkIva2JJWDhHYXpUbkJscjJydmk4UEl6UWNTMk5nVFVZL0U2dGxyR1M0QW9xT0N0aGdFdDhITkV6bGZROHR2OVo4dmpkMkwxNVI4VFNTUDlsZWVpcDJYbmdtVXFBQXBCSEkrYXFGVGRqUm5CSWs3Slc3TGM2aTBSNlU1MG9GaFF5Z2tTTEF2TU5sY3REQ0MvMFVhQ1Z2WXlPYWhxZ2NFNklhLzc0c05lSVkrOG5zZy8vcldpRnN2R1hiM21kNTJ0bkh1OWFKRTdUMGFadjZQYk1tbTdLSFQyU0JneFZuWnkxcTc2bXBQYkxiaFBSNFlNdFByR2JadWNld2J2cGNHWHRaRVlhUm1scE5va1NWRjVBRUE4a3E2V3U4Qll2dC9TeG9NbEExSnFyR2RRQ0xtc1Z5S0UxakNTZjBQbWY1bHlOY0plUjRlTnRpZ1U0Z1pBd0lNU3NtcjNNWUtCUUJQcmVIOTJMTVhMTm5oaWVFR3Y1S2IrMTRxdStoRW1mNEc1eGZLQjFkdC95bjdhaTFId251RTNRTzZFaW5MUHNKcVdKbk05MkgzaUV2OGdXaEpyMXpXZGxsWTY1dHBNeituZUFPUWMvOEE0TXcvWUFRdlp2ZVY1RUxlRStXQ0wvcWgyY0x2TFFLNkVFWHljTW9KM3BDUmp6WUZhMHpaZmlDQjdUVUt3MjdPNi9idDU0bHllRUZaYkVYZWV3MTNMRUpzS3Qwd0xRUDU0M3VkcWtmOHFnekpLelduMHIremd6WUw2a1BJb0NRWlNBYmMvWC8zN3N6Zk5sMGJ2Mm1ZWXpzYTVnOGowVG1jZUhYZk0vT1NXdGN5clZXKzZqUVVGaW5mbkZuMkJHODNDSXZpcjdoUFVIMjVlWG9xRk9tRG1wNS96bVZ4aW5CdU1BUThqTVhHQUxLRUp1a1ZwNGNwL2lZUExPQUFyS3dkZm9BM1pUZm5EdmcvOXBzZm8rSjF4YWQzOEsvLzNNT3p1QTcvdXJxemJyREtxYklpaU1QcVVZeXRYem5pZmphQzE0b1lTT1ZQckUrVHRoaFRJZmJlZ2RObE8yNkNIQ096eVE9PQ%3D%3D
.weborama.fr/	1970-01-20 08:45:32	Name: AFFICHE_W Value: Bi@VeKVLKnMG68
.1dmp.io/	1970-01-20 07:59:27	Name: uid Value: 2cc608a0-56e8-11ec-9752-901b0e8d9836
.adsrvr.org/	1970-01-20 07:59:27	Name: TDID Value: b57c236f-377c-4b5c-b93e-cb0e19bcca4d
.adsrvr.org/	1970-01-20 07:59:27	Name: TDCPM Value: CAESFgoHc2VtYXNpbxILCNa6rJTDxZw6EAUYBSABKAIyCwiwz5DB2cWcOhAFOAE.
.bluekai.com/	1970-01-20 03:33:03	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 03:33:03	Name: bkpa Value: KJpEnXTLu5DlBMRt1nnwEnWNBEWy1Esl+e901MzyBe/tBERNOyY5jxQt
.bluekai.com/	1970-01-20 03:33:03	Name: bku Value: aG/99BuPgZWu9UQ2
.tapad.com/	1970-01-20 00:40:15	Name: TapAd_TS Value: 1638831572573
.tapad.com/	1970-01-20 00:40:15	Name: TapAd_DID Value: e275065b-6279-4593-992c-70cbbb17bac7
.3lift.com/	1970-01-20 01:23:27	Name: tluid Value: 14249024455277929742
.tapad.com/	1970-01-20 00:40:15	Name: TapAd_3WAY_SYNCS Value:
.audrte.com/	1969-12-31 23:59:59	Name: arcki2 Value: ig3-SRoHm8iSrmRyp5j-xt0OA!20210804!1638831572694
.clubpremier.com/	1969-12-31 23:59:59	Name: _SI_SID_1.cc4298b0a100010453d287a0 Value: 36bc56d938800121bc251772.1638831573078.743
.crwdcntrl.net/	1970-01-20 05:42:39	Name: _cc_cc Value: "ACZ4XmNQSDNOS0tKMjWzSExNS0tMNUkysUxLsrBMMjSxMDM3NzNnAILEdVOv%2FgcCfhAHDES%2BtM9TY%2ByIYfjPyMiwekIvnL2gY74mTHzq%2BaVKMPZGJDVrkdiH1r3UgKn5879JBca%2BvfyAIow96%2FBsuPjxTVNY4GZufMoNY3%2F8bAljHj96iBnGvnTqERuMvXvfZQEY%2B%2FDiOXBjpp9Qhwm%2FW4IQvvpjrQ5MHABaTmID"
.crwdcntrl.net/	1970-01-20 05:42:39	Name: _cc_aud Value: "ABR4XmNgYGBIXDf1KpCCACYGVpU2EJNVpQVIAgBLuAPY"
.www.clubpremier.com/	1970-01-20 05:42:39	Name: _cc_id Value: f3ffbb568aeffae4b49fb89b14867767
.rlcdn.com/	1970-01-20 07:59:27	Name: rlas3 Value: ZkOU0GA6ah/1YaWUKMeAnI+jEAX+EXE3dsy+DQtUq7o=
.rlcdn.com/	1970-01-20 00:40:15	Name: pxrc Value: CAA=
execution-ci360.clubpremier.com/	1970-01-19 23:23:56	Name: AWSALB Value: G/msNHxFWWYgQnfrwxelDiKz183FXnN8N2FagUGoz4o5OUytGU9t8c09trYNVY7m4I259VERjhg+b0dCqQ+Q9U0QN1WBnyiyaM7+XubEfN1CE3+0Lww+/Xq+jplodWLFx2J+S1DKXbShqRq5uICFAKmS0wYWoDAIvkypR0jOL0PUtXFYye4qm7MltDM3mg==
execution-ci360.clubpremier.com/	1970-01-19 23:23:56	Name: AWSALBCORS Value: G/msNHxFWWYgQnfrwxelDiKz183FXnN8N2FagUGoz4o5OUytGU9t8c09trYNVY7m4I259VERjhg+b0dCqQ+Q9U0QN1WBnyiyaM7+XubEfN1CE3+0Lww+/Xq+jplodWLFx2J+S1DKXbShqRq5uICFAKmS0wYWoDAIvkypR0jOL0PUtXFYye4qm7MltDM3mg==
execution-ci360.clubpremier.com/	1969-12-31 23:59:59	Name: _SI_SID_3.cc4298b0a100010453d287a0 Value: 36bc56d938800121bc251772.1638831573318.1035

73 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo Message: The Content-Security-Policy directive 'default-src' contains 'font-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo Message: The Content-Security-Policy directive 'default-src' contains 'script-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo Message: The Content-Security-Policy directive 'default-src' contains 'frame-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo Message: The Content-Security-Policy directive 'default-src' contains 'style-src-elem' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo Message: The Content-Security-Policy directive 'default-src' contains 'img-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo Message: The Content-Security-Policy directive 'default-src' contains 'connect-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: about:blank Message: The Content-Security-Policy directive 'default-src' contains 'font-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: about:blank Message: The Content-Security-Policy directive 'default-src' contains 'script-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: about:blank Message: The Content-Security-Policy directive 'default-src' contains 'frame-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: about:blank Message: The Content-Security-Policy directive 'default-src' contains 'style-src-elem' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: about:blank Message: The Content-Security-Policy directive 'default-src' contains 'img-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: about:blank Message: The Content-Security-Policy directive 'default-src' contains 'connect-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-W56R6Q(Line 64) Message: Refused to load the script 'https://www.googleadservices.com/pagead/conversion_async.js' because it violates the following Content Security Policy directive: "default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS973S(Line 319) Message: Refused to load the script 'https://www.googleoptimize.com/optimize.js?id=GTM-KFMZFLX' because it violates the following Content Security Policy directive: "default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo Message: Refused to load the image 'https://secure.adnxs.com/seg?add=23287336&t=2' because it violates the following Content Security Policy directive: "default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=AW-641009633(Line 35) Message: Refused to load the script 'https://www.googleadservices.com/pagead/conversion_async.js' because it violates the following Content Security Policy directive: "default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo Message: Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42285521-1&cid=422585125.1638831571&jid=1486213391&_u=YADAAAAAAAAAAC~&z=278932847' because it violates the following Content Security Policy directive: "default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo Message: Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42285521-1&cid=422585125.1638831571&jid=1982022375&_u=YADAAAABAAAAAC~&z=1630808974' because it violates the following Content Security Policy directive: "default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=AW-641009633(Line 35) Message: Refused to load the script 'https://www.googleadservices.com/pagead/conversion_async.js' because it violates the following Content Security Policy directive: "default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
network	error	URL: https://www.clubpremier.com/mx/toma-todo/undefined/santander/toma-todo/winners Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'font-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'script-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'frame-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'style-src-elem' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'img-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'connect-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'font-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'script-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'frame-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'style-src-elem' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'img-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'connect-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://a2.adform.net/Serving/TrackPoint/?pm=2358553&ADFPageName=www.clubpremier.com%7C%2Fmx%2Ftoma-todo%2F%7Chttps%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&ADFdivider=%7C&ord=598786562045&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo(Line 2) Message: The Content-Security-Policy directive 'default-src' contains 'font-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://a2.adform.net/Serving/TrackPoint/?pm=2358553&ADFPageName=www.clubpremier.com%7C%2Fmx%2Ftoma-todo%2F%7Chttps%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&ADFdivider=%7C&ord=598786562045&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo(Line 2) Message: The Content-Security-Policy directive 'default-src' contains 'script-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://a2.adform.net/Serving/TrackPoint/?pm=2358553&ADFPageName=www.clubpremier.com%7C%2Fmx%2Ftoma-todo%2F%7Chttps%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&ADFdivider=%7C&ord=598786562045&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo(Line 2) Message: The Content-Security-Policy directive 'default-src' contains 'frame-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://a2.adform.net/Serving/TrackPoint/?pm=2358553&ADFPageName=www.clubpremier.com%7C%2Fmx%2Ftoma-todo%2F%7Chttps%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&ADFdivider=%7C&ord=598786562045&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo(Line 2) Message: The Content-Security-Policy directive 'default-src' contains 'style-src-elem' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://a2.adform.net/Serving/TrackPoint/?pm=2358553&ADFPageName=www.clubpremier.com%7C%2Fmx%2Ftoma-todo%2F%7Chttps%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&ADFdivider=%7C&ord=598786562045&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo(Line 2) Message: The Content-Security-Policy directive 'default-src' contains 'img-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://a2.adform.net/Serving/TrackPoint/?pm=2358553&ADFPageName=www.clubpremier.com%7C%2Fmx%2Ftoma-todo%2F%7Chttps%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo&ADFdivider=%7C&ord=598786562045&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Ftoma-todo%2F%3Futm_source%3Dmediosam%26utm_medium%3Dconfirmationmail%26utm_id%3Dtomatodo(Line 2) Message: The Content-Security-Policy directive 'default-src' contains 'connect-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://www.clubpremier.com/mx/toma-todo/?utm_source=mediosam&utm_medium=confirmationmail&utm_id=tomatodo Message: Refused to load the image 'https://a1.seadform.net/serving/cookie/sync/?uid=5404479822701235357&stamp=OodsQ1R5PGcDvP-67D9Y4w2' because it violates the following Content Security Policy directive: "default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'font-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'script-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'frame-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'style-src-elem' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'img-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'connect-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'font-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'script-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'frame-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'style-src-elem' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'img-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'connect-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'font-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'script-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'frame-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'style-src-elem' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'img-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'connect-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'font-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'script-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'frame-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'style-src-elem' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'img-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: The Content-Security-Policy directive 'default-src' contains 'connect-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=5404479822701235357 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7038728005402622095 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=5404479822701235357 Message: Failed to load resource: net::ERR_EMPTY_RESPONSE
security	error	URL: https://tags.crwdcntrl.net/lt/c/11784/lt.min.js Message: The Content-Security-Policy directive 'default-src' contains 'font-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://tags.crwdcntrl.net/lt/c/11784/lt.min.js Message: The Content-Security-Policy directive 'default-src' contains 'script-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://tags.crwdcntrl.net/lt/c/11784/lt.min.js Message: The Content-Security-Policy directive 'default-src' contains 'frame-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://tags.crwdcntrl.net/lt/c/11784/lt.min.js Message: The Content-Security-Policy directive 'default-src' contains 'style-src-elem' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://tags.crwdcntrl.net/lt/c/11784/lt.min.js Message: The Content-Security-Policy directive 'default-src' contains 'img-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://tags.crwdcntrl.net/lt/c/11784/lt.min.js Message: The Content-Security-Policy directive 'default-src' contains 'connect-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
network	error	URL: https://thrtle.com/insync?vxii_pid=10014&vxii_pdid=f3ffbb568aeffae4b49fb89b14867767 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.crwdcntrl.net
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
api.adrtx.net
bcp.crwdcntrl.net
beacon.krxd.net
c1.adform.net
cm.adsafety.net
cm.g.doubleclick.net
cm.smartstream.tv
cms.analytics.yahoo.com
connect.facebook.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
execution-ci360.clubpremier.com
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
googleads.g.doubleclick.net
i.ytimg.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
jnn-pa.googleapis.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
ml314.com
pdw-adf.userreport.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
s3media.clubpremier.com
secure.adnxs.com
simage2.pubmatic.com
static.doubleclick.net
stats.g.doubleclick.net
sync.1dmp.io
sync.1rx.io
sync.crwdcntrl.net
sync.targeting.unrulymedia.com
sync.teads.tv
tags.adsafety.net
tags.bluekai.com
tags.crwdcntrl.net
thrtle.com
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
use.fontawesome.com
usermatch.targeting.unrulymedia.com
www.clubpremier.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
a1.seadform.net
global.ib-ibi.com
secure.adnxs.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
104.111.215.191
104.111.218.85
104.111.242.245
139.162.147.24
142.250.185.66
18.130.94.173
18.156.0.31
18.185.209.98
185.167.164.49
185.64.190.80
185.86.138.142
2.18.233.201
2.18.234.21
2.18.234.233
212.71.252.71
212.82.100.182
213.19.147.45
2600:9000:2057:ec00:1b:5138:8a40:93a1
2600:9000:206f:f600:7:ea02:ad80:93a1
2606:4700:3037::6815:4e07
2606:4700::6812:9d71
2a00:1450:4001:801::2001
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2016
2a00:1450:400c:c06::9d
2a02:6ea0:c700::4
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.125.70.222
3.126.16.11
3.228.116.73
34.254.143.3
35.190.16.14
35.227.248.159
35.244.159.8
35.244.174.68
37.157.6.235
37.157.6.241
37.252.172.36
46.137.57.74
46.19.11.36
51.195.5.38
51.210.112.236
52.0.73.248
52.208.103.128
52.208.138.90
52.211.146.69
52.218.98.67
52.223.40.198
52.30.98.117
54.217.249.13
54.93.135.255
54.93.162.63
65.9.68.65
65.9.68.72
69.173.144.138
76.223.111.18
77.243.60.138
80.82.217.94
85.114.159.93
85.90.245.27
88.99.214.77
014752d6726385251808c831b4f036922cff2d0e03b9fc870e977ca728c1739e
01a31bb48cf4958d49acc5aa9c622d2c95aaa9d1793f8fff9f2042c233f35b56
04a8622622058fbd3430e352bf4a9e4c53f28a973b7e2553032fe28674e388ce
083939fc72b72ed3c52b9648462f3f7320f8806f042b2d1dcd9caf329f69a7ed
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ec46ce16730da5f1c8e534828ba91cfaba17e131b7497e36f853553fc2e2179
0f2f0d3d647c005be623017f74bd10a7f1e76e80bfa3930d50cec19db07d1965
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15d2b3b815538a66e96747a543d9ac01d71e2d062df76f63fccb3c74d8ba06e7
1d8b61c6408c4958ee4e6b3cc18292b1c400c0fd73b8a410b9312350c61ebf69
1ec00e8a8a10bd441d162d91b5187f2bc3d3bd6bc9091e0a48a8c1c882ec9852
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
28a367ad31b0c6d2f4f3811be3a1b0f222edf79f01e4908a92dd0cac1ce781b7
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e6f9f84c3ccb53a351ab7184ecb9a3ed9cf0ca5e713ace4deca2d7a9e7e4c58
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
310d932bfa1b18ddd48c8fcb11cf6db2258c032c38f635bd0219e613b165ced1
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
330306ee94186a08fc0f5203c3c25cab9db4bfd09eeb22f71d1eedfd83af063c
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
336f697e0cb8fe3930fe257bc673fbe383e7c919b5e9dd348b44ed20c22278b2
3697e3d917558effa3f5954febde4851eaedce36c31ba854ef067187c875829e
3bd10e33c334ec8aa3ef7089aaccaac17e5ec60ace7f1b0bbc1661c7a5a6f530
3c317a6aa32c23b16ce96353a8537f47b0ae5b877fc56f4c6cb303c4da8e2e41
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4080b83d8afc4487b8229308be2f196372bd2123613b46388048f14159f07181
433d970f04c9cfdfe1eef18106807714cffa2ec96651af41c1be35d00a87bc1c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c3adb86cfa340f1bc98bc36d09dd5d1aad7590641f4fcf893328d1e9da6b7f0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e38dc593509e1d43d8c6f1ea75d16726a8438fb17c569dec47b4ccbe6f663e7
502f1c67e8d184cade462f5865ba9383fcff11e3681337ccb67bf765d2deb8a7
522e20c4f9c615c2766aa6f7816cd4cd3b7383b13bd6fa143ae7ae689e111d64
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5ab1bdcdc9caa1c7573e7d221e8cef7549ba6c2c4d67603aa9af0ae65c68dd0d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5f9c823e79b1c3472f22158c36433e528dd0c4df29d803633d9bbe35774f4621
5fdd431164083bc93ddc3a108b2cf12e939dbd75018410f851da642d410f895c
6301d9d3aa8e61f7fff08b41f5556a2eaa7527acb56fc6d0a7d9e420950edfa4
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
64863c4f2958105506884043a128daeda2a748da8b370ecfac0eb96b263353c8
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a148b744df4ce54a86de0f4cbde02e86f987357d72c718ff835f8eb81e52b2a
6a7286cb0a20e4c1fedac6a0a58e7998f3adc1947d97b16f992de1edb8731779
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
741ff0931a0d2097b2ecaa880274a38aa7766973adfe2ae84273641783cdce16
74bd1062da373eabae4c6bb2e0da3831272ca2b25ac3a19649b65dd188bd5fe8
75e01166818b7365e2b190a6ee78b65af5ec27b15aa0a127cb4036b1b3feb914
778a25df4bf3f56b246b91649c40d3783b7c1fe0486a99ea4b5f10981053b79d
78c86efc2099928e8d64991ee31c352c0c8155737d2d3fbc86d81242facfe441
7d6b0994de4daebf4c729000c7e75b7eba093d2281481cecd4ad4868ed5f2128
80493588ff7857d73ba8c07e93b7ec0095ff7625d55bad8adc92ff611de72c01
81719ca64d96cb3f4a2f64dd31024fe013dc69324d1ef5c2863e4dbe04332185
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83fa970421b449d9c555dc25c337c2cb61448fa70c45a2c12e8d47b6f2731b31
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86ec75c04b47dc8fa44ee976e8746cca3bb428a2152b5c9bd430f9fd04c3d0cc
877bc9a3e0552defae9c38eb8e93410597c4b188a44447268be4651de807c41d
8875c5427885e3f2df8a7a6d71bac1ce8e72b04a36283405c6ac15b14d79324c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b890609ad2b91e9291e2ed45eeab7039e9ad0c043368930de8cbc8945061d90
8bd4a9f952e5929601bd170da52e68f0e6313e954091cd5a87c10fdda17979e9
8c3b4dc6462c11e820587fef21d3425d418b380ef8654185b31e61ac840bca21
8f0e5c35d80dd65aaae9e794083a033305d3624c5bb2d58ee93b60e47ceb1fe1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f9936bcdcd5fd28c0f811afc230ba3c0253ba00284673299475e3c8aa43309f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a10af4925fb7640381c6bc22a86e9f31fa1b09787e747a8f9dfa6568864114da
a10dfcf82dd45a07cab17caa3b12cd542420f2a35ad2d0361256e7b9c7f5333c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a499df836dc927b877f5d18d5ea842a4acfb55044fa4c32bb53a31728c83d622
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1be8ac8036ec31bf44d53a36ad10d85216b127c849f7ca67142c958e043dd34
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b697cec7e8a3c402de9e16bfb94405210949c450d18d657f27c4f03d19a915fe
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bdcdc615d4099dd79d4a437b12dc3656f7e643bb9a0118c2b4a6391b6cc66743
c165db5d5b3265804c6c2569ef2c5dce4ab2697759fdbd9c5363e457688be329
c4c10d40ef7724dcd828b0cf4bdec5dff7eceb5ae76fc38ca02002781d6d8fec
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d16b4d12be66bb6c3b865d7c37d5bd335f4015de3f923f281082e4abd3158d74
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d98637a1c12b32b467e6238367e35c66a1af6ee1d7cf1ec86fa8762b5e613fe3
daf6c4ff2592cba88d5e4ef8efd1f6c2d27840af0101195dd4aea7bdec3a8213
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de5ff26ce7af2425a2f936bed87f485b2adeee2894b9c17da6c7c2f1f545ea48
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
dfb416f542c3ed137ea4e44f1bf97101652d271887060f5d971bdfedd20aadda
e029a201d8fb650079023726b6644a7a6eccb791abeeb2634774e063ef286221
e1582b4c7a0cfb514b0a2802236cb99167baca86779e4b17055f171d340933c0
e3a7a908c325e84fb1b4fffa2b996f3f3ec813e08d969c382569ec075cc20aff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9563d1009491605b88a891ee8aea583d2af5342a8240cc5ad10d6e002c043b7
ed2419166bfac2307c33e6afae17887b9482da3d2336622b383262fb84f6842f
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f49d467215cf38a44d1eb059db84876d0cd69487c3535f5b9bf3c0df60a5ea33
f9b0123f24b1276cfc414dd01d9394593ec3b2ae6b197f84421d6777f7b01c5b

www.clubpremier.com Open in urlscan Pro 2606:4700::6812:9d71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

160 Requests

76 %HTTPS

28 %IPv6

64 Domains

82 Subdomains

53 IPs

8 Countries

3887 kBTransfer

10517 kBSize

110 Cookies

41 Outgoing links

Redirected requests

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.clubpremier.com Open in urlscan Pro
2606:4700::6812:9d71 Public Scan

Screenshot
Live screenshot

Full Image

160
Requests

76 %
HTTPS

28 %
IPv6

64
Domains

82
Subdomains

53
IPs

8
Countries

3887 kB
Transfer

10517 kB
Size

110
Cookies

160 HTTP transactions
2 data transactions