josenau.byethost5.com Open in urlscan Pro
185.27.134.208  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://bit.ly/3cJFwaG HTTP 301
   https://fst.am/kN4AjYg Page URL
   
2. http://josenau.byethost5.com/ Page URL
3. http://josenau.byethost5.com/?i=1 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

• https://bit.ly/3cJFwaG HTTP 301
• https://fst.am/kN4AjYg

Request Chain 15

• http://www.google-analytics.com/analytics.js HTTP 307
• https://www.google-analytics.com/analytics.js

Request Chain 82

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/?random=695457376&cv=9&fst=1630218600013&num=1&value=0&label=-GB1CNv5t5kBENvPh_YC&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itaulink.com.uy%2Ftrx%2Fsolicitar_ingreso%3F_ga%3D2.130750799.1571806777.1630218558-862979872.1630218558&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA%20Link&auid=740869104.1630218600&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ANifYY_QBpKqx_AP2NGwwAk&sscte=1&crd=&eitems=ChAIgIX9jAYQjKiyzIeJt5JBEh0AByrlGfy_sc_VuEUhsq5sDPkITD5OJekwalmyyg HTTP 302
• https://www.google.com/pagead/1p-conversion/784459739/?random=695457376&cv=9&fst=1630218600013&num=1&value=0&label=-GB1CNv5t5kBENvPh_YC&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itaulink.com.uy%2Ftrx%2Fsolicitar_ingreso%3F_ga%3D2.130750799.1571806777.1630218558-862979872.1630218558&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA%20Link&auid=740869104.1630218600&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ANifYY_QBpKqx_AP2NGwwAk&cid=CAQSKQCNIrLM7k09qAXLF84_N92dgUuwYuAGxFafq6mFYMyyS107LephI_xJ&eitems=ChAIgIX9jAYQjKiyzIeJt5JBEh0AByrlGZYqktKY9axLKAVUhrcnG-dwFgCWbcGT_A&random=2760828250&resp=GooglemKTybQhCsO HTTP 302
• https://www.google.de/pagead/1p-conversion/784459739/?random=695457376&cv=9&fst=1630218600013&num=1&value=0&label=-GB1CNv5t5kBENvPh_YC&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itaulink.com.uy%2Ftrx%2Fsolicitar_ingreso%3F_ga%3D2.130750799.1571806777.1630218558-862979872.1630218558&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA%20Link&auid=740869104.1630218600&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ANifYY_QBpKqx_AP2NGwwAk&cid=CAQSKQCNIrLM7k09qAXLF84_N92dgUuwYuAGxFafq6mFYMyyS107LephI_xJ&eitems=ChAIgIX9jAYQjKiyzIeJt5JBEh0AByrlGZYqktKY9axLKAVUhrcnG-dwFgCWbcGT_A&random=2760828250&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 96

• http://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3243621795075373 HTTP 302
• https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3243621795075373

Request Chain 99

• http://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=03807196407341529 HTTP 302
• https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=03807196407341529

Request Chain 103

• https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYyMTU3NzI2NTc4MQ==&forward= HTTP 302
• https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1

Request Chain 104

• https://ib.adnxs.com/setuid?entity=18&code=5109685621577265781 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685621577265781

Request Chain 105

• https://stags.bluekai.com/site/4722?id=5109685621577265781&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
• https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

Request Chain 107

• https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5109685621577265781&redir= HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685621577265781&redir=

Request Chain 108

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0

Request Chain 111

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685621577265781&referrer=http%3A%2F%2Fjosenau.byethost5.com%2F HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=03195270-8106-4667-b932-7e34808dd076%3A1637865476.53&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D03195270-8106-4667-b932-7e34808dd076%253A1637865476.53 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=03195270-8106-4667-b932-7e34808dd076%3A1637865476.53 HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
• https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIPFWSmRovJzdu7B5jgzaOQ&google_cver=1

Request Chain 113

• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685621577265781&forward= HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685621577265781&forward=&C=1

Request Chain 116

• https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685621577265781&img=1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685621577265781&img=1&__user_check__=1&sync_id=ceb7c40c-4e1e-11ec-918d-14684a3a0306

Request Chain 120

• https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685621577265781&expires=30 HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5109685621577265781&expires=30

Request Chain 121

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YZ-YBAAHU6xwYgBG HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG&_test=YZ-YBAAHU6xwYgBG

Request Chain 124

• https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYyMTU3NzI2NTc4MQ==&forward= HTTP 302
• https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1

Request Chain 125

• https://ib.adnxs.com/setuid?entity=18&code=5109685621577265781 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685621577265781

Request Chain 126

• https://stags.bluekai.com/site/4722?id=5109685621577265781&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
• https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

Request Chain 128

• https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5109685621577265781&redir= HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685621577265781&redir=

Request Chain 129

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0

Request Chain 132

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685621577265781&referrer=http%3A%2F%2Fjosenau.byethost5.com%2F HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D177043ff-efd7-4139-92b4-b2e21c88a808%253A1637865476.53 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53 HTTP 307
• https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
• https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3425227545158605516

Request Chain 134

• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685621577265781&forward= HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685621577265781&forward=&C=1

Request Chain 137

• https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685621577265781&img=1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685621577265781&img=1&__user_check__=1&sync_id=ceb81d2a-4e1e-11ec-b0fc-11e121d60106

Request Chain 140

• https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685621577265781&expires=30 HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5109685621577265781&expires=30

Request Chain 141

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YZ-YBAAHU4RwYwBG

Request Chain 147

• http://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=20989146171051765 HTTP 302
• https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=20989146171051765

Request Chain 149

• http://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3153257653367203 HTTP 302
• https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3153257653367203

Request Chain 150

• http://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=38615322478381486 HTTP 302
• https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=38615322478381486

Request Chain 151

• http://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=9916741623265093 HTTP 302
• https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=9916741623265093

Request Chain 152

• http://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=6625885025632829 HTTP 302
• https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=6625885025632829

Request Chain 158

• https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYyMTU3NzI2NTc4MQ==&forward= HTTP 302
• https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1

Request Chain 160

• https://stags.bluekai.com/site/4722?id=5109685621577265781&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
• https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

Request Chain 163

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685621577265781&referrer=http%3A%2F%2Fjosenau.byethost5.com%2F HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D177043ff-efd7-4139-92b4-b2e21c88a808%253A1637865476.53 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53 HTTP 307
• https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
• https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
• https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=1Qx8nODW80WcX7esjS9LmwwP8ugHecUX

Request Chain 171

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG

Request Chain 173

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0

Request Chain 177

• https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYyMTU3NzI2NTc4MQ==&forward= HTTP 302
• https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1

Request Chain 179

• https://stags.bluekai.com/site/4722?id=5109685621577265781&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
• https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

Request Chain 181

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0

Request Chain 183

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685621577265781&referrer=http%3A%2F%2Fjosenau.byethost5.com%2F HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D177043ff-efd7-4139-92b4-b2e21c88a808%253A1637865476.53 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53 HTTP 307
• https://tags.bluekai.com/site/2035?phint=rluid=f0e2cd267c3dd675b092ca9bb77cb1c326467d2e275b684495e932c57a9102862971936f2f944561&redir=https%3A%2F%2Fidsync.rlcdn.com%2F401696.gif%3Fpartner_uid%3D%24BK_UUID_25515 HTTP 302
• https://idsync.rlcdn.com/401696.gif?partner_uid=$BK_UUID_25515

Request Chain 192

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG

Request Chain 196

• https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYyMTU3NzI2NTc4MQ==&forward= HTTP 302
• https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1

Request Chain 198

• https://stags.bluekai.com/site/4722?id=5109685621577265781&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
• https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

Request Chain 200

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0

Request Chain 202

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685621577265781&referrer=http%3A%2F%2Fjosenau.byethost5.com%2F HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D177043ff-efd7-4139-92b4-b2e21c88a808%253A1637865476.53 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53 HTTP 307
• https://dpm.demdex.net/ibs:dpid=477&dpuuid=9a89ad3a184274973e09c526fb3e0db8fa3e1a2ab36e0d3b51ff856b6e42fd0ab0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BDD_UUID%7D HTTP 302
• https://idsync.rlcdn.com/362248.gif?partner_uid=35432372902742792042871885172083855745

Request Chain 211

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG

Request Chain 215

• https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYyMTU3NzI2NTc4MQ==&forward= HTTP 302
• https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1

Request Chain 217

• https://stags.bluekai.com/site/4722?id=5109685621577265781&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
• https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

Request Chain 220

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0

Request Chain 223

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685621577265781&referrer=http%3A%2F%2Fjosenau.byethost5.com%2F HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D177043ff-efd7-4139-92b4-b2e21c88a808%253A1637865476.53 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53 HTTP 307
• https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID} HTTP 302
• https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=161083&d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID} HTTP 302
• https://idsync.rlcdn.com/401726.gif?partner_uid=ysil1PNzz7uupX/L69VjeO

Request Chain 232

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG

Request Chain 234

• https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYyMTU3NzI2NTc4MQ==&forward= HTTP 302
• https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1

Request Chain 236

• https://stags.bluekai.com/site/4722?id=5109685621577265781&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
• https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

Request Chain 239

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0

Request Chain 242

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685621577265781&referrer=http%3A%2F%2Fjosenau.byethost5.com%2F HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D177043ff-efd7-4139-92b4-b2e21c88a808%253A1637865476.53 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53 HTTP 307
• https://usermatch.krxd.net/um/v2?partner=liveramp HTTP 302
• https://idsync.rlcdn.com/379718.gif?partner_uid=OgN2g8vk

Request Chain 251

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG

254 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	kN4AjYg Show response fst.am/ Redirect Chain https://bit.ly/3cJFwaG https://fst.am/kN4AjYg	2 KB 949 B	370ms 194ms	Document text/html	185.131.144.28 DREAMVPS
General Check archive.org Show headers Download Go to Full URL https://fst.am/kN4AjYg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.131.144.28 Tel Aviv, Israel, ASN213038 (DREAMVPS, IL), Reverse DNS 185.131.144.28.dreamvps.com Software / Next.js Resource Hash bc2533c20b0cc6e4dd473fcbc59ee40ce0e193594aef8c69c598766e58804264 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers X-Powered-By Next.js ETag "63d-iwCEw5yyJXrUdHKGjikd7tTb3eY" Content-Type text/html; charset=utf-8 Vary Accept-Encoding Content-Encoding gzip Date Thu, 25 Nov 2021 18:37:50 GMT Connection keep-alive Keep-Alive timeout=5 Transfer-Encoding chunked Redirect headers server nginx date Thu, 25 Nov 2021 18:37:50 GMT content-type text/html; charset=utf-8 content-length 109 cache-control private, max-age=90 content-security-policy referrer always; location https://fst.am/kN4AjYg referrer-policy unsafe-url via 1.1 google alt-svc clear
GET H/1.1	200 OK	3fd7d1776b4733c62cc3.css fst.am/_next/static/css/	899 B 1 KB	77ms 77ms	Stylesheet text/css	185.131.144.28 DREAMVPS
General Check archive.org Show headers Download Go to Full URL https://fst.am/_next/static/css/3fd7d1776b4733c62cc3.css Requested by Host: fst.am URL: https://fst.am/kN4AjYg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.131.144.28 Tel Aviv, Israel, ASN213038 (DREAMVPS, IL), Reverse DNS 185.131.144.28.dreamvps.com Software / Resource Hash 80f57d43110ca5162348b716037e890ed9389b668d407e892117d1c870c756c7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://fst.am/kN4AjYg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:51 GMT Last-Modified Sun, 29 Aug 2021 11:39:18 GMT ETag W/"383-17b91b4ed5a" Vary Accept-Encoding Content-Type text/css; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 899
GET H/1.1	200 OK	e5c9e0fb7c0e367f53f9.css fst.am/_next/static/css/	167 B 499 B	154ms 76ms	Stylesheet text/css	185.131.144.28 DREAMVPS
General Check archive.org Show headers Download Go to Full URL https://fst.am/_next/static/css/e5c9e0fb7c0e367f53f9.css Requested by Host: fst.am URL: https://fst.am/kN4AjYg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.131.144.28 Tel Aviv, Israel, ASN213038 (DREAMVPS, IL), Reverse DNS 185.131.144.28.dreamvps.com Software / Resource Hash f18fd69fe5ed6048fa6d70db7685932e73260a64fd59d321aff5e2e9166f5504 Request headers Accept-Language de-DE,de;q=0.9 Referer https://fst.am/kN4AjYg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:51 GMT Last-Modified Sun, 29 Aug 2021 11:39:18 GMT ETag W/"a7-17b91b4ed5a" Vary Accept-Encoding Content-Type text/css; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 167
GET H/1.1	200 OK	webpack-61095c13c5984b221292.js Show response fst.am/_next/static/chunks/	2 KB 1 KB	309ms 172ms	Script application/javascript	185.131.144.28 DREAMVPS
General Check archive.org Show headers Download Go to Full URL https://fst.am/_next/static/chunks/webpack-61095c13c5984b221292.js Requested by Host: fst.am URL: https://fst.am/kN4AjYg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.131.144.28 Tel Aviv, Israel, ASN213038 (DREAMVPS, IL), Reverse DNS 185.131.144.28.dreamvps.com Software / Resource Hash e127382a0ade049daf9457b2d3bb47fc8903ee67c623abb7d01b329fa4a39fff Request headers Accept-Language de-DE,de;q=0.9 Referer https://fst.am/kN4AjYg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:51 GMT Content-Encoding gzip Last-Modified Sun, 29 Aug 2021 11:39:18 GMT ETag W/"624-17b91b4ed5a" Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Transfer-Encoding chunked Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5
GET H/1.1	200 OK	framework-92300432a1172ef1338b.js Show response fst.am/_next/static/chunks/	127 KB 42 KB	217ms 73ms	Script application/javascript	185.131.144.28 DREAMVPS
General Check archive.org Show headers Download Go to Full URL https://fst.am/_next/static/chunks/framework-92300432a1172ef1338b.js Requested by Host: fst.am URL: https://fst.am/kN4AjYg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.131.144.28 Tel Aviv, Israel, ASN213038 (DREAMVPS, IL), Reverse DNS 185.131.144.28.dreamvps.com Software / Resource Hash 5540aacdd10ef4f28143498da525aeaad093601217d88f67a4b0d3c955faf452 Request headers Accept-Language de-DE,de;q=0.9 Referer https://fst.am/kN4AjYg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:51 GMT Content-Encoding gzip Last-Modified Sun, 29 Aug 2021 11:39:18 GMT ETag W/"1fcc5-17b91b4ed5e" Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Transfer-Encoding chunked Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5
GET H/1.1	200 OK	main-a76b5552fbb06f190312.js Show response fst.am/_next/static/chunks/	61 KB 20 KB	225ms 77ms	Script application/javascript	185.131.144.28 DREAMVPS
General Check archive.org Show headers Download Go to Full URL https://fst.am/_next/static/chunks/main-a76b5552fbb06f190312.js Requested by Host: fst.am URL: https://fst.am/kN4AjYg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.131.144.28 Tel Aviv, Israel, ASN213038 (DREAMVPS, IL), Reverse DNS 185.131.144.28.dreamvps.com Software / Resource Hash 2a4c801d09ce366a82d1141f0f9b2be5374dfeb483f43e686a27ed13e742486b Request headers Accept-Language de-DE,de;q=0.9 Referer https://fst.am/kN4AjYg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:51 GMT Content-Encoding gzip Last-Modified Sun, 29 Aug 2021 11:39:18 GMT ETag W/"f592-17b91b4ed5a" Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Transfer-Encoding chunked Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5
GET H/1.1	200 OK	_app-b6c3e44a5fe893b7349d.js Show response fst.am/_next/static/chunks/pages/	1 KB 955 B	230ms 77ms	Script application/javascript	185.131.144.28 DREAMVPS
General Check archive.org Show headers Download Go to Full URL https://fst.am/_next/static/chunks/pages/_app-b6c3e44a5fe893b7349d.js Requested by Host: fst.am URL: https://fst.am/kN4AjYg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.131.144.28 Tel Aviv, Israel, ASN213038 (DREAMVPS, IL), Reverse DNS 185.131.144.28.dreamvps.com Software / Resource Hash 10a8c20d10310b78a2f5afd0a01b7201412da330d1e1f3cc4d1c1bd67e316bad Request headers Accept-Language de-DE,de;q=0.9 Referer https://fst.am/kN4AjYg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:51 GMT Content-Encoding gzip Last-Modified Sun, 29 Aug 2021 11:39:18 GMT ETag W/"4a4-17b91b4ed5a" Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Transfer-Encoding chunked Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5
GET H/1.1	200 OK	321-5ee5824fd510eaf3c0f4.js Show response fst.am/_next/static/chunks/	16 KB 6 KB	170ms 83ms	Script application/javascript	185.131.144.28 DREAMVPS
General Check archive.org Show headers Download Go to Full URL https://fst.am/_next/static/chunks/321-5ee5824fd510eaf3c0f4.js Requested by Host: fst.am URL: https://fst.am/kN4AjYg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.131.144.28 Tel Aviv, Israel, ASN213038 (DREAMVPS, IL), Reverse DNS 185.131.144.28.dreamvps.com Software / Resource Hash ff6f0a08e77eb9ee24c56dc54d61d33e5e80a110305ec4dc57085aa3b764d998 Request headers Accept-Language de-DE,de;q=0.9 Referer https://fst.am/kN4AjYg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:51 GMT Content-Encoding gzip Last-Modified Sun, 29 Aug 2021 11:39:18 GMT ETag W/"3f0b-17b91b4ed5e" Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Transfer-Encoding chunked Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5
GET H/1.1	200 OK	%5Bcode%5D-56a745edbc178e2a0ecb.js Show response fst.am/_next/static/chunks/pages/	5 KB 2 KB	114ms 90ms	Script application/javascript	185.131.144.28 DREAMVPS
General Check archive.org Show headers Download Go to Full URL https://fst.am/_next/static/chunks/pages/%5Bcode%5D-56a745edbc178e2a0ecb.js Requested by Host: fst.am URL: https://fst.am/kN4AjYg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.131.144.28 Tel Aviv, Israel, ASN213038 (DREAMVPS, IL), Reverse DNS 185.131.144.28.dreamvps.com Software / Resource Hash 53be80e196e08e3b4d89736c9bedfe163033578281840f4a8a8dedac0759ffbc Request headers Accept-Language de-DE,de;q=0.9 Referer https://fst.am/kN4AjYg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:51 GMT Content-Encoding gzip Last-Modified Sun, 29 Aug 2021 11:39:18 GMT ETag W/"1256-17b91b4ed5a" Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Transfer-Encoding chunked Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5
GET H/1.1	200 OK	_buildManifest.js Show response fst.am/_next/static/tcA6Y3zubxpKGEMzEpXeT/	781 B 1 KB	75ms 75ms	Script application/javascript	185.131.144.28 DREAMVPS
General Check archive.org Show headers Download Go to Full URL https://fst.am/_next/static/tcA6Y3zubxpKGEMzEpXeT/_buildManifest.js Requested by Host: fst.am URL: https://fst.am/kN4AjYg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.131.144.28 Tel Aviv, Israel, ASN213038 (DREAMVPS, IL), Reverse DNS 185.131.144.28.dreamvps.com Software / Resource Hash ae16f1ffcfd912b57407a0a8d89f2dd519c9690b65bb01d1b6de01a68c9cb1a1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://fst.am/kN4AjYg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:51 GMT Last-Modified Sun, 29 Aug 2021 11:39:18 GMT ETag W/"30d-17b91b4ed5a" Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 781
GET H/1.1	200 OK	_ssgManifest.js Show response fst.am/_next/static/tcA6Y3zubxpKGEMzEpXeT/	77 B 422 B	68ms 67ms	Script application/javascript	185.131.144.28 DREAMVPS
General Check archive.org Show headers Download Go to Full URL https://fst.am/_next/static/tcA6Y3zubxpKGEMzEpXeT/_ssgManifest.js Requested by Host: fst.am URL: https://fst.am/kN4AjYg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.131.144.28 Tel Aviv, Israel, ASN213038 (DREAMVPS, IL), Reverse DNS 185.131.144.28.dreamvps.com Software / Resource Hash 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Request headers Accept-Language de-DE,de;q=0.9 Referer https://fst.am/kN4AjYg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:51 GMT Last-Modified Sun, 29 Aug 2021 11:39:18 GMT ETag W/"4d-17b91b4ed5a" Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=31536000, immutable Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 77
POST H/1.1	200 OK	kN4AjYg api.fst.am/	199 B 467 B	330ms 175ms	XHR application/json	185.131.144.28 DREAMVPS
General Check archive.org Show headers Download Go to Full URL https://api.fst.am/kN4AjYg Requested by Host: fst.am URL: https://fst.am/_next/static/chunks/321-5ee5824fd510eaf3c0f4.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.131.144.28 Tel Aviv, Israel, ASN213038 (DREAMVPS, IL), Reverse DNS 185.131.144.28.dreamvps.com Software / Express Resource Hash Request headers Accept application/json, text/plain, */* Referer https://fst.am/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:51 GMT ETag W/"c7-Qam0vL7dE8yVK4IEuTA2y7XGkDQ" X-Powered-By Express Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Keep-Alive timeout=5 Content-Length 199
GET H/1.1	200 OK	/ Show response josenau.byethost5.com/	832 B 830 B	96ms 65ms	Document text/html	185.27.134.208 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://josenau.byethost5.com/ Requested by Host: fst.am URL: https://fst.am/_next/static/chunks/pages/%5Bcode%5D-56a745edbc178e2a0ecb.js Protocol HTTP/1.1 Server 185.27.134.208 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash 646b30a63e363d8effbc90f25c06cd2a122391846df64fb4ad827c5656176067 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx Date Thu, 25 Nov 2021 18:37:51 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Expires Thu, 01 Jan 1970 00:00:01 GMT Cache-Control no-cache Content-Encoding gzip
GET H/1.1	200 OK	aes.js josenau.byethost5.com/	30 KB 31 KB	33ms 33ms	Script application/javascript	185.27.134.208 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://josenau.byethost5.com/aes.js Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/ Protocol HTTP/1.1 Server 185.27.134.208 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:51 GMT Last-Modified Sat, 08 Aug 2015 08:32:46 GMT Server nginx ETag "55c5beae-79e6" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 31206
GET H/1.1	200 OK	Primary Request / Show response josenau.byethost5.com/	48 KB 8 KB	176ms 175ms	Document text/html	185.27.134.208 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://josenau.byethost5.com/?i=1 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/ Protocol HTTP/1.1 Server 185.27.134.208 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash d568d0cd904308298f91ffdfe358c5b8c421ac024eeea9b16d271837200605b4 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ Response headers Server nginx Date Thu, 25 Nov 2021 18:37:51 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Content-Encoding gzip
GET H/1.1	200 OK	tc.min.js Show response c1.rfihub.net/js/	19 KB 7 KB	35ms 14ms	Script application/x-javascript	2600:9000:21f3:8c00:1:76cf:fe80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://c1.rfihub.net/js/tc.min.js Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 2600:9000:21f3:8c00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:03:10 GMT Content-Encoding gzip Connection keep-alive Last-Modified Thu, 25 Nov 2021 18:03:00 GMT Server Jetty(9.3.29.v20201019) Age 2082 X-Cache Hit from cloudfront P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Via 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront) Cache-Control public, max-age=3600 X-Amz-Cf-Pop FRA2-C2 Content-Type application/x-javascript Content-Length 6162 X-Amz-Cf-Id 5oDmuDrhYX2YGcyH4N21vp2l3o0KcCIxLbQNfSxY7BYEDnn4-B83eA== Expires Thu, 25 Nov 2021 19:03:10 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/ Redirect Chain http://www.google-analytics.com/analytics.js https://www.google-analytics.com/analytics.js	49 KB 20 KB	30ms 6ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 5805 date Thu, 25 Nov 2021 17:01:07 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Thu, 25 Nov 2021 19:01:07 GMT Redirect headers Location https://www.google-analytics.com/analytics.js Non-Authoritative-Reason HSTS
GET H2	200	197011027887515 Show response connect.facebook.net/signals/config/	305 KB 87 KB	165ms 137ms	Script application/x-javascript	2a03:2880:f02d:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/197011027887515?v=2.9.47&r=stable Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 7537f2a6622fa9f15a31b0dd0c3d24b875dae7cc4349f6e429f972e51ad9bb6e Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug YXKwoVknqtZoIGZfEgQaS+Oj439WP1CSgB1OgxXjagoxF5VYt+5jtXMGfW9oxWAqxoxvFNKzoehkpcwUDMFpVg== x-fb-trip-id 917726464 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Thu, 25 Nov 2021 18:37:56 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	98 KB 26 KB	34ms 6ms	Script application/x-javascript	2a03:2880:f02d:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 25965 x-xss-protection 0 pragma public x-fb-debug jYzkrFl9JeNj20NKVMv/4yLbmqKX/AFWmu8FXy5YLnpH+BGzLRdoiOn31OYX8YcXezA0R9uTb0VpXT2wZVuR7w== x-fb-trip-id 917726464 x-frame-options DENY date Thu, 25 Nov 2021 18:37:56 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	recaptcha__es.js Show response www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/	346 KB 135 KB	47ms 9ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__es.js Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9fdde07c8cf7da1d9bac75a1af694b12a5dcee0e9456094c92dac5e5e3dfc50b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://josenau.byethost5.com/ Origin http://josenau.byethost5.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 24 Nov 2021 07:50:03 GMT content-encoding gzip x-content-type-options nosniff age 125273 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 137628 x-xss-protection 0 last-modified Mon, 04 Oct 2021 04:21:56 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Thu, 24 Nov 2022 07:50:03 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	319 KB 61 KB	88ms 59ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NK23Q4K Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c746a78db67355c41a794dbb9724a37aef4137820763b8c2f1a14e1b78774a1b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:56 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62252 x-xss-protection 0 last-modified Thu, 25 Nov 2021 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 25 Nov 2021 18:37:56 GMT
GET H/1.1	200 OK	conversion_async.js Show response www.googleadservices.com/pagead/	37 KB 15 KB	25ms 24ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://www.googleadservices.com/pagead/conversion_async.js Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Timing-Allow-Origin * Date Thu, 25 Nov 2021 18:37:56 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cafe ETag 684346926396516684 Vary Accept-Encoding P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control private, max-age=3600 Cross-Origin-Resource-Policy cross-origin Content-Disposition attachment; filename="f.txt" Content-Type text/javascript; charset=UTF-8 Content-Length 14378 X-XSS-Protection 0 Expires Thu, 25 Nov 2021 18:37:56 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	9ms 6ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 5809 date Thu, 25 Nov 2021 17:01:07 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Thu, 25 Nov 2021 19:01:07 GMT
GET H2	200	recaptcha__es_419.js Show response www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/	346 KB 135 KB	18ms 16ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__es_419.js Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f28c90ff0593e4891097f2fa718101c0af6e033fc730d652227fb22a50825058 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://josenau.byethost5.com/ Origin http://josenau.byethost5.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 24 Nov 2021 01:45:12 GMT content-encoding gzip x-content-type-options nosniff age 147164 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 137764 x-xss-protection 0 last-modified Mon, 04 Oct 2021 04:21:56 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Thu, 24 Nov 2022 01:45:12 GMT
GET H3	200	197011027887515 Show response connect.facebook.net/signals/config/	305 KB 87 KB	152ms 152ms	Script application/x-javascript	2a03:2880:f02d:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/197011027887515?v=2.9.45&r=stable Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 8f1dfde684ff8e60aec410695e76c6c71133f93e09655f21de355d07f7b15886 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug K9sV24IdIy5NwYcFG/yNFK2kjp8H02V8y0DN/lxwePysXesGIVukEP2WceAAQrWCkhbYgO2JPDg9n+eg1cqHTg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Thu, 25 Nov 2021 18:37:56 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	404	recaptcha__es_419.js www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/	0 0	65ms 50ms	Script text/html	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__es_419.js Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://josenau.byethost5.com/ Origin http://josenau.byethost5.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:56 GMT x-content-type-options nosniff server sffe content-type text/html; charset=UTF-8 access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1625 x-xss-protection 0
GET H/1.1	200 OK	bindIE8.js Show response www.itaulink.com.uy/static/js/	5 KB 2 KB	3571ms 231ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/bindIE8.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 07ea2c7b5715a5ef8d033bdd4d073b27647d43d43ddacffcb73afe9d89bd35fa Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0fe5b87ba3ad71:0" Last-Modified Mon, 26 Apr 2021 16:38:04 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:55 GMT Accept-Ranges bytes Content-Length 1548
GET H/1.1	200 OK	bootstrap.min.css www.itaulink.com.uy/static/css/	119 KB 19 KB	3326ms 458ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/bootstrap.min.css?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 51c39a6552e086decdf8fc686b601be3d5ee7574dfce51a7cdfc3a4c21363dd3 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "804e19f026c4d61:0" Last-Modified Thu, 26 Nov 2020 19:04:17 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Thu, 25 Nov 2021 18:37:54 GMT Accept-Ranges bytes Content-Length 19595
GET H/1.1	200 OK	datepicker.css www.itaulink.com.uy/static/css/	5 KB 1 KB	3097ms 228ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/datepicker.css?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 03ad95964d61ff7b69502b303b9d639aacc99ae34e054e2dfc11a6cd338f5822 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0cb19904ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:34 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Thu, 25 Nov 2021 18:37:54 GMT Accept-Ranges bytes Content-Length 1100
GET H/1.1	200 OK	style.css www.itaulink.com.uy/static/css/	84 KB 17 KB	3335ms 464ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/style.css?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 75201a9a80ed334f3dd27aee7d95a3c4897916e8684f3d98cf31bb5ac4ab8bb6 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "806dce5954a3d71:0" Last-Modified Mon, 06 Sep 2021 19:21:11 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Thu, 25 Nov 2021 18:37:54 GMT Accept-Ranges bytes Content-Length 17540
GET H/1.1	200 OK	style_custom.css www.itaulink.com.uy/static/css/	7 KB 2 KB	3102ms 228ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/style_custom.css?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash dab750858155cedd633f159e6064b0bd772783d1f52c32f2b10a5183ae2152c7 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0cbf06b8190d31:0" Last-Modified Thu, 18 Jan 2018 17:26:06 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Thu, 25 Nov 2021 18:37:54 GMT Accept-Ranges bytes Content-Length 2153
GET H/1.1	200 OK	style_chat.css www.itaulink.com.uy/static/css/	33 KB 6 KB	3106ms 230ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/style_chat.css?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash b8597645b6498a38952e1a231290231273d7a944fb11b3c2e22b1508b3a03d0b Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "8017e7b0c5ed71:0" Last-Modified Mon, 01 Mar 2021 18:07:07 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Thu, 25 Nov 2021 18:37:54 GMT Accept-Ranges bytes Content-Length 5520
GET H/1.1	200 OK	jquery-ui.min.css www.itaulink.com.uy/static/css/	31 KB 8 KB	3109ms 231ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/jquery-ui.min.css?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0a65c794348d31:0" Last-Modified Wed, 18 Oct 2017 19:01:16 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Thu, 25 Nov 2021 18:37:54 GMT Accept-Ranges bytes Content-Length 7878
GET H/1.1	200 OK	select2.css www.itaulink.com.uy/static/css/select2/	18 KB 3 KB	3331ms 234ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/select2/select2.css?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash c693c6e5ac34d344b94f7a68a83365d44d6cd1b130518cb449820261c1234a27 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0e62a9654bad41:0" Last-Modified Fri, 01 Feb 2019 17:35:56 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Thu, 25 Nov 2021 18:37:54 GMT Accept-Ranges bytes Content-Length 2273
GET H/1.1	200 OK	select2.min.css www.itaulink.com.uy/static/css/select2/	15 KB 2 KB	3333ms 231ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/select2/select2.min.css?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash ad8d018af2638e0a390d6976a17b689b1238621b46300701a9a671ca79b532df Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0e62a9654bad41:0" Last-Modified Fri, 01 Feb 2019 17:35:56 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Thu, 25 Nov 2021 18:37:54 GMT Accept-Ranges bytes Content-Length 1997
GET H/1.1	200 OK	all.css www.itaulink.com.uy/static/css/combobox/	277 B 568 B	3337ms 231ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/combobox/all.css?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 3a52fe82cbed73d228f3e3fd40d04ecf9c6033f5198bc935a0f280953ed0dc45 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-POWERED-BY ETag "0f84a914ccd11:0" X-Frame-Options SAMEORIGIN Content-Type text/css Date Thu, 25 Nov 2021 18:37:54 GMT Accept-Ranges bytes Content-Length 277
GET H/1.1	200 OK	bootstrap.min.css www.itaulink.com.uy/static/css/	119 KB 19 KB	3572ms 464ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/bootstrap.min.css Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 51c39a6552e086decdf8fc686b601be3d5ee7574dfce51a7cdfc3a4c21363dd3 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "804e19f026c4d61:0" Last-Modified Thu, 26 Nov 2020 19:04:17 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Thu, 25 Nov 2021 18:37:54 GMT Accept-Ranges bytes Content-Length 19595
GET H/1.1	200 OK	style.css www.itaulink.com.uy/static/css/	84 KB 17 KB	3553ms 229ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/style.css Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 75201a9a80ed334f3dd27aee7d95a3c4897916e8684f3d98cf31bb5ac4ab8bb6 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "806dce5954a3d71:0" Last-Modified Mon, 06 Sep 2021 19:21:11 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Thu, 25 Nov 2021 18:37:55 GMT Accept-Ranges bytes Content-Length 17540
GET H/1.1	200 OK	datepicker.css www.itaulink.com.uy/static/css/	5 KB 1 KB	3560ms 230ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/datepicker.css Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 03ad95964d61ff7b69502b303b9d639aacc99ae34e054e2dfc11a6cd338f5822 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0cb19904ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:34 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Thu, 25 Nov 2021 18:37:55 GMT Accept-Ranges bytes Content-Length 1100
GET H/1.1	200 OK	all.css www.itaulink.com.uy/static/css/combobox/	277 B 568 B	3558ms 227ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/combobox/all.css Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 3a52fe82cbed73d228f3e3fd40d04ecf9c6033f5198bc935a0f280953ed0dc45 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-POWERED-BY ETag "0f84a914ccd11:0" X-Frame-Options SAMEORIGIN Content-Type text/css Date Thu, 25 Nov 2021 18:37:55 GMT Accept-Ranges bytes Content-Length 277
GET H/1.1	200 OK	dynamicoptionlist.js Show response www.itaulink.com.uy/static/js/	19 KB 5 KB	3799ms 246ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/dynamicoptionlist.js Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 2bc39e781bf0b13697df9d3eae91450984e577f99f288bd5eaceec7d2de50efe Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0f84a914ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:55 GMT Accept-Ranges bytes Content-Length 5122
GET H/1.1	200 OK	style_solicitar_ingreso.css www.itaulink.com.uy/static/css/	22 KB 23 KB	3566ms 233ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/style_solicitar_ingreso.css?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 39b1bef183c320359664461cfe1dbb8ebd6e7a0ea196baa7720a66d7e9131c07 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Wed, 23 Oct 2019 16:04:07 GMT Server X-POWERED-BY ETag "80359a7fbb89d51:0" X-Frame-Options SAMEORIGIN Content-Type text/css Date Thu, 25 Nov 2021 18:37:55 GMT Accept-Ranges bytes Content-Length 22946
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 968 B	47ms 18ms	Script text/javascript	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash fcec8f9f4b2b56dcc746a20c4d2f2992bbefcacc3f2aad7e2b45f1f32da22e67 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:52 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 555 x-xss-protection 1; mode=block expires Thu, 25 Nov 2021 18:37:52 GMT
GET H2	200	/ Show response www.googleadservices.com/pagead/conversion/784459739/	2 KB 2 KB	46ms 17ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/784459739/?random=1630218600013&cv=9&fst=1630218600013&num=1&value=0&label=-GB1CNv5t5kBENvPh_YC&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itaulink.com.uy%2Ftrx%2Fsolicitar_ingreso%3F_ga%3D2.130750799.1571806777.1630218558-862979872.1630218558&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA%20Link&auid=740869104.1630218600&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash df5014262fdc1badd072c9be607ab2ef5c6b1825d5fda541ad38d6fe85414597 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:52 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1278 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/	2 KB 1 KB	52ms 23ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/?random=1630218600021&cv=9&fst=1630218600021&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itaulink.com.uy%2Ftrx%2Fsolicitar_ingreso%3F_ga%3D2.130750799.1571806777.1630218558-862979872.1630218558&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA%20Link&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 104bdc074b7890d3a9b709d67959a62f0d61ac058be8e558855393decfc902bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:52 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1074 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/	2 KB 2 KB	47ms 19ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/?random=1630219023846&cv=9&fst=1630219023846&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Flocalhost%2Findex2.php&tiba=Ita%C3%BA%20Link&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 49f4d4e4eeff7fc989893fdb8f9cee60012c56fc9fb9a591fb25615d12294e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:52 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1006 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/	2 KB 1 KB	48ms 20ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/?random=1630219386284&cv=9&fst=1630219386284&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=4&u_tz=480&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Flocalhost%2Findex2.php&tiba=Ita%C3%BA%20Link&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bb55e5248c22911df8f03b85b6b681123624d8166d24bf56e247284e1319ed32 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:52 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1011 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/	2 KB 1 KB	48ms 20ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/?random=1630219740336&cv=9&fst=1630219740336&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Flocalhost%2Findex2.php&tiba=Ita%C3%BA%20Link&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 84506ebe5fe1fa7bb08a7cac2ab30a7163544c7a3cad0847d53384bec9d6f85b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:52 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1003 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/	2 KB 1 KB	47ms 19ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/?random=1633810122727&cv=9&fst=1633810122727&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&gtm=2wga60&sendb=1&ig=1&frm=0&url=http%3A%2F%2Flocalhost%2FITAUUY%2F&tiba=Ita%C3%BA%20Link&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 118fa1c18763931991bffb5cb2aa27973cbcaedf5f68aac0d525e35727472ca7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:52 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1009 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/	2 KB 1 KB	47ms 20ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/?random=1633810721419&cv=9&fst=1633810721419&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&gtm=2wga60&sendb=1&ig=1&frm=0&url=http%3A%2F%2Flocalhost%2FITAUUY%2F&tiba=Ita%C3%BA%20Link&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4e62363b863232c8a84f4324a7925905cfba8ff840186ad32755690336a0e5be Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:52 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1008 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	logo_mobile@2x.png www.itaulink.com.uy/static/img/logos/	2 KB 3 KB	447ms 229ms	Image image/png	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Show image Full URL https://www.itaulink.com.uy/static/img/logos/logo_mobile@2x.png Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash eb9231d940d6d53cef3f62eb41173cbf72e12e286c0e35f899daa9b07df50ed8 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Wed, 10 Mar 2021 15:37:14 GMT Server X-POWERED-BY ETag "0f15f3ec315d71:0" X-Frame-Options SAMEORIGIN Content-Type image/png Date Thu, 25 Nov 2021 18:37:56 GMT Accept-Ranges bytes Content-Length 2416
GET H/1.1	200 OK	btn-cerrar.gif www.itaulink.com.uy/static/img/btns/	1 KB 2 KB	235ms 235ms	Image image/gif	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Show image Full URL https://www.itaulink.com.uy/static/img/btns/btn-cerrar.gif Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 5daf7ae4f0197725941fc0b20ef09bc5d05d3f4f5b3cf39914ce9e6df81988e5 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-POWERED-BY ETag "0f84a914ccd11:0" X-Frame-Options SAMEORIGIN Content-Type image/gif Date Thu, 25 Nov 2021 18:37:56 GMT Accept-Ranges bytes Content-Length 1263
GET H/1.1	200 OK	spinner.svg www.itaulink.com.uy/static/img/icons/	2 KB 3 KB	230ms 230ms	Image image/svg+xml	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Show image Full URL https://www.itaulink.com.uy/static/img/icons/spinner.svg Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash e57ac4e87aee6133140bdb844563b7edc3f5df2ebb26e5baf89b8e47d30dc3ff Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Mon, 03 Dec 2018 18:17:30 GMT Server X-POWERED-BY ETag "019ec73348bd41:0" X-Frame-Options SAMEORIGIN Content-Type image/svg+xml Date Thu, 25 Nov 2021 18:37:57 GMT Accept-Ranges bytes Content-Length 2310
GET H/1.1	200 OK	jquery-3.5.1.min.js Show response www.itaulink.com.uy/static/js/	87 KB 31 KB	232ms 231ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/jquery-3.5.1.min.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "08e4d7819d3d61:0" Last-Modified Tue, 15 Dec 2020 19:35:40 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:55 GMT Accept-Ranges bytes Content-Length 30976
GET H/1.1	200 OK	jquery-ui.min.js Show response www.itaulink.com.uy/static/js/	248 KB 67 KB	484ms 484ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/jquery-ui.min.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 21cacca8e9eb98f1f32702b4176685f2f941af51ab5bc7cf88ccb5435a1bb080 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0a65c794348d31:0" Last-Modified Wed, 18 Oct 2017 19:01:16 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:55 GMT Accept-Ranges bytes Content-Length 68124
GET H/1.1	200 OK	widget.js Show response www.itaulink.com.uy/static/js/combobox/	18 KB 6 KB	232ms 232ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/combobox/widget.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash f2d1c34bba791e0440d8bca0218184fa6fbfcb40773774e6954bbb1f81849e24 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0257c924ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:38 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:55 GMT Accept-Ranges bytes Content-Length 5694
GET H/1.1	200 OK	bootstrap.min.js Show response www.itaulink.com.uy/static/js/	39 KB 11 KB	240ms 239ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/bootstrap.min.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "09181093c2d61:0" Last-Modified Tue, 24 Nov 2020 18:53:14 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:55 GMT Accept-Ranges bytes Content-Length 10939
GET H/1.1	200 OK	bootstrap-datepicker.min.js Show response www.itaulink.com.uy/static/js/	26 KB 8 KB	236ms 236ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/bootstrap-datepicker.min.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 63b7fb88c9ada67a6ce783446787f1a355120322e33ff7fecf888942f32eae18 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0f84a914ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:55 GMT Accept-Ranges bytes Content-Length 7954
GET H/1.1	200 OK	functions.js Show response www.itaulink.com.uy/static/js/	28 KB 6 KB	237ms 236ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/functions.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 2498fabc39ba617cf593e4aedd456dbe93c45cefb4214718d1e946f6989f0058 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "8080e8e52483d71:0" Last-Modified Tue, 27 Jul 2021 20:20:53 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:55 GMT Accept-Ranges bytes Content-Length 6275
GET H/1.1	200 OK	numeral.min.js Show response www.itaulink.com.uy/static/js/	7 KB 3 KB	235ms 234ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/numeral.min.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash fbf89a33c155d951884b2f5c3687a46cff4fc85f8b595000cb0a2795d4918476 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0f84a914ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:55 GMT Accept-Ranges bytes Content-Length 2542
GET H/1.1	200 OK	es.min.js Show response www.itaulink.com.uy/static/js/	545 B 850 B	230ms 230ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/es.min.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 578e746c1addbc5360c2741b4ab7fdb8c3b25662f1c1296da4a8c013e1c68e47 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-POWERED-BY ETag "0f84a914ccd11:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:56 GMT Accept-Ranges bytes Content-Length 545
GET H/1.1	200 OK	validations.js Show response www.itaulink.com.uy/static/js/	17 KB 5 KB	229ms 229ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/validations.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 1839421bc90934893f976c23d7fe58fd47ae94e12749826e3fccb71e2ad4c8d5 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "05ab6c569fd71:0" Last-Modified Wed, 01 Sep 2021 17:23:16 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:56 GMT Accept-Ranges bytes Content-Length 4612
GET H/1.1	200 OK	moment.min.js Show response www.itaulink.com.uy/static/js/	34 KB 12 KB	232ms 231ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/moment.min.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 62d68b60ce880b5ea669c774c2c84b7c9e88cf58ffe26b0d3f449580d18d550d Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0f84a914ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:56 GMT Accept-Ranges bytes Content-Length 12442
GET H/1.1	200 OK	main.js Show response www.itaulink.com.uy/static/js/	38 KB 8 KB	233ms 233ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/main.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 7b8adae207187892415b6468542cd0fddfe941f8b8907126efff237d33853d51 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "80f150d9a521d71:0" Last-Modified Thu, 25 Mar 2021 18:37:03 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:56 GMT Accept-Ranges bytes Content-Length 7687
GET H/1.1	200 OK	dynamicoptionlist.js Show response www.itaulink.com.uy/static/js/	19 KB 5 KB	231ms 229ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/dynamicoptionlist.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 2bc39e781bf0b13697df9d3eae91450984e577f99f288bd5eaceec7d2de50efe Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0f84a914ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:56 GMT Accept-Ranges bytes Content-Length 5122
GET H/1.1	200 OK	Chart_master_fix.min.js Show response www.itaulink.com.uy/static/js/	154 KB 46 KB	234ms 234ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/Chart_master_fix.min.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash c316482864fb5c62786edafc8469a5fa98fa49563836dab8ab4bc52c917c90e5 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "04229ff1569d31:0" Last-Modified Wed, 29 Nov 2017 13:28:52 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:56 GMT Accept-Ranges bytes Content-Length 46497
GET H/1.1	200 OK	jquery-cookie.js Show response www.itaulink.com.uy/static/js/	3 KB 2 KB	231ms 230ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/jquery-cookie.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash afd6a5f6de40e9e67b55ff6afec66fff4827e775c996ab80c9e964a872a92523 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0a65c794348d31:0" Last-Modified Wed, 18 Oct 2017 19:01:16 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:56 GMT Accept-Ranges bytes Content-Length 1378
GET H/1.1	200 OK	bodyScrollLock.min.js Show response www.itaulink.com.uy/static/js/	3 KB 1 KB	232ms 232ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/bodyScrollLock.min.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 866f0301eda412172e6011cd70d0b1a15dd106414c901d73b01c4de129762de2 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "8017e7b0c5ed71:0" Last-Modified Mon, 01 Mar 2021 18:07:07 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:56 GMT Accept-Ranges bytes Content-Length 1078
GET H/1.1	200 OK	chatFunctions.js Show response www.itaulink.com.uy/static/js/	9 KB 3 KB	234ms 233ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/chatFunctions.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash d23005b1ded6c92cf39061db85922cceeff274bbd40b56195abacd56ec407f7e Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "8042ce77162bd71:0" Last-Modified Tue, 06 Apr 2021 18:55:53 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:56 GMT Accept-Ranges bytes Content-Length 2615
GET H/1.1	200 OK	ventanasFunctions.js Show response www.itaulink.com.uy/static/js/	2 KB 3 KB	231ms 230ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/ventanasFunctions.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash adfc8b4332ee6c69195bb2baebdeec635a9a7c6329859a86370a7cf6c00f3984 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Tue, 28 Jul 2020 19:32:52 GMT Server X-POWERED-BY ETag "0ca55e21565d61:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:56 GMT Accept-Ranges bytes Content-Length 2482
GET H/1.1	200 OK	autocomplete.js Show response www.itaulink.com.uy/static/js/combobox/	17 KB 5 KB	233ms 232ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/combobox/autocomplete.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 89e1c8b4658aa4cc23d0af03a5ec674fea58cb018586246cb63eb5b7adab2487 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0257c924ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:38 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:56 GMT Accept-Ranges bytes Content-Length 5255
GET H/1.1	200 OK	core.js Show response www.itaulink.com.uy/static/js/combobox/	9 KB 4 KB	232ms 232ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/combobox/core.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 2027494e3a3a04341c7011be19f61763db8b61016386a2304d42f89591a11ba2 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0257c924ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:38 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:56 GMT Accept-Ranges bytes Content-Length 3554
GET H/1.1	200 OK	menu.js Show response www.itaulink.com.uy/static/js/combobox/	17 KB 5 KB	231ms 230ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/combobox/menu.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 0b4a1f407f59ffb0c615cda75b36841706ac376b5de5fc8f5f82a3f202faa951 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0257c924ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:38 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:56 GMT Accept-Ranges bytes Content-Length 5085
GET H/1.1	200 OK	position.js Show response www.itaulink.com.uy/static/js/combobox/	15 KB 4 KB	228ms 228ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/combobox/position.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 74bd84345563895cf49eb99c4eae5c4bd476b1984a0d8a70af4ee6450565a9b6 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0257c924ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:38 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:56 GMT Accept-Ranges bytes Content-Length 3967
GET H/1.1	200 OK	select2.js Show response www.itaulink.com.uy/static/js/select2/	149 KB 32 KB	231ms 231ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/select2/select2.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 87d218e78fedf031eeafdffe610c0d8d37e6792b9d8b0b360889e3c35679edf8 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0e62a9654bad41:0" Last-Modified Fri, 01 Feb 2019 17:35:56 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:56 GMT Accept-Ranges bytes Content-Length 32394
GET H/1.1	200 OK	select2.min.js Show response www.itaulink.com.uy/static/js/select2/	66 KB 19 KB	232ms 231ms	Script application/javascript	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/js/select2/select2.min.js?timestamp=60_6 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash d7dd05bfc68901dbb2c883a7bd65698c29b3917d61f0e12d1966dca14d5056c0 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0e62a9654bad41:0" Last-Modified Fri, 01 Feb 2019 17:35:56 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type application/javascript Date Thu, 25 Nov 2021 18:37:56 GMT Accept-Ranges bytes Content-Length 19395
GET H/1.1	200 OK	base.css www.itaulink.com.uy/static/css/combobox/	350 B 641 B	245ms 245ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/combobox/base.css Requested by Host: www.itaulink.com.uy URL: https://www.itaulink.com.uy/static/css/combobox/all.css?timestamp=60_6 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 68e5267688e1cfe7e5e65e1f25a182b11142ad035f2ad0624deb22eca286e600 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.itaulink.com.uy/static/css/combobox/all.css?timestamp=60_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-POWERED-BY ETag "0f84a914ccd11:0" X-Frame-Options SAMEORIGIN Content-Type text/css Date Thu, 25 Nov 2021 18:37:55 GMT Accept-Ranges bytes Content-Length 350
GET H/1.1	200 OK	theme.css www.itaulink.com.uy/static/css/combobox/	17 KB 3 KB	244ms 244ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/combobox/theme.css Requested by Host: www.itaulink.com.uy URL: https://www.itaulink.com.uy/static/css/combobox/all.css?timestamp=60_6 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash cb5e22f58d4a3582cb0727d8c9aaa7a2ee91228df72892d785673e399730ea83 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.itaulink.com.uy/static/css/combobox/all.css?timestamp=60_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Content-Encoding gzip ETag "0f84a914ccd11:0" Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-Frame-Options SAMEORIGIN X-POWERED-BY Vary Accept-Encoding Content-Type text/css Date Thu, 25 Nov 2021 18:37:55 GMT Accept-Ranges bytes Content-Length 2810
GET H/1.1	200 OK	core.css www.itaulink.com.uy/static/css/combobox/	1 KB 2 KB	229ms 229ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/combobox/core.css Requested by Host: www.itaulink.com.uy URL: https://www.itaulink.com.uy/static/css/combobox/base.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 8fe4d3e5dbb6ffab4fc1bb7e638abe5926722e3f84ac8bda8dc7089ad0e18713 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.itaulink.com.uy/static/css/combobox/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-POWERED-BY ETag "0f84a914ccd11:0" X-Frame-Options SAMEORIGIN Content-Type text/css Date Thu, 25 Nov 2021 18:37:55 GMT Accept-Ranges bytes Content-Length 1452
GET H/1.1	200 OK	autocomplete.css www.itaulink.com.uy/static/css/combobox/	318 B 609 B	230ms 230ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/combobox/autocomplete.css Requested by Host: www.itaulink.com.uy URL: https://www.itaulink.com.uy/static/css/combobox/base.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 36dc80445c31112589a939bfd6d25606af37924da5ce8227d89860066f4821df Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.itaulink.com.uy/static/css/combobox/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-POWERED-BY ETag "0f84a914ccd11:0" X-Frame-Options SAMEORIGIN Content-Type text/css Date Thu, 25 Nov 2021 18:37:55 GMT Accept-Ranges bytes Content-Length 318
GET H/1.1	200 OK	menu.css www.itaulink.com.uy/static/css/combobox/	1 KB 1 KB	239ms 239ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/combobox/menu.css Requested by Host: www.itaulink.com.uy URL: https://www.itaulink.com.uy/static/css/combobox/base.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 9abe7b079fdfb4f4d25d3aa082105f6ff11aaa9cf06b59156bc3073bd70309fa Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.itaulink.com.uy/static/css/combobox/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-POWERED-BY ETag "0f84a914ccd11:0" X-Frame-Options SAMEORIGIN Content-Type text/css Date Thu, 25 Nov 2021 18:37:55 GMT Accept-Ranges bytes Content-Length 1129
GET H/1.1	200 OK	selectmenu.css www.itaulink.com.uy/static/css/combobox/	1 KB 1 KB	236ms 236ms	Stylesheet text/css	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Full URL https://www.itaulink.com.uy/static/css/combobox/selectmenu.css Requested by Host: www.itaulink.com.uy URL: https://www.itaulink.com.uy/static/css/combobox/base.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash 35dc7fd2a80cc99465f4d43556115187eed3355b6c93e5b96755e4452b4a4b58 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.itaulink.com.uy/static/css/combobox/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Tue, 21 Jun 2016 21:33:36 GMT Server X-POWERED-BY ETag "0f84a914ccd11:0" X-Frame-Options SAMEORIGIN Content-Type text/css Date Thu, 25 Nov 2021 18:37:55 GMT Accept-Ranges bytes Content-Length 1126
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/	347 KB 135 KB	22ms 7ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://josenau.byethost5.com/ Origin http://josenau.byethost5.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 16:47:48 GMT content-encoding gzip x-content-type-options nosniff age 6608 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 138691 x-xss-protection 0 last-modified Mon, 15 Nov 2021 05:04:02 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Fri, 25 Nov 2022 16:47:48 GMT
GET H3	200	/ www.google.de/pagead/1p-conversion/784459739/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/?random=695457376&cv=9&fst=1630218600013&num=1&value=0&label=-GB1CNv5t5kBENvPh_YC&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_... https://www.google.com/pagead/1p-conversion/784459739/?random=695457376&cv=9&fst=1630218600013&num=1&value=0&label=-GB1CNv5t5kBENvPh_YC&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=... https://www.google.de/pagead/1p-conversion/784459739/?random=695457376&cv=9&fst=1630218600013&num=1&value=0&label=-GB1CNv5t5kBENvPh_YC&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1...	42 B 64 B	41ms 25ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/784459739/?random=695457376&cv=9&fst=1630218600013&num=1&value=0&label=-GB1CNv5t5kBENvPh_YC&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itaulink.com.uy%2Ftrx%2Fsolicitar_ingreso%3F_ga%3D2.130750799.1571806777.1630218558-862979872.1630218558&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA%20Link&auid=740869104.1630218600&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ANifYY_QBpKqx_AP2NGwwAk&cid=CAQSKQCNIrLM7k09qAXLF84_N92dgUuwYuAGxFafq6mFYMyyS107LephI_xJ&eitems=ChAIgIX9jAYQjKiyzIeJt5JBEh0AByrlGZYqktKY9axLKAVUhrcnG-dwFgCWbcGT_A&random=2760828250&resp=GooglemKTybQhCsO&ipr=y&prhg=0 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H3 Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/gif location https://www.google.de/pagead/1p-conversion/784459739/?random=695457376&cv=9&fst=1630218600013&num=1&value=0&label=-GB1CNv5t5kBENvPh_YC&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itaulink.com.uy%2Ftrx%2Fsolicitar_ingreso%3F_ga%3D2.130750799.1571806777.1630218558-862979872.1630218558&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA%20Link&auid=740869104.1630218600&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ANifYY_QBpKqx_AP2NGwwAk&cid=CAQSKQCNIrLM7k09qAXLF84_N92dgUuwYuAGxFafq6mFYMyyS107LephI_xJ&eitems=ChAIgIX9jAYQjKiyzIeJt5JBEh0AByrlGZYqktKY9axLKAVUhrcnG-dwFgCWbcGT_A&random=2760828250&resp=GooglemKTybQhCsO&ipr=y&prhg=0 cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/784459739/	42 B 109 B	22ms 19ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/784459739/?random=1630218600021&cv=9&fst=1630216800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&frm=0&url=https%3A%2F%2Fwww.itaulink.com.uy%2Ftrx%2Fsolicitar_ingreso%3F_ga%3D2.130750799.1571806777.1630218558-862979872.1630218558&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=608900497&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/784459739/	42 B 109 B	47ms 20ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/784459739/?random=1630218600021&cv=9&fst=1630216800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&frm=0&url=https%3A%2F%2Fwww.itaulink.com.uy%2Ftrx%2Fsolicitar_ingreso%3F_ga%3D2.130750799.1571806777.1630218558-862979872.1630218558&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=608900497&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/784459739/	42 B 109 B	22ms 20ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/784459739/?random=1630219023846&cv=9&fst=1630216800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&frm=0&url=http%3A%2F%2Flocalhost%2Findex2.php&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=2728265456&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/784459739/	42 B 109 B	44ms 21ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/784459739/?random=1630219023846&cv=9&fst=1630216800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&frm=0&url=http%3A%2F%2Flocalhost%2Findex2.php&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=2728265456&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/784459739/	42 B 109 B	25ms 23ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/784459739/?random=1630219386284&cv=9&fst=1630216800000&num=1&guid=ON&eid=376635470&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=4&u_tz=480&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&frm=0&url=http%3A%2F%2Flocalhost%2Findex2.php&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=1563970772&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/784459739/	42 B 549 B	41ms 19ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/784459739/?random=1630219386284&cv=9&fst=1630216800000&num=1&guid=ON&eid=376635470&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=4&u_tz=480&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&frm=0&url=http%3A%2F%2Flocalhost%2Findex2.php&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=1563970772&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/784459739/	42 B 109 B	23ms 21ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/784459739/?random=1630219740336&cv=9&fst=1630216800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&frm=0&url=http%3A%2F%2Flocalhost%2Findex2.php&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=2828264371&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/784459739/	42 B 109 B	22ms 21ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/784459739/?random=1630219740336&cv=9&fst=1630216800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8p0&sendb=1&frm=0&url=http%3A%2F%2Flocalhost%2Findex2.php&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=2828264371&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/784459739/	42 B 109 B	21ms 20ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/784459739/?random=1633810122727&cv=9&fst=1633809600000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&gtm=2wga60&sendb=1&frm=0&url=http%3A%2F%2Flocalhost%2FITAUUY%2F&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=2532430439&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/784459739/	42 B 109 B	22ms 21ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/784459739/?random=1633810122727&cv=9&fst=1633809600000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&gtm=2wga60&sendb=1&frm=0&url=http%3A%2F%2Flocalhost%2FITAUUY%2F&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=2532430439&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/784459739/	42 B 328 B	20ms 19ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/784459739/?random=1633810721419&cv=9&fst=1633809600000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&gtm=2wga60&sendb=1&frm=0&url=http%3A%2F%2Flocalhost%2FITAUUY%2F&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=599389052&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/784459739/	42 B 109 B	21ms 20ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/784459739/?random=1633810721419&cv=9&fst=1633809600000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&gtm=2wga60&sendb=1&frm=0&url=http%3A%2F%2Flocalhost%2FITAUUY%2F&tiba=Ita%C3%BA%20Link&async=1&fmt=3&is_vtc=1&random=599389052&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	icon_dropdown.svg www.itaulink.com.uy/static/img/icons/	809 B 1 KB	442ms 233ms	Image image/svg+xml	200.40.133.67 Administracion Na...
General Check archive.org Show headers Download Go to Show image Full URL https://www.itaulink.com.uy/static/img/icons/icon_dropdown.svg Requested by Host: www.itaulink.com.uy URL: https://www.itaulink.com.uy/static/css/style_solicitar_ingreso.css?timestamp=60_6 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.40.133.67 La Paz, Uruguay, ASN6057 (Administracion Nacional de Telecomunicaciones, UY), Reverse DNS r200-40-133-67.static.adinet.com.uy Software / Resource Hash ada696cecfeb1fbab2100f3f376286b68f39ef37cbb5e2b1b652638197c6b880 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.itaulink.com.uy/static/css/style_solicitar_ingreso.css?timestamp=60_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Strict-Transport-Security max-age=86400 Last-Modified Wed, 14 Mar 2018 19:24:42 GMT Server X-POWERED-BY ETag "079201acabbd31:0" X-Frame-Options SAMEORIGIN Content-Type image/svg+xml Date Thu, 25 Nov 2021 18:37:56 GMT Accept-Ranges bytes Content-Length 809
GET H/1.1	200 OK	ca.html Show response 20818439p.rfihub.com/sr/ Frame E07E Redirect Chain http://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3243621795075373 https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3243621795075373	3 KB 4 KB	85ms 26ms	Document text/html	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3243621795075373 Requested by Host: c1.rfihub.net URL: http://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 2ea17f7b768c00ae6505fab3b42d1b16c75c82291a7097e935e4fbac72e6b59d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ Response headers Date Thu, 25 Nov 2021 18:37:56 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control no-cache Content-Type text/html;charset=utf-8 Content-Length 2793 Server Jetty(9.3.29.v20201019) Redirect headers Date Thu, 25 Nov 2021 18:37:56 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3243621795075373 Content-Length 0
GET H3	200	197011027887515 Show response connect.facebook.net/signals/config/	305 KB 87 KB	149ms 141ms	Script application/x-javascript	2a03:2880:f02d:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/197011027887515?v=2.9.48&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 7537f2a6622fa9f15a31b0dd0c3d24b875dae7cc4349f6e429f972e51ad9bb6e Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug yAAz8fQdFbOYCc7gE0UpelQL3YoIsxURPfwhzajuhkynlVcTfROj1ZKjgilunt2zXyuayuEPiyMYLEK3qF6ozw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Thu, 25 Nov 2021 18:37:56 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	14ms 13ms	XHR text/plain	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=646950084&t=pageview&_s=1&dl=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&ul=en-us&de=UTF-8&dt=Ita%C3%BA%20Paraguay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEABFAAAAC~&jid=1332751096&gjid=461748965&cid=1606736347.1637865476&tid=UA-64060276-8&_gid=458780425.1637865476&_r=1&gtm=2wgba1NK23Q4K&z=970191144 Requested by Host: www.google-analytics.com URL: http://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://josenau.byethost5.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://josenau.byethost5.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	ca.html Show response 20818439p.rfihub.com/sr/ Frame 90B6 Redirect Chain http://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=03807196407341529 https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=03807196407341529	3 KB 4 KB	28ms 28ms	Document text/html	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=03807196407341529 Requested by Host: c1.rfihub.net URL: http://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash e52554970deca301e0ab34a8f442910bb2839a59734d796e79af1eaa04cbce41 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ Response headers Date Thu, 25 Nov 2021 18:37:56 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control no-cache Content-Type text/html;charset=utf-8 Content-Length 2793 Server Jetty(9.3.29.v20201019) Redirect headers Date Thu, 25 Nov 2021 18:37:56 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=03807196407341529 Content-Length 0
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/	2 KB 1 KB	25ms 25ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/?random=1637865476394&cv=9&fst=1637865476394&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&ref=http%3A%2F%2Fjosenau.byethost5.com%2F&tiba=Ita%C3%BA%20Paraguay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: http://www.googleadservices.com/pagead/conversion_async.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fb6e0deb543f9d0eabc78551e484aff2fb83bb0e04dfdfd8658ea5f94b88e7d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1020 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 446 B	46ms 15ms	XHR text/plain	2a00:1450:400c:c1b::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-64060276-8&cid=1606736347.1637865476&jid=1332751096&gjid=461748965&_gid=458780425.1637865476&_u=aGBACEAAFAAAAC~&z=1457970179 Requested by Host: www.google-analytics.com URL: http://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://josenau.byethost5.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Thu, 25 Nov 2021 18:37:56 GMT content-type text/plain access-control-allow-origin http://josenau.byethost5.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 297 B	23ms 7ms	Image image/gif	2a03:2880:f11c:8083:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=197011027887515&ev=PageView&dl=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&rl=http%3A%2F%2Fjosenau.byethost5.com%2F&if=false&ts=1637865476406&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637865476405.1601760969&it=1637865476196&coo=false&rqm=GET Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:56 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 content-length 44 expires Thu, 25 Nov 2021 18:37:56 GMT
GET H/1.1	200 OK	cm a.rfihub.com/ Frame E07E Redirect Chain https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYyMTU3NzI2NTc4MQ==&forward= https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1	42 B 1 KB	83ms 22ms	Image image/gif	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:56 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 311 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame E07E Redirect Chain https://ib.adnxs.com/setuid?entity=18&code=5109685621577265781 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685621577265781	43 B 1 KB	11ms 11ms	Image image/gif	185.33.221.50 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685621577265781 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Thu, 25 Nov 2021 18:37:56 GMT X-Proxy-Origin 136.243.198.81; 136.243.198.81; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 95bf7abc-af8d-4a6f-9c78-882cc3332f4a Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Thu, 25 Nov 2021 18:37:56 GMT X-Proxy-Origin 136.243.198.81; 136.243.198.81; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 08f9e4bd-73f8-4250-9b05-8a41adca2dce Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685621577265781 Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	cm p.rfihub.com/ Frame E07E Redirect Chain https://stags.bluekai.com/site/4722?id=5109685621577265781&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=	42 B 1 KB	23ms 22ms	Image image/gif	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward= Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:56 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers Location https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward= Date Thu, 25 Nov 2021 18:37:56 GMT Connection keep-alive Content-Length 0 P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame E07E	0 239 B	32ms 7ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5109685621577265781& Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 3bafef7aa4e37890defcd73f0a080481 Content-Type image/gif
GET H/1.1	200 OK	demconf.jpg dpm.demdex.net/ Frame E07E Redirect Chain https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5109685621577265781&redir= https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685621577265781&redir=	42 B 945 B	33ms 33ms	Image image/gif	54.72.239.169 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685621577265781&redir= Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 54.72.239.169 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-239-169.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v019-08cde8078.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID dnsFcqx8SSY= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers DCS dcs-prod-irl1-2-v019-0ff20dc55.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID N0udkQBWSn4= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685621577265781&redir= Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200 OK	match ps.eyeota.net/ Frame E07E Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0	0 344 B	43ms 10ms	Image text/plain	52.57.150.20 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-150-20.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:56 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0 Date Thu, 25 Nov 2021 18:37:56 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	cksync.php contextual.media.net/ Frame E07E	45 B 618 B	100ms 80ms	Image image/gif	2.18.235.93 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5109685621577265781 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-235-93.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=604800 server Apache date Thu, 25 Nov 2021 18:37:56 GMT p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA cache-control max-age=0, no-cache, no-store content-type image/gif content-length 45 x-mnet-hl2 E expires Thu, 25 Nov 2021 18:37:56 GMT
GET H2	200	serving bs.serving-sys.com/ Frame E07E	0 106 B	49ms 9ms	Image text/plain	52.59.21.149 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.59.21.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-21-149.eu-central-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:56 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 0 p3p CP="NOI DEVa OUR BUS UNI"
GET H2	200	362358.gif idsync.rlcdn.com/ Frame E07E Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685621577265781&referrer=http%3A%2F%2Fjosenau.byethost5.com%2F https://p.rfihub.com/cm?pub=39342&in=0&userid=03195270-8106-4667-b932-7e34808dd076%3A1637865476.53&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D03195270-8106-4667-b932-7e34808dd076... https://idsync.rlcdn.com/501709.gif?partner_uid=03195270-8106-4667-b932-7e34808dd076%3A1637865476.53 https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIPFWSmRovJzdu7B5jgzaOQ&google_cver=1	42 B 301 B	15ms 15ms	Image image/gif	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIPFWSmRovJzdu7B5jgzaOQ&google_cver=1 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Thu, 25 Nov 2021 18:37:56 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store content-type image/gif alt-svc clear content-length 42 Redirect headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIPFWSmRovJzdu7B5jgzaOQ&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 289 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ bpi.rtactivate.com/tag/ Frame E07E	43 B 109 B	381ms 150ms	Image image/gif	3.229.229.140 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5109685621577265781 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.229.229.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-229-229-140.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:56 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame E07E Redirect Chain https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685621577265781&forward= https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685621577265781&forward=&C=1	43 B 1006 B	44ms 44ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685621577265781&forward=&C=1 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Thu, 25 Nov 2021 18:37:56 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 25 Nov 2021 18:37:56 GMT Redirect headers Pragma no-cache Date Thu, 25 Nov 2021 18:37:56 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685621577265781&forward=&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 295 Expires Thu, 25 Nov 2021 18:37:56 GMT
GET H2	200	360947.gif idsync.rlcdn.com/ Frame E07E	42 B 418 B	31ms 14ms	Image image/gif	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5109685621577265781 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Thu, 25 Nov 2021 18:37:56 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store content-type image/gif alt-svc clear content-length 42
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame E07E	43 B 193 B	171ms 143ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5109685621577265781 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT cache-control max-age=0, no-cache, no-store expires Thu, 25 Nov 2021 18:37:56 GMT content-length 43 strict-transport-security max-age=2628000 content-type image/gif
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame E07E Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685621577265781&img=1 https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685621577265781&img=1&__user_check__=1&sync_id=ceb7c40c-4e1e-11ec-918d-14684a3a0306	43 B 548 B	27ms 27ms	Image image/gif	185.94.180.125 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685621577265781&img=1&__user_check__=1&sync_id=ceb7c40c-4e1e-11ec-918d-14684a3a0306 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:56 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 10 Connection keep-alive Content-Length 43 Redirect headers Date Thu, 25 Nov 2021 18:37:56 GMT Server nginx Location /partner?adv_id=7180&uid=5109685621577265781&img=1&__user_check__=1&sync_id=ceb7c40c-4e1e-11ec-918d-14684a3a0306 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 117 Connection keep-alive Content-Length 0
GET H2	200	sync partners.tremorhub.com/ Frame E07E	43 B 184 B	295ms 94ms	Image image/gif	2600:1f18:612b:4200:9a2f:8341:7f9b:9de AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5109685621577265781&r=t8EB4x6bSYTT Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4200:9a2f:8341:7f9b:9de Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:56 GMT server Apache-Coyote/1.1 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' content-type image/gif
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame E07E	43 B 238 B	10ms 7ms	Image image/gif	3.120.154.132 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5109685621577265781 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.154.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-154-132.eu-central-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT server AAWebServer p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 43 expires 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame E07E	0 339 B	91ms 32ms	Image text/plain	52.208.185.108 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5109685621577265781 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.208.185.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-185-108.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:56 GMT cache-control private, no-cache, no-store x-request-time D=43 t=1637865476 x-served-by beacon-n010-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H/1.1	200 OK	sync x.bidswitch.net/ul_cb/ Frame E07E Redirect Chain https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685621577265781&expires=30 https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5109685621577265781&expires=30	43 B 495 B	8ms 8ms	Image image/gif	18.185.164.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5109685621577265781&expires=30 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 18.185.164.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-185-164-146.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:56 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers Location https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5109685621577265781&expires=30 Date Thu, 25 Nov 2021 18:37:56 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0
GET H/1.1	200 OK	cm p.rfihub.com/ Frame E07E Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YZ-YBAAHU6xwYgBG https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG&_test=YZ-YBAAHU6xwYgBG	42 B 1 KB	24ms 24ms	Image image/gif	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG&_test=YZ-YBAAHU6xwYgBG Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:56 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT via 1.1 varnish server Varnish x-timer S1637865477.676412,VS0,VE0 x-served-by cache-fra19156-FRA x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG&_test=YZ-YBAAHU6xwYgBG cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H3	200	/ www.google.com/pagead/1p-user-list/784459739/	42 B 64 B	21ms 21ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/784459739/?random=1637865476394&cv=9&fst=1637863200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&ref=http%3A%2F%2Fjosenau.byethost5.com%2F&tiba=Ita%C3%BA%20Paraguay&async=1&fmt=3&is_vtc=1&random=3724355655&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-user-list/784459739/	42 B 64 B	18ms 18ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/784459739/?random=1637865476394&cv=9&fst=1637863200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&ref=http%3A%2F%2Fjosenau.byethost5.com%2F&tiba=Ita%C3%BA%20Paraguay&async=1&fmt=3&is_vtc=1&random=3724355655&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	cm a.rfihub.com/ Frame 90B6 Redirect Chain https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYyMTU3NzI2NTc4MQ==&forward= https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1	42 B 1 KB	85ms 23ms	Image image/gif	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:56 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 311 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame 90B6 Redirect Chain https://ib.adnxs.com/setuid?entity=18&code=5109685621577265781 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685621577265781	43 B 1 KB	42ms 42ms	Image image/gif	185.33.221.50 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685621577265781 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Thu, 25 Nov 2021 18:37:56 GMT X-Proxy-Origin 136.243.198.81; 136.243.198.81; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 0bd0ee51-dd04-4880-9e2f-56a63fc48ccc Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Thu, 25 Nov 2021 18:37:56 GMT X-Proxy-Origin 136.243.198.81; 136.243.198.81; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid ee4e4e32-cc61-4b8a-99c8-6354e9a73002 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685621577265781 Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	cm p.rfihub.com/ Frame 90B6 Redirect Chain https://stags.bluekai.com/site/4722?id=5109685621577265781&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=	42 B 1 KB	37ms 22ms	Image image/gif	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward= Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:56 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers Location https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward= Date Thu, 25 Nov 2021 18:37:56 GMT Connection keep-alive Content-Length 0 P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 90B6	0 239 B	23ms 8ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5109685621577265781& Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=03807196407341529 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 3bafef7aa4e37890defcd73f0a080481 Content-Type image/gif
GET H/1.1	200 OK	demconf.jpg dpm.demdex.net/ Frame 90B6 Redirect Chain https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5109685621577265781&redir= https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685621577265781&redir=	42 B 945 B	78ms 78ms	Image image/gif	54.72.239.169 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685621577265781&redir= Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 54.72.239.169 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-239-169.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v019-009819d9a.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID qIXMkJb/RWQ= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers DCS dcs-prod-irl1-2-v019-0180a36c3.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID R0duMC1WRSw= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685621577265781&redir= Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200 OK	match ps.eyeota.net/ Frame 90B6 Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0	0 344 B	32ms 8ms	Image text/plain	52.57.150.20 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-150-20.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:56 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0 Date Thu, 25 Nov 2021 18:37:56 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	cksync.php contextual.media.net/ Frame 90B6	45 B 618 B	87ms 85ms	Image image/gif	2.18.235.93 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=03807196407341529 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-235-93.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=604800 server Apache date Thu, 25 Nov 2021 18:37:56 GMT p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA cache-control max-age=0, no-cache, no-store content-type image/gif content-length 45 x-mnet-hl2 E expires Thu, 25 Nov 2021 18:37:56 GMT
GET H2	200	serving bs.serving-sys.com/ Frame 90B6	0 105 B	33ms 9ms	Image text/plain	52.59.21.149 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=03807196407341529 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.59.21.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-21-149.eu-central-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:56 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 0 p3p CP="NOI DEVa OUR BUS UNI"
GET H2	200	52154.gif idsync.rlcdn.com/ Frame 90B6 Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685621577265781&referrer=http%3A%2F%2Fjosenau.byethost5.com%2F https://p.rfihub.com/cm?pub=39342&in=0&userid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D177043ff-efd7-4139-92b4-b2e21c88a808... https://idsync.rlcdn.com/501709.gif?partner_uid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53 https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3425227545158605516	42 B 301 B	15ms 15ms	Image image/gif	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3425227545158605516 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Thu, 25 Nov 2021 18:37:56 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store content-type image/gif alt-svc clear content-length 42 Redirect headers Pragma no-cache Date Thu, 25 Nov 2021 18:37:56 GMT X-Proxy-Origin 136.243.198.81; 136.243.198.81; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 44fbe988-6d30-4a9d-93ab-5043a2f17957 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3425227545158605516 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ bpi.rtactivate.com/tag/ Frame 90B6	43 B 110 B	354ms 140ms	Image image/gif	3.229.229.140 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=03807196407341529 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.229.229.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-229-229-140.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:56 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 90B6 Redirect Chain https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685621577265781&forward= https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685621577265781&forward=&C=1	43 B 1006 B	24ms 24ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685621577265781&forward=&C=1 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Thu, 25 Nov 2021 18:37:56 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 25 Nov 2021 18:37:56 GMT Redirect headers Pragma no-cache Date Thu, 25 Nov 2021 18:37:56 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685621577265781&forward=&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 295 Expires Thu, 25 Nov 2021 18:37:56 GMT
GET H2	200	360947.gif idsync.rlcdn.com/ Frame 90B6	42 B 179 B	31ms 15ms	Image image/gif	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=03807196407341529 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Thu, 25 Nov 2021 18:37:56 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store content-type image/gif alt-svc clear content-length 42
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame 90B6	43 B 193 B	142ms 142ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=03807196407341529 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT cache-control max-age=0, no-cache, no-store expires Thu, 25 Nov 2021 18:37:56 GMT content-length 43 strict-transport-security max-age=2628000 content-type image/gif
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame 90B6 Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685621577265781&img=1 https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685621577265781&img=1&__user_check__=1&sync_id=ceb81d2a-4e1e-11ec-b0fc-11e121d60106	43 B 549 B	22ms 22ms	Image image/gif	185.94.180.125 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685621577265781&img=1&__user_check__=1&sync_id=ceb81d2a-4e1e-11ec-b0fc-11e121d60106 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:56 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 134 Connection keep-alive Content-Length 43 Redirect headers Date Thu, 25 Nov 2021 18:37:56 GMT Server nginx Location /partner?adv_id=7180&uid=5109685621577265781&img=1&__user_check__=1&sync_id=ceb81d2a-4e1e-11ec-b0fc-11e121d60106 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 8 Connection keep-alive Content-Length 0
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame 90B6	43 B 239 B	37ms 7ms	Image image/gif	3.120.154.132 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=03807196407341529 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.154.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-154-132.eu-central-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT server AAWebServer p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 43 expires 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 90B6	0 338 B	112ms 32ms	Image text/plain	52.208.185.108 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=03807196407341529 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.208.185.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-185-108.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:56 GMT cache-control private, no-cache, no-store x-request-time D=24 t=1637865476 x-served-by beacon-n018-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H/1.1	200 OK	sync x.bidswitch.net/ul_cb/ Frame 90B6 Redirect Chain https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685621577265781&expires=30 https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5109685621577265781&expires=30	43 B 495 B	9ms 8ms	Image image/gif	18.185.164.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5109685621577265781&expires=30 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 18.185.164.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-185-164-146.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:56 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers Location https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5109685621577265781&expires=30 Date Thu, 25 Nov 2021 18:37:56 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0
GET H2	200	/ sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/ Frame 90B6 Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YZ-YBAAHU4RwYwBG	85 B 167 B	6ms 6ms	Image image/png	151.101.130.49 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YZ-YBAAHU4RwYwBG Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Server 151.101.130.49 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Jetty(9.4.35.v20201120) / Resource Hash acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) age 3197 x-served-by cache-fra19156-FRA x-cache HIT content-type image/png cache-control no-cache accept-ranges bytes x-timer S1637865477.676335,VS0,VE0 content-length 85 x-cache-hits 16914 Redirect headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) x-timer S1637865477.575450,VS0,VE93 x-served-by cache-fra19156-FRA x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" location https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YZ-YBAAHU4RwYwBG cache-control no-cache accept-ranges bytes access-control-allow-origin * content-length 0 x-cache-hits 0
GET H2	200	sync partners.tremorhub.com/ Frame 90B6	43 B 183 B	263ms 94ms	Image image/gif	2600:1f18:612b:4200:9a2f:8341:7f9b:9de AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5109685621577265781&r=V-1Zk1Jzu77M Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4200:9a2f:8341:7f9b:9de Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:56 GMT server Apache-Coyote/1.1 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' content-type image/gif
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	44ms 44ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-64060276-8&cid=1606736347.1637865476&jid=1332751096&_u=aGBACEAAFAAAAC~&z=506553510 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	50ms 50ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-64060276-8&cid=1606736347.1637865476&jid=1332751096&_u=aGBACEAAFAAAAC~&z=506553510 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 91 B	17ms 8ms	Image image/gif	2a03:2880:f11c:8083:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=197011027887515&ev=Microdata&dl=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&rl=http%3A%2F%2Fjosenau.byethost5.com%2F&if=false&ts=1637865477909&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Ita%C3%BA%20Paraguay%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1637865476405.1601760969&it=1637865476196&coo=false&es=automatic&tm=3&rqm=GET Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:57 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Thu, 25 Nov 2021 18:37:57 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	15ms 14ms	XHR text/plain	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=646950084&t=pageview&_s=1&dl=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&ul=en-us&de=UTF-8&dt=Ita%C3%BA%20Paraguay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABFAAAAC~&jid=176632112&gjid=1849456466&cid=1606736347.1637865476&tid=UA-64060276-2&_gid=458780425.1637865476&_r=1&_slc=1&z=1017750731 Requested by Host: www.google-analytics.com URL: http://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://josenau.byethost5.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://josenau.byethost5.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	ca.html Show response 20818439p.rfihub.com/sr/ Frame C6D7 Redirect Chain http://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=20989146171051765 https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=20989146171051765	3 KB 4 KB	30ms 29ms	Document text/html	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=20989146171051765 Requested by Host: c1.rfihub.net URL: http://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash a4d9ebf57a935433198fc96a6a1a6c2ccf1f59004a9713287b9bddd9acd9ecd8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ Response headers Date Thu, 25 Nov 2021 18:37:59 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control no-cache Content-Type text/html;charset=utf-8 Content-Length 2793 Server Jetty(9.3.29.v20201019) Redirect headers Date Thu, 25 Nov 2021 18:37:59 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=20989146171051765 Content-Length 0
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame EC0D	7 KB 1 KB	18ms 18ms	Document text/html	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=es-419&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6LcSsgkTAAAAAHZ612UY0nWvqzAiTPG_6ZfzwVdD&cb=4rikklvie2jv Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 00afb476cd287a8dbe75e54800d7a6d80b6bbb7538295a212dae32c083dfdea7 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-8bXR7B2k4R2IBK51ZBFEBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Thu, 25 Nov 2021 18:37:59 GMT content-security-policy script-src 'report-sample' 'nonce-8bXR7B2k4R2IBK51ZBFEBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 1116 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	ca.html Show response 20818439p.rfihub.com/sr/ Frame D47D Redirect Chain http://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3153257653367203 https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3153257653367203	3 KB 4 KB	41ms 28ms	Document text/html	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3153257653367203 Requested by Host: c1.rfihub.net URL: http://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 1f874c8538a8c46ab22e6ba127d129b13b1c938873e8bde25d181815fd8d79d1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ Response headers Date Thu, 25 Nov 2021 18:37:59 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control no-cache Content-Type text/html;charset=utf-8 Content-Length 2793 Server Jetty(9.3.29.v20201019) Redirect headers Date Thu, 25 Nov 2021 18:37:59 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3153257653367203 Content-Length 0
GET H/1.1	200 OK	ca.html Show response 20818439p.rfihub.com/sr/ Frame CEC4 Redirect Chain http://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=38615322478381486 https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=38615322478381486	3 KB 4 KB	74ms 27ms	Document text/html	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=38615322478381486 Requested by Host: c1.rfihub.net URL: http://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 62df7f4f29333a8648f79a435b19b32d092efb465fcfe656a97a540a3dc1bcfc Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ Response headers Date Thu, 25 Nov 2021 18:37:59 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control no-cache Content-Type text/html;charset=utf-8 Content-Length 2793 Server Jetty(9.3.29.v20201019) Redirect headers Date Thu, 25 Nov 2021 18:37:59 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=38615322478381486 Content-Length 0
GET H/1.1	200 OK	ca.html Show response 20818439p.rfihub.com/sr/ Frame D69C Redirect Chain http://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=9916741623265093 https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=9916741623265093	3 KB 4 KB	95ms 30ms	Document text/html	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=9916741623265093 Requested by Host: c1.rfihub.net URL: http://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 32bbda13e1c0cb329bc3a67b6bed182c48c70f7a9b3c330c9e87974adf3a09af Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ Response headers Date Thu, 25 Nov 2021 18:37:59 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control no-cache Content-Type text/html;charset=utf-8 Content-Length 2793 Server Jetty(9.3.29.v20201019) Redirect headers Date Thu, 25 Nov 2021 18:37:59 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=9916741623265093 Content-Length 0
GET H/1.1	200 OK	ca.html Show response 20818439p.rfihub.com/sr/ Frame C7D6 Redirect Chain http://20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=6625885025632829 https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=6625885025632829	3 KB 4 KB	79ms 26ms	Document text/html	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=6625885025632829 Requested by Host: c1.rfihub.net URL: http://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash e0ac0da811acbee9545891877ea9d63cd4a3a3403267a353429cefa39dd14304 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ Response headers Date Thu, 25 Nov 2021 18:37:59 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control no-cache Content-Type text/html;charset=utf-8 Content-Length 2793 Server Jetty(9.3.29.v20201019) Redirect headers Date Thu, 25 Nov 2021 18:37:59 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=6625885025632829 Content-Length 0
POST H3	200	collect Show response stats.g.doubleclick.net/j/	4 B 25 B	31ms 15ms	XHR text/plain	2a00:1450:400c:c1b::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-64060276-2&cid=1606736347.1637865476&jid=176632112&gjid=1849456466&_gid=458780425.1637865476&_u=aGDACEABFAAAAC~&z=784441493 Requested by Host: www.google-analytics.com URL: http://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://josenau.byethost5.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Thu, 25 Nov 2021 18:37:59 GMT content-type text/plain access-control-allow-origin http://josenau.byethost5.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		styles__ltr.css www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame EC0D	0 0
GET		recaptcha__es_419.js www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame EC0D	0 0
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	58ms 57ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-64060276-2&cid=1606736347.1637865476&jid=176632112&_u=aGDACEABFAAAAC~&z=753696728 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	41ms 41ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-64060276-2&cid=1606736347.1637865476&jid=176632112&_u=aGDACEABFAAAAC~&z=753696728 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://josenau.byethost5.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	cm a.rfihub.com/ Frame C6D7 Redirect Chain https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYyMTU3NzI2NTc4MQ==&forward= https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1	42 B 1 KB	22ms 21ms	Image image/gif	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 311 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame C6D7	43 B 996 B	12ms 12ms	Image image/gif	185.33.221.50 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=18&code=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=20989146171051765 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Thu, 25 Nov 2021 18:37:59 GMT X-Proxy-Origin 136.243.198.81; 136.243.198.81; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid ae8e93a3-4e50-4410-82a4-f9e66adbd091 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	cm p.rfihub.com/ Frame C6D7 Redirect Chain https://stags.bluekai.com/site/4722?id=5109685621577265781&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=	42 B 1 KB	23ms 22ms	Image image/gif	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward= Protocol HTTP/1.1 Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers Location https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward= Date Thu, 25 Nov 2021 18:37:59 GMT Connection keep-alive Content-Length 0 P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET H/1.1	200 OK	ibs:dpid=1121&dpuuid=5109685621577265781&redir= dpm.demdex.net/ Frame C6D7	42 B 945 B	34ms 34ms	Image image/gif	54.72.239.169 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5109685621577265781&redir= Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=20989146171051765 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.239.169 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-239-169.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v019-025614274.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID iaMN1FGrRVg= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	cksync.php contextual.media.net/ Frame C6D7	45 B 454 B	61ms 60ms	Image image/gif	2.18.235.93 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=20989146171051765 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-235-93.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=604800 server Apache date Thu, 25 Nov 2021 18:37:59 GMT p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA cache-control max-age=0, no-cache, no-store content-type image/gif content-length 45 x-mnet-hl2 E expires Thu, 25 Nov 2021 18:37:59 GMT
GET H2	200	397676.gif idsync.rlcdn.com/ Frame C6D7 Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685621577265781&referrer=http%3A%2F%2Fjosenau.byethost5.com%2F https://p.rfihub.com/cm?pub=39342&in=0&userid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D177043ff-efd7-4139-92b4-b2e21c88a808... https://idsync.rlcdn.com/501709.gif?partner_uid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53 https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=1Qx8nODW80WcX7esjS9LmwwP8ugHecUX	42 B 326 B	17ms 17ms	Image image/gif	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=1Qx8nODW80WcX7esjS9LmwwP8ugHecUX Protocol H2 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Thu, 25 Nov 2021 18:38:00 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store content-type image/gif alt-svc clear content-length 42 Redirect headers location https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=1Qx8nODW80WcX7esjS9LmwwP8ugHecUX strict-transport-security max-age=31536000 cache-control private, max-age=0, no-cache, no-store, must-revalidate server-processing-duration-in-ticks 10045 date Thu, 25 Nov 2021 18:37:59 GMT content-length 221 content-type text/html; charset=utf-8
GET H2	200	/ bpi.rtactivate.com/tag/ Frame C6D7	43 B 109 B	149ms 148ms	Image image/gif	3.229.229.140 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=20989146171051765 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.229.229.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-229-229-140.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:59 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame C6D7	43 B 1006 B	137ms 136ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685621577265781&forward= Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=20989146171051765 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Thu, 25 Nov 2021 18:37:59 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 25 Nov 2021 18:37:59 GMT
GET H2	200	360947.gif idsync.rlcdn.com/ Frame C6D7	42 B 301 B	20ms 19ms	Image image/gif	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=20989146171051765 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Thu, 25 Nov 2021 18:37:59 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store content-type image/gif alt-svc clear content-length 42
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame C6D7	43 B 193 B	156ms 155ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=20989146171051765 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT cache-control max-age=0, no-cache, no-store expires Thu, 25 Nov 2021 18:37:59 GMT content-length 43 strict-transport-security max-age=2628000 content-type image/gif
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame C6D7	43 B 548 B	23ms 23ms	Image image/gif	185.94.180.125 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685621577265781&img=1 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=20989146171051765 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 97 Connection keep-alive Content-Length 43
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame C6D7	43 B 238 B	8ms 7ms	Image image/gif	3.120.154.132 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=20989146171051765 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.154.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-154-132.eu-central-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT server AAWebServer p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 43 expires 0
GET H/1.1	200 OK	sync x.bidswitch.net/ Frame C6D7	43 B 220 B	9ms 9ms	Image image/gif	18.185.164.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685621577265781&expires=30 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=20989146171051765 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.185.164.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-185-164-146.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	cm p.rfihub.com/ Frame C6D7 Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG	42 B 1 KB	24ms 23ms	Image image/gif	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT via 1.1 varnish server Varnish x-timer S1637865480.686345,VS0,VE0 x-served-by cache-fra19156-FRA x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame C6D7	0 239 B	9ms 9ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5109685621577265781& Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 3bafef7aa4e37890defcd73f0a080481 Content-Type image/gif
GET H/1.1	200 OK	match ps.eyeota.net/ Frame C6D7 Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0	0 344 B	8ms 8ms	Image text/plain	52.57.150.20 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-150-20.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0 Date Thu, 25 Nov 2021 18:37:59 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	serving bs.serving-sys.com/ Frame C6D7	0 105 B	10ms 9ms	Image text/plain	52.59.21.149 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.59.21.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-21-149.eu-central-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:59 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 0 p3p CP="NOI DEVa OUR BUS UNI"
GET H2	200	sync partners.tremorhub.com/ Frame C6D7	43 B 183 B	94ms 94ms	Image image/gif	2600:1f18:612b:4200:9a2f:8341:7f9b:9de AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5109685621577265781&r=n2KSM3rkLtwL Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4200:9a2f:8341:7f9b:9de Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:59 GMT server Apache-Coyote/1.1 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' content-type image/gif
GET H2	204	usermatch.gif beacon.krxd.net/ Frame C6D7	0 338 B	33ms 32ms	Image text/plain	52.208.185.108 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5109685621577265781 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.208.185.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-185-108.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:59 GMT cache-control private, no-cache, no-store x-request-time D=34 t=1637865479 x-served-by beacon-n018-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H/1.1	200 OK	cm a.rfihub.com/ Frame D47D Redirect Chain https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYyMTU3NzI2NTc4MQ==&forward= https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1	42 B 1 KB	23ms 23ms	Image image/gif	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 311 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame D47D	43 B 996 B	15ms 14ms	Image image/gif	185.33.221.50 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=18&code=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3153257653367203 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Thu, 25 Nov 2021 18:37:59 GMT X-Proxy-Origin 136.243.198.81; 136.243.198.81; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 0eb3f847-e96e-4fdd-b894-b8dcd712c9b5 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	cm p.rfihub.com/ Frame D47D Redirect Chain https://stags.bluekai.com/site/4722?id=5109685621577265781&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=	42 B 1 KB	22ms 22ms	Image image/gif	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward= Protocol HTTP/1.1 Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers Location https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward= Date Thu, 25 Nov 2021 18:37:59 GMT Connection keep-alive Content-Length 0 P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET H/1.1	200 OK	ibs:dpid=1121&dpuuid=5109685621577265781&redir= dpm.demdex.net/ Frame D47D	42 B 945 B	42ms 33ms	Image image/gif	54.72.239.169 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5109685621577265781&redir= Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3153257653367203 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.239.169 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-239-169.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v019-0a5c96436.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID Q7ckiBISS8E= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200 OK	match ps.eyeota.net/ Frame D47D Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0	0 344 B	8ms 8ms	Image text/plain	52.57.150.20 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-150-20.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0 Date Thu, 25 Nov 2021 18:37:59 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	cksync.php contextual.media.net/ Frame D47D	45 B 454 B	85ms 78ms	Image image/gif	2.18.235.93 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3153257653367203 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-235-93.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=604800 server Apache date Thu, 25 Nov 2021 18:37:59 GMT p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA cache-control max-age=0, no-cache, no-store content-type image/gif content-length 45 x-mnet-hl2 E expires Thu, 25 Nov 2021 18:37:59 GMT
GET H2	200	401696.gif idsync.rlcdn.com/ Frame D47D Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685621577265781&referrer=http%3A%2F%2Fjosenau.byethost5.com%2F https://p.rfihub.com/cm?pub=39342&in=0&userid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D177043ff-efd7-4139-92b4-b2e21c88a808... https://idsync.rlcdn.com/501709.gif?partner_uid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53 https://tags.bluekai.com/site/2035?phint=rluid=f0e2cd267c3dd675b092ca9bb77cb1c326467d2e275b684495e932c57a9102862971936f2f944561&redir=https%3A%2F%2Fidsync.rlcdn.com%2F401696.gif%3Fpartner_uid%3D%24... https://idsync.rlcdn.com/401696.gif?partner_uid=$BK_UUID_25515	42 B 326 B	15ms 15ms	Image image/gif	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/401696.gif?partner_uid=$BK_UUID_25515 Protocol H2 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Thu, 25 Nov 2021 18:38:00 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store content-type image/gif alt-svc clear content-length 42 Redirect headers location https://idsync.rlcdn.com/401696.gif?partner_uid=$BK_UUID_25515 date Thu, 25 Nov 2021 18:38:00 GMT content-length 0 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET H2	200	/ bpi.rtactivate.com/tag/ Frame D47D	43 B 109 B	134ms 128ms	Image image/gif	3.229.229.140 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3153257653367203 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.229.229.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-229-229-140.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:59 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame D47D	43 B 1006 B	37ms 31ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685621577265781&forward= Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3153257653367203 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Thu, 25 Nov 2021 18:37:59 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 25 Nov 2021 18:37:59 GMT
GET H2	200	360947.gif idsync.rlcdn.com/ Frame D47D	42 B 301 B	21ms 15ms	Image image/gif	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3153257653367203 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Thu, 25 Nov 2021 18:37:59 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store content-type image/gif alt-svc clear content-length 42
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame D47D	43 B 193 B	148ms 142ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3153257653367203 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT cache-control max-age=0, no-cache, no-store expires Thu, 25 Nov 2021 18:37:59 GMT content-length 43 strict-transport-security max-age=2628000 content-type image/gif
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame D47D	43 B 549 B	25ms 22ms	Image image/gif	185.94.180.125 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685621577265781&img=1 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3153257653367203 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 103 Connection keep-alive Content-Length 43
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame D47D	43 B 238 B	11ms 7ms	Image image/gif	3.120.154.132 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3153257653367203 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.154.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-154-132.eu-central-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT server AAWebServer p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 43 expires 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame D47D	0 338 B	36ms 33ms	Image text/plain	52.208.185.108 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3153257653367203 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.208.185.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-185-108.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:59 GMT cache-control private, no-cache, no-store x-request-time D=27 t=1637865479 x-served-by beacon-n017-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H/1.1	200 OK	sync x.bidswitch.net/ Frame D47D	43 B 220 B	11ms 8ms	Image image/gif	18.185.164.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685621577265781&expires=30 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=3153257653367203 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.185.164.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-185-164-146.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	cm p.rfihub.com/ Frame D47D Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG	42 B 1 KB	26ms 26ms	Image image/gif	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT via 1.1 varnish server Varnish x-timer S1637865480.727889,VS0,VE0 x-served-by cache-fra19156-FRA x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame D47D	0 239 B	9ms 7ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5109685621577265781& Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 3bafef7aa4e37890defcd73f0a080481 Content-Type image/gif
GET H2	200	serving bs.serving-sys.com/ Frame D47D	0 105 B	11ms 8ms	Image text/plain	52.59.21.149 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.59.21.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-21-149.eu-central-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:59 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 0 p3p CP="NOI DEVa OUR BUS UNI"
GET H2	200	sync partners.tremorhub.com/ Frame D47D	43 B 183 B	96ms 94ms	Image image/gif	2600:1f18:612b:4200:9a2f:8341:7f9b:9de AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5109685621577265781&r=N4N1Gyx_gvKU Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4200:9a2f:8341:7f9b:9de Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:59 GMT server Apache-Coyote/1.1 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' content-type image/gif
GET H/1.1	200 OK	cm a.rfihub.com/ Frame CEC4 Redirect Chain https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYyMTU3NzI2NTc4MQ==&forward= https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1	42 B 1 KB	23ms 23ms	Image image/gif	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 311 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame CEC4	43 B 996 B	14ms 14ms	Image image/gif	185.33.221.50 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=18&code=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=38615322478381486 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Thu, 25 Nov 2021 18:37:59 GMT X-Proxy-Origin 136.243.198.81; 136.243.198.81; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 59e5f412-c09c-439e-8643-00e5589a2850 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	cm p.rfihub.com/ Frame CEC4 Redirect Chain https://stags.bluekai.com/site/4722?id=5109685621577265781&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=	42 B 1 KB	26ms 25ms	Image image/gif	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward= Protocol HTTP/1.1 Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers location https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward= date Thu, 25 Nov 2021 18:37:59 GMT content-length 0 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET H/1.1	200 OK	ibs:dpid=1121&dpuuid=5109685621577265781&redir= dpm.demdex.net/ Frame CEC4	42 B 945 B	48ms 46ms	Image image/gif	54.72.239.169 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5109685621577265781&redir= Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=38615322478381486 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.239.169 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-239-169.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v019-02e73bb60.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID pU4s8EeeSRs= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200 OK	match ps.eyeota.net/ Frame CEC4 Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0	0 344 B	8ms 7ms	Image text/plain	52.57.150.20 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0 Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-150-20.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0 Date Thu, 25 Nov 2021 18:37:59 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	cksync.php contextual.media.net/ Frame CEC4	45 B 454 B	59ms 48ms	Image image/gif	2.18.235.93 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=38615322478381486 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-235-93.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=604800 server Apache date Thu, 25 Nov 2021 18:37:59 GMT p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA cache-control max-age=0, no-cache, no-store content-type image/gif content-length 45 x-mnet-hl2 E expires Thu, 25 Nov 2021 18:37:59 GMT
GET H2	200	362248.gif idsync.rlcdn.com/ Frame CEC4 Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685621577265781&referrer=http%3A%2F%2Fjosenau.byethost5.com%2F https://p.rfihub.com/cm?pub=39342&in=0&userid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D177043ff-efd7-4139-92b4-b2e21c88a808... https://idsync.rlcdn.com/501709.gif?partner_uid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53 https://dpm.demdex.net/ibs:dpid=477&dpuuid=9a89ad3a184274973e09c526fb3e0db8fa3e1a2ab36e0d3b51ff856b6e42fd0ab0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BD... https://idsync.rlcdn.com/362248.gif?partner_uid=35432372902742792042871885172083855745	42 B 326 B	22ms 21ms	Image image/gif	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/362248.gif?partner_uid=35432372902742792042871885172083855745 Protocol H2 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Thu, 25 Nov 2021 18:38:00 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store content-type image/gif alt-svc clear content-length 42 Redirect headers DCS dcs-prod-irl1-1-v019-009819d9a.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID fdQ+LGttTbY= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://idsync.rlcdn.com/362248.gif?partner_uid=35432372902742792042871885172083855745 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	/ bpi.rtactivate.com/tag/ Frame CEC4	43 B 109 B	135ms 124ms	Image image/gif	3.229.229.140 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=38615322478381486 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.229.229.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-229-229-140.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:59 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame CEC4	43 B 1006 B	38ms 27ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685621577265781&forward= Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=38615322478381486 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Thu, 25 Nov 2021 18:37:59 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 25 Nov 2021 18:37:59 GMT
GET H2	200	360947.gif idsync.rlcdn.com/ Frame CEC4	42 B 301 B	24ms 13ms	Image image/gif	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=38615322478381486 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Thu, 25 Nov 2021 18:37:59 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store content-type image/gif alt-svc clear content-length 42
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame CEC4	43 B 193 B	191ms 179ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=38615322478381486 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT cache-control max-age=0, no-cache, no-store expires Thu, 25 Nov 2021 18:37:59 GMT content-length 43 strict-transport-security max-age=2628000 content-type image/gif
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame CEC4	43 B 549 B	28ms 22ms	Image image/gif	185.94.180.125 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685621577265781&img=1 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=38615322478381486 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 114 Connection keep-alive Content-Length 43
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame CEC4	43 B 238 B	17ms 6ms	Image image/gif	3.120.154.132 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=38615322478381486 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.154.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-154-132.eu-central-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT server AAWebServer p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 43 expires 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame CEC4	0 338 B	42ms 31ms	Image text/plain	52.208.185.108 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=38615322478381486 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.208.185.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-185-108.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:59 GMT cache-control private, no-cache, no-store x-request-time D=29 t=1637865479 x-served-by beacon-n012-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H/1.1	200 OK	sync x.bidswitch.net/ Frame CEC4	43 B 220 B	15ms 9ms	Image image/gif	18.185.164.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685621577265781&expires=30 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=38615322478381486 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.185.164.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-185-164-146.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	cm p.rfihub.com/ Frame CEC4 Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG	42 B 1 KB	22ms 22ms	Image image/gif	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT via 1.1 varnish server Varnish x-timer S1637865480.770494,VS0,VE0 x-served-by cache-fra19156-FRA x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame CEC4	0 239 B	17ms 9ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5109685621577265781& Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 3bafef7aa4e37890defcd73f0a080481 Content-Type image/gif
GET H2	200	serving bs.serving-sys.com/ Frame CEC4	0 105 B	19ms 8ms	Image text/plain	52.59.21.149 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.59.21.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-21-149.eu-central-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:59 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 0 p3p CP="NOI DEVa OUR BUS UNI"
GET H2	200	sync partners.tremorhub.com/ Frame CEC4	43 B 183 B	103ms 93ms	Image image/gif	2600:1f18:612b:4200:9a2f:8341:7f9b:9de AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5109685621577265781&r=pn7vBqdb2tBr Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4200:9a2f:8341:7f9b:9de Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:59 GMT server Apache-Coyote/1.1 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' content-type image/gif
GET H/1.1	200 OK	cm a.rfihub.com/ Frame C7D6 Redirect Chain https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYyMTU3NzI2NTc4MQ==&forward= https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1	42 B 1 KB	22ms 21ms	Image image/gif	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1 Protocol HTTP/1.1 Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 311 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame C7D6	43 B 996 B	18ms 12ms	Image image/gif	185.33.221.50 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=18&code=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=6625885025632829 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Thu, 25 Nov 2021 18:37:59 GMT X-Proxy-Origin 136.243.198.81; 136.243.198.81; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid e01632f3-c4b4-499a-8db2-e2ccb1955320 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	cm p.rfihub.com/ Frame C7D6 Redirect Chain https://stags.bluekai.com/site/4722?id=5109685621577265781&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=	42 B 1 KB	26ms 25ms	Image image/gif	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward= Protocol HTTP/1.1 Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers location https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward= date Thu, 25 Nov 2021 18:37:59 GMT content-length 0 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET		tap.php pixel.rubiconproject.com/ Frame C7D6	0 0
GET H/1.1	200 OK	ibs:dpid=1121&dpuuid=5109685621577265781&redir= dpm.demdex.net/ Frame C7D6	42 B 945 B	37ms 32ms	Image image/gif	54.72.239.169 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5109685621577265781&redir= Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=6625885025632829 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.239.169 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-239-169.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v019-0852c2a83.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID Tjmycz2wQhw= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200 OK	match ps.eyeota.net/ Frame C7D6 Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0	0 344 B	16ms 16ms	Image text/plain	52.57.150.20 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0 Protocol HTTP/1.1 Server 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-150-20.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0 Date Thu, 25 Nov 2021 18:37:59 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	cksync.php contextual.media.net/ Frame C7D6	45 B 454 B	122ms 111ms	Image image/gif	2.18.235.93 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=6625885025632829 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-235-93.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=604800 server Apache date Thu, 25 Nov 2021 18:37:59 GMT p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA cache-control max-age=0, no-cache, no-store content-type image/gif content-length 45 x-mnet-hl2 E expires Thu, 25 Nov 2021 18:37:59 GMT
GET H2	200	serving bs.serving-sys.com/ Frame C7D6	0 105 B	17ms 7ms	Image text/plain	52.59.21.149 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=6625885025632829 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.59.21.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-21-149.eu-central-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:59 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 0 p3p CP="NOI DEVa OUR BUS UNI"
GET H2	200	401726.gif idsync.rlcdn.com/ Frame C7D6 Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685621577265781&referrer=http%3A%2F%2Fjosenau.byethost5.com%2F https://p.rfihub.com/cm?pub=39342&in=0&userid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D177043ff-efd7-4139-92b4-b2e21c88a808... https://idsync.rlcdn.com/501709.gif?partner_uid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53 https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID} https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=161083&d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID} https://idsync.rlcdn.com/401726.gif?partner_uid=ysil1PNzz7uupX/L69VjeO	42 B 326 B	15ms 15ms	Image image/gif	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/401726.gif?partner_uid=ysil1PNzz7uupX/L69VjeO Protocol H2 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Thu, 25 Nov 2021 18:38:00 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store content-type image/gif alt-svc clear content-length 42 Redirect headers pragma no-cache date Thu, 25 Nov 2021 18:38:00 GMT last-modified Thu, 25 Nov 2021 18:38:00 GMT server Apache access-control-allow-origin * transfer-encoding chunked p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" location https://idsync.rlcdn.com/401726.gif?partner_uid=ysil1PNzz7uupX/L69VjeO cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 expires Tue, 03 Jul 2001 06:00:00 GMT
GET H2	200	/ bpi.rtactivate.com/tag/ Frame C7D6	43 B 109 B	138ms 128ms	Image image/gif	3.229.229.140 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=6625885025632829 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.229.229.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-229-229-140.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:59 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame C7D6	43 B 886 B	33ms 23ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685621577265781&forward= Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=6625885025632829 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Thu, 25 Nov 2021 18:37:59 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 25 Nov 2021 18:37:59 GMT
GET H2	200	360947.gif idsync.rlcdn.com/ Frame C7D6	42 B 301 B	23ms 13ms	Image image/gif	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=6625885025632829 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Thu, 25 Nov 2021 18:37:59 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store content-type image/gif alt-svc clear content-length 42
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame C7D6	43 B 193 B	191ms 181ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=6625885025632829 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT cache-control max-age=0, no-cache, no-store expires Thu, 25 Nov 2021 18:37:59 GMT content-length 43 strict-transport-security max-age=2628000 content-type image/gif
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame C7D6	43 B 548 B	28ms 23ms	Image image/gif	185.94.180.125 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685621577265781&img=1 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=6625885025632829 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 51 Connection keep-alive Content-Length 43
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame C7D6	43 B 238 B	15ms 6ms	Image image/gif	3.120.154.132 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=6625885025632829 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.154.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-154-132.eu-central-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT server AAWebServer p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 43 expires 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame C7D6	0 338 B	41ms 31ms	Image text/plain	52.208.185.108 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=6625885025632829 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.208.185.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-185-108.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:59 GMT cache-control private, no-cache, no-store x-request-time D=27 t=1637865479 x-served-by beacon-n020-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H/1.1	200 OK	sync x.bidswitch.net/ Frame C7D6	43 B 220 B	12ms 8ms	Image image/gif	18.185.164.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685621577265781&expires=30 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=6625885025632829 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.185.164.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-185-164-146.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	cm p.rfihub.com/ Frame C7D6 Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG	42 B 1 KB	28ms 23ms	Image image/gif	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT via 1.1 varnish server Varnish x-timer S1637865480.773888,VS0,VE0 x-served-by cache-fra19156-FRA x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	sync partners.tremorhub.com/ Frame C7D6	43 B 183 B	100ms 91ms	Image image/gif	2600:1f18:612b:4200:9a2f:8341:7f9b:9de AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5109685621577265781&r=qYhFBLbe-n4r Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4200:9a2f:8341:7f9b:9de Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:59 GMT server Apache-Coyote/1.1 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' content-type image/gif
GET H/1.1	200 OK	cm a.rfihub.com/ Frame D69C Redirect Chain https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYyMTU3NzI2NTc4MQ==&forward= https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1	42 B 1 KB	22ms 21ms	Image image/gif	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1 Protocol HTTP/1.1 Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEETlGm6d9j90FMuSF30CTNM&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 311 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame D69C	43 B 996 B	19ms 11ms	Image image/gif	185.33.221.50 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=18&code=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=9916741623265093 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Thu, 25 Nov 2021 18:37:59 GMT X-Proxy-Origin 136.243.198.81; 136.243.198.81; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 8a349474-601b-42f9-8391-46868a8298b9 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	cm p.rfihub.com/ Frame D69C Redirect Chain https://stags.bluekai.com/site/4722?id=5109685621577265781&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=	42 B 1 KB	25ms 25ms	Image image/gif	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward= Protocol HTTP/1.1 Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers location https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward= date Thu, 25 Nov 2021 18:37:59 GMT content-length 0 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame D69C	0 239 B	15ms 7ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5109685621577265781& Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=9916741623265093 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 3bafef7aa4e37890defcd73f0a080481 Content-Type image/gif
GET H/1.1	200 OK	ibs:dpid=1121&dpuuid=5109685621577265781&redir= dpm.demdex.net/ Frame D69C	42 B 945 B	67ms 35ms	Image image/gif	54.72.239.169 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5109685621577265781&redir= Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=9916741623265093 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.239.169 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-239-169.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v019-073dcfdd6.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID tOsrPeOUTS4= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200 OK	match ps.eyeota.net/ Frame D69C Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0	0 344 B	21ms 20ms	Image text/plain	52.57.150.20 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0 Protocol HTTP/1.1 Server 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-150-20.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5109685621577265781&bid=omt9pi0 Date Thu, 25 Nov 2021 18:37:59 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	cksync.php contextual.media.net/ Frame D69C	45 B 454 B	82ms 76ms	Image image/gif	2.18.235.93 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=9916741623265093 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-235-93.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=604800 server Apache date Thu, 25 Nov 2021 18:37:59 GMT p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA cache-control max-age=0, no-cache, no-store content-type image/gif content-length 45 x-mnet-hl2 E expires Thu, 25 Nov 2021 18:37:59 GMT
GET H2	200	serving bs.serving-sys.com/ Frame D69C	0 105 B	14ms 9ms	Image text/plain	52.59.21.149 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=9916741623265093 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.59.21.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-21-149.eu-central-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:59 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 0 p3p CP="NOI DEVa OUR BUS UNI"
GET H2	200	379718.gif idsync.rlcdn.com/ Frame D69C Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685621577265781&referrer=http%3A%2F%2Fjosenau.byethost5.com%2F https://p.rfihub.com/cm?pub=39342&in=0&userid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D177043ff-efd7-4139-92b4-b2e21c88a808... https://idsync.rlcdn.com/501709.gif?partner_uid=177043ff-efd7-4139-92b4-b2e21c88a808%3A1637865476.53 https://usermatch.krxd.net/um/v2?partner=liveramp https://idsync.rlcdn.com/379718.gif?partner_uid=OgN2g8vk	42 B 326 B	15ms 14ms	Image image/gif	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/379718.gif?partner_uid=OgN2g8vk Protocol H2 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Thu, 25 Nov 2021 18:38:00 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store content-type image/gif alt-svc clear content-length 42 Redirect headers location https://idsync.rlcdn.com/379718.gif?partner_uid=OgN2g8vk date Thu, 25 Nov 2021 18:38:00 GMT x-cache-hits 0 x-age 0 content-length 0 x-cache MISS x-served-by usermatch-a001-ash-prod.krxd.net
GET H2	200	/ bpi.rtactivate.com/tag/ Frame D69C	43 B 109 B	154ms 149ms	Image image/gif	3.229.229.140 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=9916741623265093 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.229.229.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-229-229-140.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:59 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame D69C	43 B 886 B	28ms 18ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685621577265781&forward= Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=9916741623265093 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Thu, 25 Nov 2021 18:37:59 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 25 Nov 2021 18:37:59 GMT
GET H2	200	360947.gif idsync.rlcdn.com/ Frame D69C	42 B 301 B	20ms 15ms	Image image/gif	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=9916741623265093 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Thu, 25 Nov 2021 18:37:59 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store content-type image/gif alt-svc clear content-length 42
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame D69C	43 B 193 B	187ms 182ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=9916741623265093 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT cache-control max-age=0, no-cache, no-store expires Thu, 25 Nov 2021 18:37:59 GMT content-length 43 strict-transport-security max-age=2628000 content-type image/gif
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame D69C	43 B 548 B	39ms 24ms	Image image/gif	185.94.180.125 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685621577265781&img=1 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=9916741623265093 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 77 Connection keep-alive Content-Length 43
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame D69C	43 B 238 B	12ms 7ms	Image image/gif	3.120.154.132 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=9916741623265093 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.154.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-154-132.eu-central-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT server AAWebServer p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 43 expires 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame D69C	0 338 B	36ms 31ms	Image text/plain	52.208.185.108 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5109685621577265781 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=9916741623265093 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.208.185.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-185-108.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:59 GMT cache-control private, no-cache, no-store x-request-time D=24 t=1637865479 x-served-by beacon-n022-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H/1.1	200 OK	sync x.bidswitch.net/ Frame D69C	43 B 220 B	13ms 8ms	Image image/gif	18.185.164.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685621577265781&expires=30 Requested by Host: 20818439p.rfihub.com URL: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fjosenau.byethost5.com%2F%3Fi%3D1&pf=http%3A%2F%2Fjosenau.byethost5.com%2F&ra=9916741623265093 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.185.164.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-185-164-146.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	cm p.rfihub.com/ Frame D69C Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG	42 B 1 KB	28ms 22ms	Image image/gif	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol HTTP/1.1 Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 18:37:59 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Thu, 25 Nov 2021 18:37:59 GMT via 1.1 varnish server Varnish x-timer S1637865480.777242,VS0,VE0 x-served-by cache-fra19156-FRA x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=YZ-YBAAHU6xwYgBG cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	sync partners.tremorhub.com/ Frame D69C	43 B 183 B	98ms 93ms	Image image/gif	2600:1f18:612b:4200:9a2f:8341:7f9b:9de AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5109685621577265781&r=QmRsA2mxE2lU Requested by Host: josenau.byethost5.com URL: http://josenau.byethost5.com/?i=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4200:9a2f:8341:7f9b:9de Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://20818439p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 18:37:59 GMT server Apache-Coyote/1.1 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' content-type image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.gstatic.com

URL

https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/styles__ltr.css

Domain

www.gstatic.com

URL

https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__es_419.js

Domain

pixel.rubiconproject.com

URL

https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5109685621577265781&