cibtvisas.com Open in urlscan Pro
2606:4700::6812:5af  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3443972&time=1681130285808&url=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3443972%26time%3D1681130285808%26url%3Dhttps%253A%252F%252Fcibtvisas.com%252Fglobal-visa-search%253Flogin%253D%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3443972&time=1681130285808&url=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3443972&time=1681130285808&url=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D&liSync=true&e_ipv6=AQKNvpGyoXHeGAAAAYdrLGz1uJzkIP3kZk1dIOeNtFLfsIsahm9xrMUOxLS1qVFItIa7u4ZF

Request Chain 31

• https://gum.criteo.com/sid/json?origin=onetag&domain=cibtvisas.com&sn=ChromeSyncframe&so=0&topUrl=cibtvisas.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=5kdH-HxRQlJZK09PSUdncmk0ekRsdmpIQ0JhNUhUaURja3dZWlRvUkZFbXo4WjQwWno1SXNtcytKOEtlSnVVcmtzcVVjK24rQ0xtMVozWi9WOGhSRXhraVdRLzY5cUlZa3JNeVFwN1pjN3Z4TU0zbXo2cUpGMVlLQnFoVkV6d25SSW1iMWFocVFoWXc1elVBRTd1by9CbmppeU9Ec2tPSUF2YWFaZEZsTXJOYkR3YlFWdTZCWndjQ3FPb1dGMDZjaWtXSnYwNVpCdmdCc01yTEVqR2hiNzMyZldKc0NYSHJmUWtyNTh2ZElYRW9USFVxMGY2S2NmVnpTYXpkWE9ocWNHRWhzNDRYTXVSMFFscGZ1b0tNWWRUS1lVQT09fA&cppv=2

Request Chain 35

• https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1086444938&utmhn=cibtvisas.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Global%20Visa%20Search%20%7C%20CIBTvisas&utmhid=590191189&utmr=-&utmp=%2Fglobal-visa-search%3Flogin%3D&utmht=1681130285967&utmac=UA-3428015-1&utmcc=__utma%3D6331552.376026138.1681130286.1681130286.1681130286.1%3B%2B__utmz%3D6331552.1681130286.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1814026694&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3428015-1&cid=376026138.1681130286&jid=1814026694&_v=5.7.2&z=1086444938 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3428015-1&cid=376026138.1681130286&jid=1814026694&_v=5.7.2&z=1086444938 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3428015-1&cid=376026138.1681130286&jid=1814026694&_v=5.7.2&z=1086444938&slf_rd=1&random=2602583619

Request Chain 36

• https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=880890627&utmhn=cibtvisas.com&utme=8(30725*3!Do%20Not%20Track%20Setting*5!Language)9(30725*3!Off*5!English)11(2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Global%20Visa%20Search%20%7C%20CIBTvisas&utmhid=590191189&utmr=-&utmp=%2Fglobal-visa-search%3Flogin%3D&utmht=1681130285975&utmac=UA-3428015-1&utmgtm=45He3430n81NBZ9FG7&utmcc=__utma%3D6331552.376026138.1681130286.1681130286.1681130286.1%3B%2B__utmz%3D6331552.1681130286.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=1974301618&utmredir=1&utmmt=1&utmu=q2AgAABAAAGBAAAAAgABAAAE~ HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3428015-1&cid=376026138.1681130286&jid=1974301618&_v=5.7.2&z=880890627 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3428015-1&cid=376026138.1681130286&jid=1974301618&_v=5.7.2&z=880890627 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3428015-1&cid=376026138.1681130286&jid=1974301618&_v=5.7.2&z=880890627&slf_rd=1&random=2093454118

Request Chain 38

• https://sslwidget.criteo.com/event?a=23001&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=-M3wCl93TDFyVURyWUFBV1cxZVZlRFpkNSUyQkQzRHUwSTNuazdtRiUyQkFMUDFLaTl1R2p4dnJud0xmQmFMU3RGRk9HeWt4V1glMkZRaFlDdWVObDNnRjB1bDNyV2JXZmhHR2xybnYlMkY5aE56NGphakMlMkZwUmp3cUluQ0JDMWZRZFI1WllaejExQ3NFSWIlMkZGT05KQWkwTWpQdyUyQlNaTFJFUSUzRCUzRA&tld=cibtvisas.com&fu=https%253A%252F%252Fcibtvisas.com%252Fglobal-visa-search%253Flogin%253D&ceid=713b3be7-813f-485c-a815-dffe0e22e680&dtycbr=45739 HTTP 302
• https://widget.us.criteo.com/event?a=23001&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=-M3wCl93TDFyVURyWUFBV1cxZVZlRFpkNSUyQkQzRHUwSTNuazdtRiUyQkFMUDFLaTl1R2p4dnJud0xmQmFMU3RGRk9HeWt4V1glMkZRaFlDdWVObDNnRjB1bDNyV2JXZmhHR2xybnYlMkY5aE56NGphakMlMkZwUmp3cUluQ0JDMWZRZFI1WllaejExQ3NFSWIlMkZGT05KQWkwTWpQdyUyQlNaTFJFUSUzRCUzRA&tld=cibtvisas.com&fu=https%253A%252F%252Fcibtvisas.com%252Fglobal-visa-search%253Flogin%253D&ceid=713b3be7-813f-485c-a815-dffe0e22e680&dtycbr=45739

Request Chain 47

• https://x.bidswitch.net/sync?dsp_id=46&user_id=k-pt27sPUY3rfMzwZK_0dRRmIdG-Uposeh0RdUjA&expires=30 HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-pt27sPUY3rfMzwZK_0dRRmIdG-Uposeh0RdUjA&expires=30

Request Chain 48

• https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-FBgVivUY3rfMzwZK_0dRRmIdG-XcuqnnQwSLtQ&google_cm&google_hm=ay1GQmdWaXZVWTNyZk16d1pLXzBkUlJtSWRHLVhjdXFublF3U0x0UQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-FBgVivUY3rfMzwZK_0dRRmIdG-XcuqnnQwSLtQ&google_cm=&google_hm=ay1GQmdWaXZVWTNyZk16d1pLXzBkUlJtSWRHLVhjdXFublF3U0x0UQ&google_tc= HTTP 302
• https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-FBgVivUY3rfMzwZK_0dRRmIdG-XcuqnnQwSLtQ&google_gid=CAESEDGoP4Yjz_-S0kpSpLBXR4Y&google_cver=1&google_ula=913071,0

Request Chain 49

• https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
• https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8880886766342474171

Request Chain 50

• https://secure.adnxs.com/setuid?entity=52&code=k-6jXhYvUY3rfMzwZK_0dRRmIdG-VntXTMwbIOqg HTTP 307
• https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-6jXhYvUY3rfMzwZK_0dRRmIdG-VntXTMwbIOqg

Request Chain 58

• https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-y-79l_UY3rfMzwZK_0dRRmIdG-WWVRK4UJfBtw HTTP 302
• https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-y-79l_UY3rfMzwZK_0dRRmIdG-WWVRK4UJfBtw&verify=true

Request Chain 61

• https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-HAXs_fUY3rfMzwZK_0dRRmIdG-UAitW0dn-cgw HTTP 302
• https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-HAXs_fUY3rfMzwZK_0dRRmIdG-UAitW0dn-cgw&C=1

Request Chain 62

• https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
• https://dpm.demdex.net/ibs:dpid=28645&dpuuid=2ft8f4r_11r3tNhbDGKBAZ6xpgNhKS17 HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=2ft8f4r_11r3tNhbDGKBAZ6xpgNhKS17

Request Chain 64

• https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-GrFd_PUY3rfMzwZK_0dRRmIdG-XnlFARaaSSyA HTTP 302
• https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-GrFd_PUY3rfMzwZK_0dRRmIdG-XnlFARaaSSyA

Request Chain 76

• https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
• https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=MMSV6Aqpx8UKuyIffzH3uHn7Pn657OWV

Request Chain 80

• https://aorta.clickagy.com/pixel.gif?clkgypv=jstag&ws=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzphNjEyMjlhYzMyNDNlMWRlZWI2YWMwMzNmMzE0ODU5ZA HTTP 302
• https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEMy7aoY_HIvUINj7_3g2iSc&google_cver=1 HTTP 302
• https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:a61229ac3243e1deeb6ac033f314859d&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D HTTP 302
• https://d.agkn.com/pixel/10751/?che=1681130287795&ip=185.213.155.143&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D219833204482002274557 HTTP 302
• https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=219833204482002274557 HTTP 302
• https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D

Request Chain 85

• https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
• https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Jf7koMG2GOiim6QJSo6q1ae1iMmvkN8z

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request global-visa-search Show response cibtvisas.com/	367 KB 28 KB	794ms 742ms	Document text/html	2606:4700::6812:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e73f312eee8c68f80e6959157576ff8960e0ee6c68be7e7ac2d3f53245b17ab3 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 7b5b0b763e693a90-FRA content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 10 Apr 2023 12:38:05 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server cloudflare strict-transport-security max-age=15724800; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	all.min.css cibtvisas.com/resources/CIBT/eng/css/	271 KB 51 KB	30ms 25ms	Stylesheet text/css	2606:4700::6812:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cibtvisas.com/resources/CIBT/eng/css/all.min.css?ver=1680805680 Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9072e328f9ae0974a7e1bf9dad92951c1f11928028f8d49b8b7abc424ed09dad Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/global-visa-search?login= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:05 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 310418 content-length 52131 x-xss-protection 1; mode=block last-modified Thu, 06 Apr 2023 18:25:45 GMT server cloudflare vary Accept-Encoding content-type text/css cache-control public, max-age=1814400 accept-ranges bytes cf-ray 7b5b0b7afc873a90-FRA expires Mon, 01 May 2023 12:38:05 GMT
GET H2	200	css fonts.googleapis.com/	9 KB 1 KB	143ms 48ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 20ec5270c15ec4e3c1b76ace9a9fc5a4a40584474bb6aca2ad50a8f198b7067d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 10 Apr 2023 12:38:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 10 Apr 2023 12:36:34 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 10 Apr 2023 12:38:05 GMT
GET H2	200	font-awesome.min.css cibtvisas.com/fonts/	30 KB 7 KB	42ms 38ms	Stylesheet text/css	2606:4700::6812:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cibtvisas.com/fonts/font-awesome.min.css Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/global-visa-search?login= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:05 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 447708 content-length 7053 x-xss-protection 1; mode=block last-modified Wed, 29 Mar 2023 08:13:14 GMT server cloudflare vary Accept-Encoding content-type text/css cache-control public, max-age=1814400 accept-ranges bytes cf-ray 7b5b0b7afc883a90-FRA expires Mon, 01 May 2023 12:38:05 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.6.0/	87 KB 31 KB	126ms 39ms	Script text/javascript	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 08 Apr 2023 14:16:51 GMT content-encoding gzip x-content-type-options nosniff age 166874 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31017 x-xss-protection 0 last-modified Wed, 10 Mar 2021 14:28:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 07 Apr 2024 14:16:51 GMT
GET H2	200	all.min.js Show response cibtvisas.com/resources/js/	300 KB 71 KB	43ms 40ms	Script application/javascript	2606:4700::6812:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cibtvisas.com/resources/js/all.min.js?ver=1680805680 Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b65ad74dabec9c137c498dcb917a7851ebe3b5bc8c97284e3c9f490a86df07c Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/global-visa-search?login= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:05 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip x-content-type-options nosniff last-modified Thu, 06 Apr 2023 18:25:45 GMT server cloudflare cf-cache-status HIT age 310395 vary Accept-Encoding content-type application/javascript cache-control public, max-age=1814400 cf-ray 7b5b0b7afc893a90-FRA x-xss-protection 1; mode=block expires Mon, 01 May 2023 12:38:05 GMT
GET H2	200	bootstrap.min.js Show response cibtvisas.com/resources/js/	39 KB 11 KB	41ms 39ms	Script application/javascript	2606:4700::6812:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cibtvisas.com/resources/js/bootstrap.min.js Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/global-visa-search?login= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:05 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 1488826 content-length 10940 x-xss-protection 1; mode=block last-modified Fri, 24 Feb 2023 15:36:29 GMT server cloudflare vary Accept-Encoding content-type application/javascript cache-control public, max-age=1814400 accept-ranges bytes cf-ray 7b5b0b7afc8a3a90-FRA expires Mon, 01 May 2023 12:38:05 GMT
GET H2	200	cibt-visas-logo2.png cibtvisas.com/resources/CIBT/eng/images/common/	5 KB 5 KB	37ms 36ms	Image image/png	2606:4700::6812:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cibtvisas.com/resources/CIBT/eng/images/common/cibt-visas-logo2.png Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 969906bcbe527c9f8a20dd41fb0e8cdb9710ab85c4928ee7b40d1239fc7fa361 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/global-visa-search?login= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:05 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT last-modified Wed, 29 Mar 2023 08:13:14 GMT server cloudflare age 439048 vary Accept-Encoding content-type image/png cache-control public, max-age=1814400 accept-ranges bytes cf-ray 7b5b0b7bdd8e3a90-FRA content-length 5160 x-xss-protection 1; mode=block expires Mon, 01 May 2023 12:38:05 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	506 KB 97 KB	166ms 65ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NBZ9FG7 Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e42c376a1ed962ca9e3fe814b5c4a785c4c05295e6af05df88a00bd0394de8fb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:05 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 98434 x-xss-protection 0 last-modified Mon, 10 Apr 2023 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 10 Apr 2023 12:38:05 GMT
GET H2	200	loading-red.gif cibtvisas.com/resources/CIBT/eng/images/css/	11 KB 11 KB	35ms 35ms	Image image/gif	2606:4700::6812:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cibtvisas.com/resources/CIBT/eng/images/css/loading-red.gif Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e2e31d64a53c06ee7076e71b5f5dc7e298e4686c2f39e766250d88717eb7dbad Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/global-visa-search?login= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:05 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT last-modified Wed, 29 Mar 2023 08:13:14 GMT server cloudflare age 439048 vary Accept-Encoding content-type image/gif cache-control public, max-age=1814400 accept-ranges bytes cf-ray 7b5b0b7c1df03a90-FRA content-length 10819 x-xss-protection 1; mode=block expires Mon, 01 May 2023 12:38:05 GMT
GET H2	200	ld.js Show response static.criteo.net/js/ld/	44 KB 15 KB	92ms 40ms	Script text/javascript	2a02:2638:d::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/ld.js Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 6d1eadaea40a2f254cd8467e61254c36f506788d237ab6cb64cb575a5b7aab0a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:05 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 30 Mar 2023 09:08:39 GMT server nginx etag W/"64255197-aff6" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 11 Apr 2023 12:38:05 GMT
GET H2	200	fontawesome-webfont.woff2 cibtvisas.com/fonts/	75 KB 75 KB	37ms 35ms	Font text/plain	2606:4700::6812:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cibtvisas.com/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: cibtvisas.com URL: https://cibtvisas.com/fonts/font-awesome.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42736c7de60dfab94b3cc902b8692f80cfeb0a5989d1d51db1d25fd7d18dc45b Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cibtvisas.com/fonts/font-awesome.min.css Origin https://cibtvisas.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:05 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT last-modified Wed, 29 Mar 2023 08:13:14 GMT server cloudflare age 439048 vary Accept-Encoding cache-control public, max-age=1814400 accept-ranges bytes cf-ray 7b5b0b7c5e353a90-FRA content-length 77160 x-xss-protection 1; mode=block expires Mon, 01 May 2023 12:38:05 GMT
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v21/	13 KB 13 KB	193ms 89ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://cibtvisas.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 04 Apr 2023 10:32:57 GMT x-content-type-options nosniff age 525908 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13036 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:04:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 03 Apr 2024 10:32:57 GMT
GET H2	200	SourceSansPro-Black.otf cibtvisas.com/fonts/	229 KB 128 KB	28ms 26ms	Font application/font-sfnt	2606:4700::6812:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cibtvisas.com/fonts/SourceSansPro-Black.otf Requested by Host: cibtvisas.com URL: https://cibtvisas.com/resources/CIBT/eng/css/all.min.css?ver=1680805680 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e447cd47a62874dc94d6ab97a84dbeb7f2f0aba3e490b9f0128b6c8399a96f37 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cibtvisas.com/resources/CIBT/eng/css/all.min.css?ver=1680805680 Origin https://cibtvisas.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:05 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT last-modified Wed, 29 Mar 2023 08:13:14 GMT server cloudflare age 439048 vary Accept-Encoding content-type application/font-sfnt content-encoding gzip cache-control public, max-age=1814400 cf-ray 7b5b0b7c5e383a90-FRA x-xss-protection 1; mode=block expires Mon, 01 May 2023 12:38:05 GMT
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v21/	13 KB 13 KB	141ms 39ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://cibtvisas.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 04 Apr 2023 10:32:12 GMT x-content-type-options nosniff age 525953 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12924 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:02:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 03 Apr 2024 10:32:12 GMT
GET H2	200	american-passport-tourists.jpg cibtvisas.com/resources/CIBT/eng/filemanager/Marketing/2019/	527 KB 528 KB	27ms 27ms	Image image/jpeg	2606:4700::6812:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cibtvisas.com/resources/CIBT/eng/filemanager/Marketing/2019/american-passport-tourists.jpg Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63095198845d54a542457c074c2f02293b6923a69a1fff49a783c6671675f633 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/global-visa-search?login= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:05 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT age 7232 content-length 539777 x-xss-protection 1; mode=block cf-bgj h2pri last-modified Fri, 28 Oct 2022 16:03:16 GMT server cloudflare vary Accept-Encoding content-type image/jpeg cache-control public, max-age=1814400 accept-ranges bytes cf-ray 7b5b0b7c7e533a90-FRA expires Mon, 01 May 2023 12:38:05 GMT
GET H2	200	ajax.ckCheck.php Show response cibtvisas.com/ajax/	1 B 81 B	118ms 117ms	XHR text/html	2606:4700::6812:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cibtvisas.com/ajax/ajax.ckCheck.php?check=cktest Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept */* Referer https://cibtvisas.com/global-visa-search?login= X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:05 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding gzip server cloudflare content-type text/html; charset=UTF-8 cf-ray 7b5b0b7cbe993a90-FRA x-xss-protection 1; mode=block
GET H2	200	syncframe Show response gum.criteo.com/ Frame 2BFF	15 KB 6 KB	53ms 21ms	Document text/html	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?topUrl=cibtvisas.com&origin=onetag Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/ld.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://cibtvisas.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 10 Apr 2023 12:38:05 GMT server Kestrel server-processing-duration-in-ticks 394908 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	ga.js Show response ssl.google-analytics.com/	45 KB 17 KB	128ms 37ms	Script text/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.google-analytics.com/ga.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBZ9FG7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 10 Apr 2023 12:05:12 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 1973 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17168 expires Mon, 10 Apr 2023 14:05:12 GMT
GET H2	200	bat.js Show response bat.bing.com/	40 KB 12 KB	82ms 33ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBZ9FG7 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Mon, 10 Apr 2023 12:38:05 GMT last-modified Thu, 16 Feb 2023 18:31:53 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 99FCE7C64CA64E08B1FA472DA9248127 Ref B: FRAEDGE2009 Ref C: 2023-04-10T12:38:05Z etag "8072cff03442d91:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 11894
GET H2	200	hotjar-597275.js Show response static.hotjar.com/c/	13 KB 5 KB	62ms 9ms	Script application/javascript	18.66.97.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-597275.js?sv=6 Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-53.fra56.r.cloudfront.net Software / Resource Hash c6b2942fe1a03283ead83b4a7e8ec8264cc168e200b9abebc2fcc2d93ab6b2b3 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Mon, 10 Apr 2023 12:37:31 GMT via 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 35 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin etag W/4d32970ba97f6a2e338c70608c189bd3 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 x-amz-cf-id 1rSFMvVXxZ856A_nMAui1CZX6B3o5ryqGa4Uw6azul5oHD44w9J1JA==
GET H2	200	up.js Show response up.pixel.ad/assets/	3 KB 2 KB	129ms 15ms	Script application/javascript	178.79.242.181 LLNW
General Check archive.org Show headers Download Go to Full URL https://up.pixel.ad/assets/up.js?um=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBZ9FG7 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US), Reverse DNS https-178-79-242-181.fra.llnw.net Software AC1.1 / Resource Hash 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:05 GMT content-encoding gzip last-modified Wed, 16 Mar 2022 16:22:21 GMT server AC1.1 age 245201 vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1550 x-llid dab798033c80b8d7cecfdca347192b33
GET H2	200	js Show response www.googletagmanager.com/gtag/	243 KB 82 KB	47ms 46ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-BGRN721V1R&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBZ9FG7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e4ad02db0aba3c517fd9f442129bbcee82c8c502ea2112ac21e32480273e28cd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:05 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 84152 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 10 Apr 2023 12:38:05 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	13 KB 5 KB	44ms 7ms	Script application/x-javascript	2a02:26f0:3500:16::215:148d AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:05 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 10 Jan 2023 17:22:56 GMT x-cdn AKAM vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=15342 accept-ranges bytes content-length 4777
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	107 KB 28 KB	46ms 7ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 10 Apr 2023 12:38:05 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27909 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug i6+sS/hsWDjaIV9rPf6EyxIDM5bnHarTNmhQChqG6RDWxiEjkXz0vbg3ZdIuZtNH/iLhZtzJEynnffTNSG+8Vg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 686109401 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	SourceSansPro-Semibold.otf cibtvisas.com/fonts/	227 KB 130 KB	35ms 35ms	Font application/font-sfnt	2606:4700::6812:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cibtvisas.com/fonts/SourceSansPro-Semibold.otf Requested by Host: cibtvisas.com URL: https://cibtvisas.com/resources/CIBT/eng/css/all.min.css?ver=1680805680 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee3ba5c88400b22b880d85202ce82143dc5e19861bf7880b7f4c32d4263e96d5 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cibtvisas.com/resources/CIBT/eng/css/all.min.css?ver=1680805680 Origin https://cibtvisas.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:05 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT last-modified Wed, 29 Mar 2023 08:13:14 GMT server cloudflare age 449637 vary Accept-Encoding content-type application/font-sfnt content-encoding gzip cache-control public, max-age=1814400 cf-ray 7b5b0b7df8383a90-FRA x-xss-protection 1; mode=block expires Mon, 01 May 2023 12:38:05 GMT
GET H2	200	modules.69d367ac7af64e17f043.js Show response script.hotjar.com/	263 KB 68 KB	40ms 7ms	Script application/javascript	52.222.236.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.69d367ac7af64e17f043.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-597275.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.63 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-63.fra56.r.cloudfront.net Software / Resource Hash 0b5f60f812c72089312d5a443a3b9165bf3c5f15db67cbd09946a5bcff7f3c58 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 11:07:07 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 age 264658 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 68692 last-modified Fri, 07 Apr 2023 11:06:19 GMT etag "651be8c2e059394adc426f9d403421d8" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id DGlYt3NdMzeHTviAUi0qHh0xed1dn8Emtfm0LytYbBDTHLKYi2P2JA==
GET H2	200	token Show response cdn.linkedin.oribi.io/partner/3443972/domain/cibtvisas.com/	36 B 375 B	67ms 8ms	XHR application/json	2600:9000:20eb:da00:2:53b2:240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.linkedin.oribi.io/partner/3443972/domain/cibtvisas.com/token Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:da00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89 Request headers Accept * Referer https://cibtvisas.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:02:04 GMT content-encoding gzip via 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 age 2160 vary accept-encoding x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control public, max-age=15878 x-amz-cf-id lLKsqTWpaLI9lj6wEBuo3AeVS34Kg2vLkomAHmpA5UfuoUaXJ5mn2A==
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3443972&time=1681130285808&url=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3443972%26time%3D1681130285808%26url%3Dhttps%253A%252F%252Fcibtvisas.com%252Fglob... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3443972&time=1681130285808&url=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3443972&time=1681130285808&url=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D&liSync=true&e_ipv6=AQKNvpGyoXHeGAAAAYdrLGz1uJzkIP3kZk1...	0 266 B	214ms 179ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3443972&time=1681130285808&url=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D&liSync=true&e_ipv6=AQKNvpGyoXHeGAAAAYdrLGz1uJzkIP3kZk1dIOeNtFLfsIsahm9xrMUOxLS1qVFItIa7u4ZF Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:05 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 6E352D9763EB43A7BAD42EC3F4A4C358 Ref B: FRAEDGE1320 Ref C: 2023-04-10T12:38:06Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lor1 x-li-proto http/2 content-length 0 x-li-uuid AAX4+qWMxykDS/nAkMtoIw== Redirect headers date Mon, 10 Apr 2023 12:38:05 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 6FCBD5CC61984E31866F950D608D09ED Ref B: FRAEDGE1512 Ref C: 2023-04-10T12:38:06Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3443972&time=1681130285808&url=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D&liSync=true&e_ipv6=AQKNvpGyoXHeGAAAAYdrLGz1uJzkIP3kZk1dIOeNtFLfsIsahm9xrMUOxLS1qVFItIa7u4ZF x-li-proto http/2 content-length 0 x-li-uuid AAX4+qWJZVrDyP7VbBa2pw==
GET H2	200	token Show response cdn.linkedin.oribi.io/partner/3443972/domain/cibtvisas.com/	36 B 376 B	66ms 9ms	XHR application/json	2600:9000:20eb:da00:2:53b2:240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.linkedin.oribi.io/partner/3443972/domain/cibtvisas.com/token Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:da00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89 Request headers Accept * Referer https://cibtvisas.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:02:04 GMT content-encoding gzip via 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 age 2160 vary accept-encoding x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control public, max-age=15878 x-amz-cf-id QhbHkKvnMxOM0JG4dN_fDCPSSKHyju9cvYYC-oOf4Ax7K_YCkkjlMw==
GET H2	200	404769754613765 Show response connect.facebook.net/signals/config/	378 KB 108 KB	10ms 9ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/404769754613765?v=2.9.100&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c48e20b02df9d7adaa6aef0257c6b6b615b323905f3bc254839e6d4c352d23c6 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 10 Apr 2023 12:38:05 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 110507 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug oYG+bARtDCLyIRCNf5EPd2A5TWxnnxXg6r7Tz3uN+VsrgmxOlwfFV/kieuILT82gnXmQQp87C9v4nVbcgxwIaQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 686109401 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 252 B	61ms 30ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-BGRN721V1R&gtm=45je3430&_p=590191189&cid=376026138.1681130286&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681130285&sct=1&seg=0&dl=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D&dt=Global%20Visa%20Search%20%7C%20CIBTvisas&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-BGRN721V1R&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Mon, 10 Apr 2023 12:38:05 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cibtvisas.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sid Show response mug.criteo.com/ Frame 2BFF Redirect Chain https://gum.criteo.com/sid/json?origin=onetag&domain=cibtvisas.com&sn=ChromeSyncframe&so=0&topUrl=cibtvisas.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=5kdH-HxRQlJZK09PSUdncmk0ekRsdmpIQ0JhNUhUaURja3dZWlRvUkZFbXo4WjQwWno1SXNtcytKOEtlSnVVcmtzcVVjK24rQ0xtMVozWi9WOGhSRXhraVdRLzY5cUlZa3JNeVFwN1pjN3Z4TU0zbXo2cUpGMVlLQnFoVk...	436 B 658 B	86ms 20ms	Fetch application/json	178.250.7.13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=5kdH-HxRQlJZK09PSUdncmk0ekRsdmpIQ0JhNUhUaURja3dZWlRvUkZFbXo4WjQwWno1SXNtcytKOEtlSnVVcmtzcVVjK24rQ0xtMVozWi9WOGhSRXhraVdRLzY5cUlZa3JNeVFwN1pjN3Z4TU0zbXo2cUpGMVlLQnFoVkV6d25SSW1iMWFocVFoWXc1elVBRTd1by9CbmppeU9Ec2tPSUF2YWFaZEZsTXJOYkR3YlFWdTZCWndjQ3FPb1dGMDZjaWtXSnYwNVpCdmdCc01yTEVqR2hiNzMyZldKc0NYSHJmUWtyNTh2ZElYRW9USFVxMGY2S2NmVnpTYXpkWE9ocWNHRWhzNDRYTXVSMFFscGZ1b0tNWWRUS1lVQT09fA&cppv=2 Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Server 178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash d08d34f173c704f6dced50a3e1a6e1f6a035b6482a41adfaf0e1bc8811bc44cc Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Mon, 10 Apr 2023 12:38:05 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2568426 expires 0 Redirect headers pragma no-cache date Mon, 10 Apr 2023 12:38:05 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=5kdH-HxRQlJZK09PSUdncmk0ekRsdmpIQ0JhNUhUaURja3dZWlRvUkZFbXo4WjQwWno1SXNtcytKOEtlSnVVcmtzcVVjK24rQ0xtMVozWi9WOGhSRXhraVdRLzY5cUlZa3JNeVFwN1pjN3Z4TU0zbXo2cUpGMVlLQnFoVkV6d25SSW1iMWFocVFoWXc1elVBRTd1by9CbmppeU9Ec2tPSUF2YWFaZEZsTXJOYkR3YlFWdTZCWndjQ3FPb1dGMDZjaWtXSnYwNVpCdmdCc01yTEVqR2hiNzMyZldKc0NYSHJmUWtyNTh2ZElYRW9USFVxMGY2S2NmVnpTYXpkWE9ocWNHRWhzNDRYTXVSMFFscGZ1b0tNWWRUS1lVQT09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 508541 content-length 0 expires 0
GET H2	204	4076826.js Show response bat.bing.com/p/action/	0 117 B	104ms 104ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/4076826.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Mon, 10 Apr 2023 12:38:05 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: A2659E7EAC1743219E2984AAE51B78CC Ref B: FRAEDGE2009 Ref C: 2023-04-10T12:38:05Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 286 B	35ms 34ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=4076826&tm=gtm002&Ver=2&mid=7b17a657-192d-43f7-b62c-84ac5667122c&sid=8aa47a00d79c11eda1a33ba4b1f7a33f&vid=8aa489c0d79c11eda11f2bc25d0f9673&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Global%20Visa%20Search%20%7C%20CIBTvisas&p=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D&r=&lt=1062&evt=pageLoad&sv=1&rn=963073 Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 10 Apr 2023 12:38:05 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: D3432F81B8714965877FA44E904C3582 Ref B: FRAEDGE2009 Ref C: 2023-04-10T12:38:05Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	27ms 9ms	Image text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=404769754613765&ev=PageView&dl=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D&rl=&if=false&ts=1681130285948&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1681130285947.495869216&it=1681130285819&coo=false&rqm=GET Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Mon, 10 Apr 2023 12:38:05 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	ga-audiences www.google.de/ads/ Redirect Chain https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1086444938&utmhn=cibtvisas.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Global... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3428015-1&cid=376026138.1681130286&jid=1814026694&_v=5.7.2&z=1086444938 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3428015-1&cid=376026138.1681130286&jid=1814026694&_v=5.7.2&z=1086444938 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3428015-1&cid=376026138.1681130286&jid=1814026694&_v=5.7.2&z=1086444938&slf_rd=1&random=2602583619	42 B 107 B	171ms 81ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3428015-1&cid=376026138.1681130286&jid=1814026694&_v=5.7.2&z=1086444938&slf_rd=1&random=2602583619 Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Mon, 10 Apr 2023 12:38:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 10 Apr 2023 12:38:06 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3428015-1&cid=376026138.1681130286&jid=1814026694&_v=5.7.2&z=1086444938&slf_rd=1&random=2602583619 content-type text/html; charset=UTF-8 cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/ Redirect Chain https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=880890627&utmhn=cibtvisas.com&utme=8(30725*3!Do%20Not%20Track%20Setting*5!Language)9(30725*3!Off*5!English)11(2)&utmcs=UTF-8&utm... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3428015-1&cid=376026138.1681130286&jid=1974301618&_v=5.7.2&z=880890627 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3428015-1&cid=376026138.1681130286&jid=1974301618&_v=5.7.2&z=880890627 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3428015-1&cid=376026138.1681130286&jid=1974301618&_v=5.7.2&z=880890627&slf_rd=1&random=2093454118	42 B 408 B	174ms 65ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3428015-1&cid=376026138.1681130286&jid=1974301618&_v=5.7.2&z=880890627&slf_rd=1&random=2093454118 Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Mon, 10 Apr 2023 12:38:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 10 Apr 2023 12:38:06 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3428015-1&cid=376026138.1681130286&jid=1974301618&_v=5.7.2&z=880890627&slf_rd=1&random=2093454118 content-type text/html; charset=UTF-8 cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	__utm.gif ssl.google-analytics.com/r/	35 B 110 B	54ms 53ms	Image image/gif	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=3&utmn=226655022&utmhn=cibtvisas.com&utme=8(30725*3!Do%20Not%20Track%20Setting*5!Language)9(30725*3!Off*5!English)11(2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Global%20Visa%20Search%20%7C%20CIBTvisas&utmhid=590191189&utmr=-&utmp=%2Fglobal-visa-search%3Flogin%3D&utmht=1681130285981&utmac=UA-45502077-1&utmgtm=45He3430n81NBZ9FG7&utmcc=__utma%3D6331552.376026138.1681130286.1681130286.1681130286.1%3B%2B__utmz%3D6331552.1681130286.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=805144285&utmredir=1&utmmt=1&utmu=q2AgAABAAAGBAAAAAgABAAAE~ Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Mon, 10 Apr 2023 12:38:06 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	event Show response widget.us.criteo.com/ Redirect Chain https://sslwidget.criteo.com/event?a=23001&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=-M3wCl93TDFyVURyWUFBV1cxZVZlRFpkNSUyQkQzRHUwSTNuazdtRiUyQkFMUDFLaTl1R2p4dnJud0xmQmF... https://widget.us.criteo.com/event?a=23001&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=-M3wCl93TDFyVURyWUFBV1cxZVZlRFpkNSUyQkQzRHUwSTNuazdtRiUyQkFMUDFLaTl1R2p4dnJud0xmQmF...	8 KB 4 KB	385ms 108ms	Script application/x-javascript	74.119.119.150 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://widget.us.criteo.com/event?a=23001&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=-M3wCl93TDFyVURyWUFBV1cxZVZlRFpkNSUyQkQzRHUwSTNuazdtRiUyQkFMUDFLaTl1R2p4dnJud0xmQmFMU3RGRk9HeWt4V1glMkZRaFlDdWVObDNnRjB1bDNyV2JXZmhHR2xybnYlMkY5aE56NGphakMlMkZwUmp3cUluQ0JDMWZRZFI1WllaejExQ3NFSWIlMkZGT05KQWkwTWpQdyUyQlNaTFJFUSUzRCUzRA&tld=cibtvisas.com&fu=https%253A%252F%252Fcibtvisas.com%252Fglobal-visa-search%253Flogin%253D&ceid=713b3be7-813f-485c-a815-dffe0e22e680&dtycbr=45739 Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Server 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 2b46744662ad597643c57ae56d3889f510bc3fa7028bfc96e6f0c2ab5fd5e913 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Mon, 10 Apr 2023 12:38:06 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; server Kestrel content-type application/x-javascript access-control-allow-origin * p3p NON DSP COR CURa PSA PSD OUR BUS NAV STA cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 15899489 timing-allow-origin * expires 0 Redirect headers pragma no-cache date Mon, 10 Apr 2023 12:38:06 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; server Kestrel location https://widget.us.criteo.com/event?a=23001&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=-M3wCl93TDFyVURyWUFBV1cxZVZlRFpkNSUyQkQzRHUwSTNuazdtRiUyQkFMUDFLaTl1R2p4dnJud0xmQmFMU3RGRk9HeWt4V1glMkZRaFlDdWVObDNnRjB1bDNyV2JXZmhHR2xybnYlMkY5aE56NGphakMlMkZwUmp3cUluQ0JDMWZRZFI1WllaejExQ3NFSWIlMkZGT05KQWkwTWpQdyUyQlNaTFJFUSUzRCUzRA&tld=cibtvisas.com&fu=https%253A%252F%252Fcibtvisas.com%252Fglobal-visa-search%253Flogin%253D&ceid=713b3be7-813f-485c-a815-dffe0e22e680&dtycbr=45739 access-control-allow-origin * cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 6031938 timing-allow-origin * content-length 0 expires 0
GET H2	204	asyncPixelSync pixel.sitescout.com/dmp/ Frame D0EB	0 0	57ms 13ms	Document text/plain	98.98.134.242 ZEN-ECN
General Check archive.org Show headers Download Go to Full URL https://pixel.sitescout.com/dmp/asyncPixelSync Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US), Reverse DNS Software AC1.1 / Resource Hash Request headers Referer https://cibtvisas.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=0,no-cache,no-store date Mon, 10 Apr 2023 12:38:06 GMT expires Tue, 11 Oct 1977 12:34:56 GMT p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" pragma no-cache server AC1.1
GET H2	200	eaafec3c4c6b62b1 pixel.sitescout.com/up/	43 B 267 B	58ms 14ms	Image image/gif	98.98.134.242 ZEN-ECN
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.sitescout.com/up/eaafec3c4c6b62b1?cntr_url=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US), Reverse DNS Software AC1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Mon, 10 Apr 2023 12:38:06 GMT server AC1.1 content-type image/gif p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" cache-control max-age=0,no-cache,no-store content-length 43 expires Tue, 11 Oct 1977 12:34:56 GMT
GET H/1.1	200 OK	pd.js Show response pi.pardot.com/	5 KB 2 KB	346ms 107ms	Script application/javascript	3.92.120.28 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pi.pardot.com/pd.js Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-92-120-28.compute-1.amazonaws.com Software PardotServer / Resource Hash c5dccba71d1b49a8f5d31e5510802df10f32293700cd111ac4a319a011326ef8 Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Mon, 10 Apr 2023 12:38:06 GMT content-encoding gzip X-Pardot-Route 16b0ab393667a33fe86adedc3141e88c last-modified Fri, 07 Apr 2023 05:28:19 GMT Server PardotServer etag "15f2-gzip" vary Accept-Encoding,User-Agent Content-Type application/javascript cache-control max-age=63072000 Connection keep-alive accept-ranges bytes Content-Length 1989 expires Wed, 09 Apr 2025 12:38:06 GMT
POST H2	200	ajax.convertTest.php Show response cibtvisas.com/ajax/	0 97 B	113ms 113ms	XHR text/html	2606:4700::6812:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cibtvisas.com/ajax/ajax.convertTest.php Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept */* Referer https://cibtvisas.com/global-visa-search?login= X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:06 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding gzip server cloudflare content-type text/html; charset=UTF-8 cf-ray 7b5b0b838fa63a90-FRA x-xss-protection 1; mode=block
GET H2	200	bat.js Show response bat.bing.com/	40 KB 12 KB	32ms 32ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Mon, 10 Apr 2023 12:38:05 GMT last-modified Thu, 16 Feb 2023 18:31:53 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: CA5305F73E894FA5A616193DEDF47C94 Ref B: FRAEDGE2009 Ref C: 2023-04-10T12:38:06Z etag "8072cff03442d91:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 11894
GET H2	200	quantum-cibtglobal.js Show response cdn.quantummetric.com/qscripts/	243 KB 76 KB	63ms 30ms	Script text/javascript	2606:4700:10::6816:34fc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.quantummetric.com/qscripts/quantum-cibtglobal.js Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:34fc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b8a853b161f4e3419f1bf3b2397e6abe5c9221a1aea2e474fbd9f282184136d5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options no-sniff Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:06 GMT strict-transport-security max-age=31536000 x-content-type-options no-sniff cf-cache-status HIT content-encoding br server cloudflare age 228 etag W/"167993915909316807074743561681113603003" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600 cf-ray 7b5b0b83c9af6977-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	63f7919cff88320bcff97141 Show response ws.zoominfo.com/pixel/	4 KB 3 KB	307ms 271ms	Script text/javascript	2606:4700::6810:a852 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/63f7919cff88320bcff97141 Requested by Host: cibtvisas.com URL: https://cibtvisas.com/global-visa-search?login= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash c7d3a661f5b463f36a193fd7a0edaa1a2a6208749fb940b932bcb61fafef8a4b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/global-visa-search?login= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:06 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 google server cloudflare x-powered-by Express vary Accept-Encoding content-type text/javascript access-control-allow-origin * access-control-allow-credentials true cf-ray 7b5b0b83cd7e8fd6-FRA access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	js Show response www.googletagmanager.com/gtag/	243 KB 82 KB	54ms 54ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-4VPL2KCH37&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBZ9FG7 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 480456023848a55518c06b7536a5c90e1e4a42e6734a40405e69dd27856f9a92 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:06 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 84191 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 10 Apr 2023 12:38:06 GMT
GET H2	200	sync x.bidswitch.net/ul_cb/ Frame B63D Redirect Chain https://x.bidswitch.net/sync?dsp_id=46&user_id=k-pt27sPUY3rfMzwZK_0dRRmIdG-Uposeh0RdUjA&expires=30 https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-pt27sPUY3rfMzwZK_0dRRmIdG-Uposeh0RdUjA&expires=30	43 B 344 B	10ms 10ms	Image image/gif	3.64.167.250 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-pt27sPUY3rfMzwZK_0dRRmIdG-Uposeh0RdUjA&expires=30 Protocol H2 Server 3.64.167.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-64-167-250.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:06 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif Redirect headers location https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-pt27sPUY3rfMzwZK_0dRRmIdG-Uposeh0RdUjA&expires=30 date Mon, 10 Apr 2023 12:38:06 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	cookiematch.aspx dis.criteo.com/dis/rtb/google/ Frame B63D Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-FBgVivUY3rfMzwZK_0dRRmIdG-XcuqnnQwSLtQ&google_cm&google_hm=ay1GQmdWaXZVWTNyZk16d1pLXzBkUlJtSWRHLVhjdXFub... https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-FBgVivUY3rfMzwZK_0dRRmIdG-XcuqnnQwSLtQ&google_cm=&google_hm=ay1GQmdWaXZVWTNyZk16d1pLXzBkUlJtSWRHLVhjdXF... https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-FBgVivUY3rfMzwZK_0dRRmIdG-XcuqnnQwSLtQ&google_gid=CAESEDGoP4Yjz_-S0kpSpLBXR4Y&google_cver=1&google_ula=913071,0	43 B 369 B	15ms 15ms	Image image/gif	178.250.1.9 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-FBgVivUY3rfMzwZK_0dRRmIdG-XcuqnnQwSLtQ&google_gid=CAESEDGoP4Yjz_-S0kpSpLBXR4Y&google_cver=1&google_ula=913071,0 Protocol H2 Server 178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Mon, 10 Apr 2023 12:38:06 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA' content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 725221 timing-allow-origin * expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Mon, 10 Apr 2023 12:38:06 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-FBgVivUY3rfMzwZK_0dRRmIdG-XcuqnnQwSLtQ&google_gid=CAESEDGoP4Yjz_-S0kpSpLBXR4Y&google_cver=1&google_ula=913071,0 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 398 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookiematch.aspx dis.criteo.com/dis/rtb/appnexus/ Frame B63D Redirect Chain https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8880886766342474171	43 B 371 B	79ms 17ms	Image image/gif	178.250.1.9 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8880886766342474171 Protocol H2 Server 178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Mon, 10 Apr 2023 12:38:06 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA' content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 2343169 timing-allow-origin * expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers Date Mon, 10 Apr 2023 12:38:06 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 185.213.155.143; 185.213.155.143; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 60cb389c-4ad9-4dde-90f8-c7ab33cdfab3 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8880886766342474171 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	bounce secure.adnxs.com/ Frame B63D Redirect Chain https://secure.adnxs.com/setuid?entity=52&code=k-6jXhYvUY3rfMzwZK_0dRRmIdG-VntXTMwbIOqg https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-6jXhYvUY3rfMzwZK_0dRRmIdG-VntXTMwbIOqg	43 B 1 KB	14ms 14ms	Image image/gif	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-6jXhYvUY3rfMzwZK_0dRRmIdG-VntXTMwbIOqg Protocol HTTP/1.1 Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Pragma no-cache Date Mon, 10 Apr 2023 12:38:06 GMT AN-X-Request-Uuid e099b992-d1d9-4076-9458-3c3fb465b5b7 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 185.213.155.143; 185.213.155.143; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Mon, 10 Apr 2023 12:38:06 GMT AN-X-Request-Uuid 959ff009-ef6a-4950-9767-454baacfd320 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-6jXhYvUY3rfMzwZK_0dRRmIdG-VntXTMwbIOqg Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 185.213.155.143; 185.213.155.143; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	cksync.php contextual.media.net/ Frame B63D	61 B 803 B	69ms 35ms	Image image/gif	2.18.235.93 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-r90hFPUY3rfMzwZK_0dRRmIdG-VYfXZwZVNIjQ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-235-93.deploy.static.akamaitechnologies.com Software Apache / Resource Hash cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 date Mon, 10 Apr 2023 12:38:06 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA content-type image/gif cache-control max-age=0, no-cache, no-store content-length 61 x-mnet-hl2 E expires Mon, 10 Apr 2023 12:38:06 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame B63D	0 239 B	60ms 8ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-OEDKIPUY3rfMzwZK_0dRRmIdG-Vb6m0cA_Gu1Q&expires=30 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost c1913d0f161dfd12bb229b87994a2d1d P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	204	v1 match.sharethrough.com/sync/ Frame B63D	0 364 B	56ms 8ms	Image text/plain	3.64.141.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-nGZ_X_UY3rfMzwZK_0dRRmIdG-XG6zwGd7TAWQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.64.141.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-64-141-4.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:06 GMT
GET H/1.1	200 OK	/ rtb-csync.smartadserver.com/redir/ Frame B63D	43 B 163 B	104ms 17ms	Image image/gif	185.86.138.154 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-zYKFpfUY3rfMzwZK_0dRRmIdG-X-z6hidoXWPg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:05 GMT transfer-encoding chunked content-type image/gif
GET H2	200	/ sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame B63D	0 99 B	230ms 18ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-qJHVEfUY3rfMzwZK_0dRRmIdG-USHMv8Thz7ow Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:06 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 13525
GET H2	200	um criteo-sync.teads.tv/ Frame B63D	23 B 172 B	76ms 32ms	Image image/gif	104.102.35.84 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://criteo-sync.teads.tv/um?eid=80&uid=k-mDlWcvUY3rfMzwZK_0dRRmIdG-V-eVCg1b-QbA Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.102.35.84 Hamburg, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-102-35-84.deploy.static.akamaitechnologies.com Software akka-http/10.2.10 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers expires Mon, 10 Apr 2023 12:38:06 GMT pragma no-cache date Mon, 10 Apr 2023 12:38:06 GMT cache-control max-age=0, no-cache, no-store server akka-http/10.2.10 content-length 23 content-type image/gif
GET H2	200	xuid eb2.3lift.com/ Frame B63D	37 B 140 B	41ms 11ms	Image image/gif	13.248.245.213 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=2711&xuid=k-O5OR-PUY3rfMzwZK_0dRRmIdG-UXrqZppEf4zQ&dongle=013b Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.248.245.213 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:06 GMT cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif
GET H2	204	sync ups.analytics.yahoo.com/ups/58301/ Frame B63D Redirect Chain https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-y-79l_UY3rfMzwZK_0dRRmIdG-WWVRK4UJfBtw https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-y-79l_UY3rfMzwZK_0dRRmIdG-WWVRK4UJfBtw&verify=true	0 121 B	11ms 11ms	Image text/plain	3.71.149.231 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-y-79l_UY3rfMzwZK_0dRRmIdG-WWVRK4UJfBtw&verify=true Protocol H2 Server 3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-71-149-231.eu-central-1.compute.amazonaws.com Software ATS/9.1.10.25 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:06 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.25 age 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers location https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-y-79l_UY3rfMzwZK_0dRRmIdG-WWVRK4UJfBtw&verify=true date Mon, 10 Apr 2023 12:38:06 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.25 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	pixel cm.adform.net/ Frame B63D	43 B 163 B	90ms 25ms	Image image/gif	37.157.3.30 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-RryVC_UY3rfMzwZK_0dRRmIdG-WsGM4zP98V4Q Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.3.30 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:06 GMT last-modified Fri, 07 Feb 2020 08:03:24 GMT server nginx accept-ranges bytes etag "5e3d19cc-2b" content-length 43 content-type image/gif
GET H2	200	sync visitor.omnitagjs.com/visitor/ Frame B63D	49 B 235 B	81ms 20ms	Image image/gif	185.255.84.152 IGUANE-
General Check archive.org Show headers Download Go to Show image Full URL https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-IaG1LPUY3rfMzwZK_0dRRmIdG-UQe66Ewsc4DA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.255.84.152 , France, ASN200271 (IGUANE-, FR), Reverse DNS Software ayl-lb-fra02 / Resource Hash d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Mon, 10 Apr 2023 12:38:06 GMT x-content-type-options nosniff server ayl-lb-fra02 vary Accept-Encoding content-type image/gif cache-control no-cache, no-store, must-revalidate x-envoy-upstream-service-time 3 content-length 49 expires 0
GET H/1.1	200 OK	rum r.casalemedia.com/ Frame B63D Redirect Chain https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-HAXs_fUY3rfMzwZK_0dRRmIdG-UAitW0dn-cgw https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-HAXs_fUY3rfMzwZK_0dRRmIdG-UAitW0dn-cgw&C=1	43 B 766 B	7ms 7ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-HAXs_fUY3rfMzwZK_0dRRmIdG-UAitW0dn-cgw&C=1 Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Pragma no-cache Date Mon, 10 Apr 2023 12:38:06 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers Pragma no-cache Date Mon, 10 Apr 2023 12:38:06 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location /rum?cm_dsp_id=20&external_user_id=k-HAXs_fUY3rfMzwZK_0dRRmIdG-UAitW0dn-cgw&C=1 Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=500 Content-Length 0 Expires 0
GET H/1.1	200 OK	demconf.jpg dpm.demdex.net/ Frame B63D Redirect Chain https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 https://dpm.demdex.net/ibs:dpid=28645&dpuuid=2ft8f4r_11r3tNhbDGKBAZ6xpgNhKS17 https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=2ft8f4r_11r3tNhbDGKBAZ6xpgNhKS17	42 B 942 B	36ms 35ms	Image image/gif	52.51.141.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=2ft8f4r_11r3tNhbDGKBAZ6xpgNhKS17 Protocol HTTP/1.1 Server 52.51.141.47 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-51-141-47.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v046-097c7f918.edge-irl1.demdex.com 6 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID xpv84Br0Qi4= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers DCS dcs-prod-irl1-1-v046-0be6689a7.edge-irl1.demdex.com 0 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID As04zUuBQoQ= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=2ft8f4r_11r3tNhbDGKBAZ6xpgNhKS17 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200	9.gif id5-sync.com/s/966/ Frame B63D	43 B 1 KB	33ms 8ms	Image image/gif	141.95.98.64 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/s/966/9.gif?puid=k-Vn-J9fUY3rfMzwZK_0dRRmIdG-VR89Kgy6Y3NQ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.95.98.64 , France, ASN16276 (OVH, FR), Reverse DNS ns3216658.ip-141-95-98.eu Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers content-type image/gif;charset=UTF-8 date Mon, 10 Apr 2023 12:38:06 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers transfer-encoding chunked p3p CP="CAO PSA OUR"
GET H2	200	match ad.360yield.com/ul_cb/ Frame B63D Redirect Chain https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-GrFd_PUY3rfMzwZK_0dRRmIdG-XnlFARaaSSyA https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-GrFd_PUY3rfMzwZK_0dRRmIdG-XnlFARaaSSyA	43 B 446 B	34ms 34ms	Image image/gif	54.220.21.171 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-GrFd_PUY3rfMzwZK_0dRRmIdG-XnlFARaaSSyA Protocol H2 Server 54.220.21.171 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-220-21-171.eu-west-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers access-control-allow-origin * date Mon, 10 Apr 2023 12:38:06 GMT content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers location https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-GrFd_PUY3rfMzwZK_0dRRmIdG-XnlFARaaSSyA access-control-allow-origin * date Mon, 10 Apr 2023 12:38:06 GMT content-type text/plain content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H2	200	sync matching.ivitrack.com/ Frame B63D	42 B 274 B	206ms 20ms	Image image/gif	34.117.157.22 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://matching.ivitrack.com/sync?realm=criteo&uid=k-tmWuIPUY3rfMzwZK_0dRRmIdG-XK_d6uyTEiJg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 22.157.117.34.bc.googleusercontent.com Software istio-envoy / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:06 GMT x-envoy-decorator-operation tag-manager.programmatic.svc.cluster.local:3000/* via 1.1 google server istio-envoy content-type image/gif cache-control public, max-age=86400 x-envoy-upstream-service-time 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42
GET H2	200	push exchange.mediavine.com/usersync/ Frame B63D	0 886 B	57ms 9ms	Image text/html	3.69.145.252 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-NkDJM_UY3rfMzwZK_0dRRmIdG-WbSgZMGNEW9w Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.69.145.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-69-145-252.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:06 GMT cache-control private, no-cache access-control-allow-credentials true content-encoding gzip vary Origin, Accept-Encoding content-type text/html; charset=utf-8
GET H/1.1	200 OK	cookie-sync sync.outbrain.com/ Frame B63D	0 145 B	367ms 88ms	Image text/plain	70.42.32.95 INTERNAP-BLK3
General Check archive.org Show headers Download Go to Show image Full URL https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-FRzjEvUY3rfMzwZK_0dRRmIdG-VLGjMDdEbo0w&initiator=partner Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Mon, 10 Apr 2023 12:38:07 GMT Cache-Control no-cache X-TraceId e04233bf680911b0184442b609044a95 Content-Length 0
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame B63D	42 B 579 B	63ms 18ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-a7KkavUY3rfMzwZK_0dRRmIdG-V_Re-hD_z2iQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Mon, 10 Apr 2023 12:38:06 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	sync criteo-partners.tremorhub.com/ Frame B63D	43 B 407 B	344ms 105ms	Image image/gif	2600:1f18:612b:4232:d8df:442e:b8f5:5c88 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://criteo-partners.tremorhub.com/sync?UICR=k-qAqcEfUY3rfMzwZK_0dRRmIdG-WziiqE-wr92g Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4232:d8df:442e:b8f5:5c88 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Mon, 10 Apr 2023 12:38:07 GMT server Apache-Coyote/1.1 content-type image/gif
GET H2	200	getusermatch.php a.twiago.com/rtb/ Frame B63D	43 B 153 B	70ms 29ms	Image image/gif	85.215.5.31 CRONON-BERLIN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-sqJL6vUY3rfMzwZK_0dRRmIdG-U0YSNZ7j5idg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE), Reverse DNS Software Apache / PHP/7.3.29 Resource Hash 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers access-control-allow-origin * date Mon, 10 Apr 2023 12:38:06 GMT server Apache x-powered-by PHP/7.3.29 content-length 43 content-type image/gif
GET H/1.1	204 No Content	m ad.yieldlab.net/ Frame B63D	0 400 B	82ms 45ms	Image text/plain	2.22.155.103 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-CPRoaPUY3rfMzwZK_0dRRmIdG-V6Rbjulr3m2w Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.22.155.103 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-22-155-103.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Pragma no-cache Date Mon, 10 Apr 2023 12:38:06 GMT Cache-Control no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0 Connection keep-alive Expires Sun, 09 Apr 2023 12:38:06 GMT
GET H2	200	sync sync-criteo.ads.yieldmo.com/ Frame B63D	0 38 B	128ms 30ms	Image text/plain	54.155.81.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync-criteo.ads.yieldmo.com/sync?id=k-LrYv9PUY3rfMzwZK_0dRRmIdG-VmRkRFis7_OQ&pn_id=criteo&ext=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.155.81.193 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-155-81-193.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:07 GMT content-length 0
POST H2	204	0 bat.bing.com/actionp/	0 119 B	32ms 32ms	Ping text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/actionp/0?ti=4076826&tm=gtm002&Ver=2&mid=7b17a657-192d-43f7-b62c-84ac5667122c&sid=8aa47a00d79c11eda1a33ba4b1f7a33f&vid=8aa489c0d79c11eda11f2bc25d0f9673&vids=1&msclkid=N&evt=dedup Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 10 Apr 2023 12:38:05 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 63D0B094A9444B3EA0779B2EE08B0052 Ref B: FRAEDGE2009 Ref C: 2023-04-10T12:38:06Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	18ms 18ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-4VPL2KCH37&gtm=45je3430&_p=590191189&cid=376026138.1681130286&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681130286&sct=1&seg=0&dl=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D&dt=Global%20Visa%20Search%20%7C%20CIBTvisas&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-4VPL2KCH37&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Mon, 10 Apr 2023 12:38:06 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cibtvisas.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET BLOB	200 OK	1abd8895-c53e-422f-ac18-61e1f2fc73e5 https://cibtvisas.com/	17 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://cibtvisas.com/1abd8895-c53e-422f-ac18-61e1f2fc73e5 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b4b16eb4f692377b852e3a261902c3a96e0c2ee25fda2fd54c1d2fc430d83cef Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Length 17224 Content-Type application/javascript
GET H2	204	usermatch.gif beacon.krxd.net/ Frame B63D Redirect Chain https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=MMSV6Aqpx8UKuyIffzH3uHn7Pn657OWV	0 336 B	552ms 175ms	Image text/plain	35.155.33.79 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=MMSV6Aqpx8UKuyIffzH3uHn7Pn657OWV Protocol H2 Server 35.155.33.79 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-155-33-79.us-west-2.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-served-by beacon-n008-pdx-prod.krxd.net date Mon, 10 Apr 2023 12:38:07 GMT cache-control private, no-cache, no-store x-request-time D=41 t=1681130287 p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=MMSV6Aqpx8UKuyIffzH3uHn7Pn657OWV date Mon, 10 Apr 2023 12:38:06 GMT cache-control private, max-age=0, no-cache, no-store, must-revalidate strict-transport-security max-age=31536000; preload; server Kestrel server-processing-duration-in-ticks 808156 content-length 0
GET H2	200	data.js Show response tags.clickagy.com/	38 KB 14 KB	113ms 62ms	Script application/javascript	2606:4700::6812:3eb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95 Requested by Host: ws.zoominfo.com URL: https://ws.zoominfo.com/pixel/63f7919cff88320bcff97141 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:3eb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8557723acebc8e4c614ab5168c4d46da69a93ea0b7ae4ad2851bf1e10302690e Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:07 GMT x-amz-version-id swy_aEi2mFevUnIx1k7ucq8H7V0abBgM content-encoding gzip cf-cache-status DYNAMIC via 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 25159 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 11 Jan 2023 20:57:47 GMT server cloudflare etag W/"7dc7bc84811d5ae6527d61d30e0e1f4d" vary Accept-Encoding content-type application/javascript cf-ray 7b5b0b85dd3b3a73-FRA x-amz-cf-id imHH3_9UyF0vftGpMdtOniMKKVczLvV4XvCCsstpPLDu5iMZLLd7Cg==
GET H/1.1	200 OK	analytics Show response pi.pardot.com/	1 KB 2 KB	367ms 366ms	Script text/javascript	3.92.120.28 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1487&account_id=825263&title=Global%20Visa%20Search%20%7C%20CIBTvisas&url=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D&referrer=&pi_content=null&pi_em=null Requested by Host: pi.pardot.com URL: https://pi.pardot.com/pd.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-92-120-28.compute-1.amazonaws.com Software PardotServer / Resource Hash 34f6f1406d86b2734766c77838e0ed5245f45953f08a3fe652cc367f7d7d896a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache Date Mon, 10 Apr 2023 12:38:07 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip X-Pardot-Route 9b06e8e2308c32c7bf9ba8adfb7be2e1 x-pardot-rsp 0/0/1 Server PardotServer vary Accept-Encoding,User-Agent Content-Type text/javascript; charset=utf-8 p3p CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml" cache-control no-store, no-cache, must-revalidate Connection keep-alive Content-Length 539 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	data Show response aorta.clickagy.com/	57 B 504 B	440ms 107ms	XHR application/json	52.0.31.232 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://aorta.clickagy.com/data Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-cibtglobal.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.0.31.232 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-0-31-232.compute-1.amazonaws.com Software Aorta/20230327.651295a15 / Resource Hash c8e43221461ca0db048f074cf7a332e2659067131b32fb8a52e2a8f01005f5a8 Request headers Referer https://cibtvisas.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Mon, 10 Apr 2023 12:38:07 GMT content-encoding gzip server Aorta/20230327.651295a15 expect 0 access-control-max-age 31536000 access-control-allow-methods POST, GET, OPTIONS content-type application/json access-control-allow-origin https://cibtvisas.com access-control-expose-headers Set-Cookie cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-aorta-region us-east-1 x-aorta-host 4223db57d2de access-control-allow-headers Origin,cache-control,content-type,man,messagetype,soapaction content-length 82
GET H2	204	usersync pixel-sync.sitescout.com/connectors/clickagy/ Redirect Chain https://aorta.clickagy.com/pixel.gif?clkgypv=jstag&ws=1 https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzphNjEyMjlhYzMyNDNlMWRlZWI2YWMwMzNmMzE0ODU5ZA https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEMy7aoY_HIvUINj7_3g2iSc&google_cver=1 https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:a61229ac3243e1deeb6ac033f314859d&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D https://d.agkn.com/pixel/10751/?che=1681130287795&ip=185.213.155.143&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D219833204482002274557 https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=219833204482002274557 https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D	0 191 B	66ms 14ms	Image text/plain	98.98.134.241 ZEN-ECN
General Check archive.org Show headers Download Go to Show image Full URL https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D Protocol H2 Server 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US), Reverse DNS Software AC1.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" pragma no-cache date Mon, 10 Apr 2023 12:38:07 GMT cache-control max-age=0,no-cache,no-store server AC1.1 expires Tue, 11 Oct 1977 12:34:56 GMT Redirect headers date Mon, 10 Apr 2023 12:38:07 GMT server Aorta/20230327.651295a15 expect 0 access-control-max-age 31536000 access-control-allow-methods POST, GET, OPTIONS content-type application/json location https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D access-control-allow-origin * access-control-expose-headers Set-Cookie cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-aorta-region us-east-1 x-aorta-host 454315392f9a access-control-allow-headers Origin,cache-control,content-type,man,messagetype,soapaction content-length 0
GET H2	200	hasHashes Show response hemsync.clickagy.com/external/	2 B 324 B	363ms 106ms	XHR text/plain	54.152.42.88 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-cibtglobal.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.152.42.88 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-152-42-88.compute-1.amazonaws.com Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:07 GMT content-encoding gzip vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://cibtvisas.com access-control-expose-headers content-length, last-modified, expires, content-type access-control-allow-credentials true content-length 28
GET H/1.1	200 OK	analytics Show response resources.newlandchase.com/	50 B 1 KB	433ms 217ms	Script text/javascript	34.237.219.119 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://resources.newlandchase.com/analytics?conly=true&visitor_id=308945095&visitor_id_sign=e24c06d364fece4181d703d224211b14565f8acfaf1bcf44b2cb6ae6dc7c55461e84261ca8f10f4a0e4544a196b85e036c2a0ee7&pi_opt_in=&campaign_id=1487&account_id=825263&title=Global%20Visa%20Search%20|%20CIBTvisas&url=https://cibtvisas.com/global-visa-search?login=&referrer=&pi_content=null&pi_em=null Requested by Host: pi.pardot.com URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1487&account_id=825263&title=Global%20Visa%20Search%20%7C%20CIBTvisas&url=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D&referrer=&pi_content=null&pi_em=null Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-237-219-119.compute-1.amazonaws.com Software PardotServer / Resource Hash dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3 Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache Date Mon, 10 Apr 2023 12:38:07 GMT X-Pardot-Route 9b06e8e2308c32c7bf9ba8adfb7be2e1 x-pardot-rsp 0/0/1 Server PardotServer vary User-Agent Content-Type text/javascript; charset=utf-8 p3p CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml" cache-control no-store, no-cache, must-revalidate Connection keep-alive Content-Length 50 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	cibtglobal Show response ingest.quantummetric.com/ Frame A051	90 B 243 B	361ms 118ms	XHR application/json	34.134.198.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ingest.quantummetric.com/cibtglobal?T=B&u=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D&t=1681130286869&v=1681130287368&z=1&S=0&N=0&P=0 Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-cibtglobal.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.134.198.113 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.198.134.34.bc.googleusercontent.com Software / Resource Hash fd72a35b4fff0cfb8bd8ec93c39209c6942d00204fca6f02ca9600219d62c5c7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://cibtvisas.com date Mon, 10 Apr 2023 12:38:07 GMT strict-transport-security max-age=31536000 access-control-allow-credentials true content-length 90 content-type application/json
POST H2	200	cibtglobal Show response ingest.quantummetric.com/ Frame A051	0 142 B	428ms 224ms	XHR application/json	34.134.198.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ingest.quantummetric.com/cibtglobal?T=B&u=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D&t=1681130286869&v=1681130287369&z=1&Q=1&Y=1&X=500d37e0fdae4075e8719c5363da2687 Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-cibtglobal.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.134.198.113 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.198.134.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://cibtvisas.com date Mon, 10 Apr 2023 12:38:07 GMT strict-transport-security max-age=31536000 access-control-allow-credentials true content-length 0 content-type application/json
GET H2	200	cs s.thebrighttag.com/ Frame B63D Redirect Chain https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Jf7koMG2GOiim6QJSo6q1ae1iMmvkN8z	35 B 268 B	368ms 117ms	Image image/gif	18.216.91.22 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Jf7koMG2GOiim6QJSo6q1ae1iMmvkN8z Protocol H2 Server 18.216.91.22 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-216-91-22.us-east-2.compute.amazonaws.com Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Mon, 10 Apr 2023 12:38:07 GMT x-bt-requestid 8bb972d0-d79c-11ed-9431-0000ac1702cf server nginx content-type image/gif access-control-allow-origin p3p CP=NOI DSP COR NID cache-control private, must-revalidate content-length 35 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Jf7koMG2GOiim6QJSo6q1ae1iMmvkN8z date Mon, 10 Apr 2023 12:38:06 GMT cache-control private, max-age=0, no-cache, no-store, must-revalidate strict-transport-security max-age=31536000; preload; server Kestrel server-processing-duration-in-ticks 1017313 content-length 0
GET H2	200	/ www.facebook.com/tr/	0 54 B	7ms 7ms	Image text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=404769754613765&ev=Microdata&dl=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D&rl=&if=false&ts=1681130287452&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Global%20Visa%20Search%20%7C%20CIBTvisas%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1681130285947.495869216&it=1681130285819&coo=false&es=automatic&tm=3&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Mon, 10 Apr 2023 12:38:07 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	c221587c31efa3cb801099e2a07019c2 Show response cibtglobal-app.quantummetric.com/q3/ Frame A051	24 B 818 B	361ms 114ms	XHR application/json	35.223.145.209 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://cibtglobal-app.quantummetric.com/q3/c221587c31efa3cb801099e2a07019c2 Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-cibtglobal.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.223.145.209 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 209.145.223.35.bc.googleusercontent.com Software nginx / Resource Hash 4419fcebf7cb52a3993532e92871fe99cbf439a111328fcf1e642926edf18335 Security Headers Name Value Content-Security-Policy default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net; Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 12:38:08 GMT strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip content-security-policy default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net; server nginx access-control-max-age 31536000 vary Accept-Encoding access-control-allow-methods GET,POST access-control-allow-origin https://cibtvisas.com content-type application/json access-control-allow-credentials true x-robots-tag noindex access-control-allow-headers Content-Type
POST H2	200	cibtglobal Show response ingest.quantummetric.com/ Frame A051	0 142 B	117ms 116ms	XHR application/json	34.134.198.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ingest.quantummetric.com/cibtglobal?T=B&u=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D&t=1681130286869&v=1681130288106&H=2f03346464c08c62c30c16e6&s=c221587c31efa3cb801099e2a07019c2&U=b5aae68fe772c4cbaf2ffbb1199de0a4&z=1&Q=2&S=0&N=0 Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-cibtglobal.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.134.198.113 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.198.134.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://cibtvisas.com date Mon, 10 Apr 2023 12:38:08 GMT strict-transport-security max-age=31536000 access-control-allow-credentials true content-length 0 content-type application/json
POST H2	200	cibtglobal Show response ingest.quantummetric.com/ Frame A051	0 142 B	118ms 118ms	XHR application/json	34.134.198.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ingest.quantummetric.com/cibtglobal?T=B&u=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D&t=1681130286869&v=1681130288234&H=2f03346464c08c62c30c16e6&s=c221587c31efa3cb801099e2a07019c2&z=1&S=2360&N=26&P=1 Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-cibtglobal.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.134.198.113 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.198.134.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://cibtvisas.com date Mon, 10 Apr 2023 12:38:08 GMT strict-transport-security max-age=31536000 access-control-allow-credentials true content-length 0 content-type application/json
POST H3	204	collect region1.google-analytics.com/g/	0 17 B	18ms 18ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-BGRN721V1R&gtm=45je3430&_p=590191189&cid=376026138.1681130286&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1681130285&sct=1&seg=0&dl=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D&dt=Global%20Visa%20Search%20%7C%20CIBTvisas&en=scroll&epn.percent_scrolled=90&_et=34 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-BGRN721V1R&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Mon, 10 Apr 2023 12:38:10 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cibtvisas.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect region1.google-analytics.com/g/	0 17 B	19ms 19ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-4VPL2KCH37&gtm=45je3430&_p=590191189&cid=376026138.1681130286&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1681130286&sct=1&seg=0&dl=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D&dt=Global%20Visa%20Search%20%7C%20CIBTvisas&en=scroll&epn.percent_scrolled=90&_et=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-4VPL2KCH37&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cibtvisas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Mon, 10 Apr 2023 12:38:11 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cibtvisas.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	cibtglobal Show response ingest.quantummetric.com/ Frame A051	0 142 B	119ms 118ms	XHR application/json	34.134.198.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ingest.quantummetric.com/cibtglobal?T=B&u=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D&t=1681130286869&v=1681130292368&H=2f03346464c08c62c30c16e6&s=c221587c31efa3cb801099e2a07019c2&z=1&S=5011&N=36&P=2 Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-cibtglobal.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.134.198.113 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.198.134.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://cibtvisas.com date Mon, 10 Apr 2023 12:38:12 GMT strict-transport-security max-age=31536000 access-control-allow-credentials true content-length 0 content-type application/json
POST H2	200	cibtglobal Show response ingest.quantummetric.com/ Frame A051	0 142 B	117ms 117ms	XHR application/json	34.134.198.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ingest.quantummetric.com/cibtglobal?T=B&u=https%3A%2F%2Fcibtvisas.com%2Fglobal-visa-search%3Flogin%3D&t=1681130286869&v=1681130292688&H=2f03346464c08c62c30c16e6&s=c221587c31efa3cb801099e2a07019c2&z=1&Q=2&S=807&N=1 Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-cibtglobal.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.134.198.113 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.198.134.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://cibtvisas.com date Mon, 10 Apr 2023 12:38:12 GMT strict-transport-security max-age=31536000 access-control-allow-credentials true content-length 0 content-type application/json