www.cifraclub.com Open in urlscan Pro
2.16.186.17 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cifraclub.com/
Effective URL:
https://www.cifraclub.com/
Submission Tags: tranco_l324
Submission: On November 13 via api (November 13th 2021, 6:14:26 am UTC) from DE — Scanned from DE

Summary HTTP 233 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 79 IPs in 9 countries across 68 domains to perform 233 HTTP transactions. The main IP is 2.16.186.17, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.cifraclub.com.
TLS certificate: Issued by DigiCert TLS Hybrid ECC SHA384 2020 CA1 on November 27th 2020. Valid for: a year.

This is the only time www.cifraclub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	177.54.144.22 177.54.144.22	262287 (Maxihost ...) (Maxihost LTDA)
1	2.16.186.17 2.16.186.17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
41	2.16.186.82 2.16.186.82	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
6	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	208.84.244.97 208.84.244.97	40260 (TERRA-NET...) (TERRA-NETWORKS-MIAMI)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	177.54.152.29 177.54.152.29	262287 (Maxihost ...) (Maxihost LTDA)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2602:803:c004... 2602:803:c004:200::141	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	185.33.223.38 185.33.223.38	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
1 2	5.178.65.245 5.178.65.245	50673 (SERVERIUS-AS) (SERVERIUS-AS)
3	185.86.138.121 185.86.138.121	201081 (SMARTADSE...) (SMARTADSERVER)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2 8	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:26f0:170... 2a02:26f0:1700:10::1737:a305	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:82a::200d	15169 (GOOGLE) (GOOGLE)
1 2	34.250.206.93 34.250.206.93	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.27 143.204.98.27	16509 (AMAZON-02) (AMAZON-02)
1	52.223.4.62 52.223.4.62	16509 (AMAZON-02) (AMAZON-02)
4 6	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
4 6	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
6 8	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
3 3	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:ae00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
1	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
1 3	143.204.98.86 143.204.98.86	16509 (AMAZON-02) (AMAZON-02)
3	35.201.123.184 35.201.123.184	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:b400:19:72bf:4340:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
3	3.137.111.143 3.137.111.143	16509 (AMAZON-02) (AMAZON-02)
1	199.187.193.164 199.187.193.164	47043 (SMARTADSE...) (SMARTADSERVER)
1	2a02:26f0:170... 2a02:26f0:1700:10::1737:a320	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
5	34.102.185.99 34.102.185.99	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
6	143.204.98.4 143.204.98.4	16509 (AMAZON-02) (AMAZON-02)
2 5	2.18.234.21 2.18.234.21	() ()
1	2.18.232.130 2.18.232.130	() ()
2	2.18.233.180 2.18.233.180	() ()
1	198.47.127.19 198.47.127.19	() ()
1 2	209.54.177.54 209.54.177.54	() ()
1	34.250.85.122 34.250.85.122	() ()
3 5	37.157.5.142 37.157.5.142	() ()
1 2	54.194.226.253 54.194.226.253	() ()
2 4	34.248.204.54 34.248.204.54	() ()
2	46.249.52.248 46.249.52.248	() ()
2 2	213.155.156.165 213.155.156.165	() ()
18	185.64.189.110 185.64.189.110	() ()
1	178.250.2.151 178.250.2.151	() ()
1 1	85.114.159.118 85.114.159.118	() ()
1 1	162.55.6.213 162.55.6.213	() ()
1	2606:4700:303... 2606:4700:3039::6815:c027	() ()
1	173.231.181.122 173.231.181.122	() ()
3 3	213.19.147.45 213.19.147.45	() ()
1 1	195.5.165.20 195.5.165.20	() ()
1 1	87.98.128.108 87.98.128.108	() ()
1 2	2606:4700::68... 2606:4700::6812:c05	() ()
1	169.197.150.7 169.197.150.7	() ()
2	198.47.127.20 198.47.127.20	() ()
2 3	146.59.148.16 146.59.148.16	() ()
2 2	34.254.143.3 34.254.143.3	() ()
1	169.50.137.184 169.50.137.184	() ()
1 1	18.156.0.31 18.156.0.31	() ()
3 3	18.157.58.24 18.157.58.24	() ()
2 2	35.210.178.101 35.210.178.101	() ()
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	() ()
1 1	2620:112:f000... 2620:112:f000:bbbb::11	() ()
1 1	66.155.71.150 66.155.71.150	() ()
1 1	159.65.196.12 159.65.196.12	() ()
1 1	34.102.253.54 34.102.253.54	() ()
1 1	185.33.221.90 185.33.221.90	() ()
1	54.228.52.99 54.228.52.99	() ()
233	79

8 177.54.144.22 (São Paulo, Brazil) 1 redirects

ASN262287 (Maxihost LTDA, BR)
PTR: tiradentes.prod.sscdn.co

cifraclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
master.cifraclub.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-17.deploy.static.akamaitechnologies.com

www.cifraclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2.16.186.82 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-82.deploy.static.akamaitechnologies.com

studiosol-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.84.244.97 (United States)

ASN40260 (TERRA-NETWORKS-MIAMI, US)
PTR: mia-cdn.trrsf.com

s1.trrsf.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 177.54.152.29 (São Paulo, Brazil)

ASN262287 (Maxihost LTDA, BR)

id.cifraclub.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.223.38 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.178.65.245 (Woerden, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
itx5.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.37.42.132 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:10::1737:a305 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apps.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.250.206.93 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-206-93.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-27.fra50.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.4.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac9557e2e67bd8033.awsglobalaccelerator.com

ie1-bid.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.223.40.198 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.244 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.16.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.130.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:ae00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.166 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.86 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-86.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:b400:19:72bf:4340:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.mmi360.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.137.111.143 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-137-111-143.us-east-2.compute.amazonaws.com

events.mmi360.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.164 (Canada)

ASN47043 (SMARTADSERVER, CA)

www15.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:10::1737:a320 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

gs.trrsf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-10969-0.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.98.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-4.fra50.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (None, ) 2 redirects

ASN- ()

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.177.54 (None, ) 1 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.85.122 (None, )

ASN- ()

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.5.142 (None, ) 3 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.226.253 (None, ) 1 redirects

ASN- ()

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.248.204.54 (None, ) 2 redirects

ASN- ()

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.248 (None, )

ASN- ()

u-ams02.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.165 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.64.189.110 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (None, ) 1 redirects

ASN- ()

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.6.213 (None, ) 1 redirects

ASN- ()

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c027 (None, )

ASN- ()

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.181.122 (None, )

ASN- ()

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (None, ) 3 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (None, ) 1 redirects

ASN- ()

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.98.128.108 (None, ) 1 redirects

ASN- ()

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (None, )

ASN- ()

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (None, )

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.59.148.16 (None, ) 2 redirects

ASN- ()

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (None, ) 2 redirects

ASN- ()

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.0.31 (None, ) 1 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.157.58.24 (None, ) 3 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.178.101 (None, ) 2 redirects

ASN- ()

a.volvelle.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (None, )

ASN- ()

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f000:bbbb::11 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (None, ) 1 redirects

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.196.12 (None, ) 1 redirects

ASN- ()

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (None, ) 1 redirects

ASN- ()

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.90 (None, ) 1 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.52.99 (None, )

ASN- ()

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	akamaihd.net studiosol-a.akamaihd.net	713 KB
23	pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com	31 KB
20	doubleclick.net 6 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net stats.g.doubleclick.net googleads4.g.doubleclick.net	182 KB
18	rubiconproject.com 6 redirects fastlane.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com pixel-eu.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	45 KB
16	googlesyndication.com 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	89 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	100 KB
9	google.com www.google.com adservice.google.com accounts.google.com	76 KB
9	cifraclub.com.br master.cifraclub.com.br id.cifraclub.com.br	2 KB
8	tailtarget.com tags.t.tailtarget.com d.tailtarget.com tt-10969-0.seg.t.tailtarget.com b.t.tailtarget.com t.tailtarget.com	41 KB
7	adsrvr.org 4 redirects ie1-bid.adsrvr.org match.adsrvr.org	3 KB
6	trustarc.com choices.trustarc.com	17 KB
6	2mdn.net s0.2mdn.net	93 KB
6	yahoo.com 2 redirects c2shb.ssp.yahoo.com pr-bh.ybp.yahoo.com ads.yahoo.com ups.analytics.yahoo.com	2 KB
5	adform.net 3 redirects c1.adform.net	2 KB
5	casalemedia.com 2 redirects ssum.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	6 KB
5	adnxs.com 2 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	21 KB
5	googleapis.com www.googleapis.com firebaseinstallations.googleapis.com firebaseremoteconfig.googleapis.com	2 KB
4	bidr.io 2 redirects match.prod.bidr.io	2 KB
4	mmi360.net tags.mmi360.net events.mmi360.net	6 KB
4	googletagservices.com www.googletagservices.com	95 KB
4	google.de www.google.de adservice.google.de	1 KB
4	smartadserver.com prg.smartadserver.com itx5.smartadserver.com www15.smartadserver.com	7 KB
4	e-planning.net 1 redirects ads.us.e-planning.net u-ams02.e-planning.net	2 KB
4	googletagmanager.com www.googletagmanager.com	148 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	onaudience.com 2 redirects pixel.onaudience.com	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net	822 B
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	google-analytics.com www.google-analytics.com	56 KB
2	volvelle.tech 2 redirects a.volvelle.tech	1 KB
2	exelator.com 2 redirects loada.exelator.com	2 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	1 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	sascdn.com ced-ns.sascdn.com apps.sascdn.com	11 KB
2	jsdelivr.net cdn.jsdelivr.net	11 KB
2	facebook.net connect.facebook.net	84 KB
2	cifraclub.com 1 redirects cifraclub.com www.cifraclub.com	23 KB
1	gumgum.com rtb.gumgum.com	238 B
1	playground.xyz 1 redirects ads.playground.xyz	432 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	337 B
1	turn.com 1 redirects ad.turn.com	518 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	simpli.fi um.simpli.fi	616 B
1	deepintent.com match.deepintent.com	44 B
1	erne.co 1 redirects green.erne.co	327 B
1	iprom.net 1 redirects core.iprom.net	517 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	535 B
1	adgrx.com cm.adgrx.com	408 B
1	ad4m.at ad4m.at	915 B
1	loopme.me 1 redirects csync.loopme.me	217 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	criteo.com dis.criteo.com	334 B
1	demdex.net dpm.demdex.net
1	trrsf.com gs.trrsf.com	2 KB
1	bizibly.com cdn.bizibly.com	345 B
1	rlcdn.com id.rlcdn.com
1	truste.com choices.truste.com	9 KB
1	facebook.com www.facebook.com	295 B
1	googleadservices.com www.googleadservices.com	14 KB
1	trrsf.com.br s1.trrsf.com.br	2 KB
1	gstatic.com www.gstatic.com	13 KB
0	quantserve.com Failed pixel.quantserve.com Failed
0	atdmt.com Failed ad.atdmt.com Failed
233	68

	Domain	Requested by
41	studiosol-a.akamaihd.net	www.cifraclub.com studiosol-a.akamaihd.net
12	simage2.pubmatic.com	ads.pubmatic.com
9	pagead2.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
8	dt.adsafeprotected.com	527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
8	cm.g.doubleclick.net	6 redirects 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
7	master.cifraclub.com.br	www.cifraclub.com studiosol-a.akamaihd.net
6	image2.pubmatic.com	ads.pubmatic.com
6	choices.trustarc.com	choices.truste.com choices.trustarc.com
6	s0.2mdn.net	www.cifraclub.com s0.2mdn.net
6	match.adsrvr.org	4 redirects 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com ssum.casalemedia.com
6	eus.rubiconproject.com	www.cifraclub.com eus.rubiconproject.com studiosol-a.akamaihd.net
6	securepubads.g.doubleclick.net	www.cifraclub.com securepubads.g.doubleclick.net 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com www.googletagservices.com
5	c1.adform.net	3 redirects ssum.casalemedia.com ads.pubmatic.com
5	tpc.googlesyndication.com	527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com www.cifraclub.com tpc.googlesyndication.com securepubads.g.doubleclick.net
4	match.prod.bidr.io	2 redirects ssum.casalemedia.com ads.pubmatic.com
4	token.rubiconproject.com	4 redirects
4	accounts.google.com	studiosol-a.akamaihd.net
4	www.googletagservices.com	527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com fw.adsafeprotected.com s0.2mdn.net
4	www.google.com	www.cifraclub.com tpc.googlesyndication.com
4	www.googletagmanager.com	www.cifraclub.com www.googletagmanager.com
3	x.bidswitch.net	3 redirects
3	pixel.onaudience.com	2 redirects ads.pubmatic.com
3	events.mmi360.net	527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
3	sb.scorecardresearch.com	1 redirects s1.trrsf.com.br www.cifraclub.com
3	sync-tm.everesttech.net	3 redirects
3	sync.mathtag.com	3 redirects
3	pixel.rubiconproject.com	527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
3	www.google.de	www.cifraclub.com
3	ib.adnxs.com	1 redirects studiosol-a.akamaihd.net acdn.adnxs.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	a.volvelle.tech	2 redirects
2	loada.exelator.com	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	sync.1rx.io	2 redirects
2	d5p.de17a.com	2 redirects
2	u-ams02.e-planning.net	ssum.casalemedia.com ads.pubmatic.com
2	bcp.crwdcntrl.net	1 redirects ssum.casalemedia.com
2	dsum-sec.casalemedia.com	1 redirects ssum.casalemedia.com
2	s.amazon-adsystem.com	1 redirects ssum.casalemedia.com
2	ads.pubmatic.com	studiosol-a.akamaihd.net ads.pubmatic.com
2	ssum.casalemedia.com	1 redirects studiosol-a.akamaihd.net
2	firebaseremoteconfig.googleapis.com	www.gstatic.com
2	b.t.tailtarget.com	d.tailtarget.com
2	tt-10969-0.seg.t.tailtarget.com	d.tailtarget.com
2	firebaseinstallations.googleapis.com	www.gstatic.com
2	d.tailtarget.com	www.cifraclub.com d.tailtarget.com
2	googleads4.g.doubleclick.net	www.cifraclub.com
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	pixel-eu.rubiconproject.com	eus.rubiconproject.com
2	fw.adsafeprotected.com	1 redirects ced-ns.sascdn.com
2	secure-assets.rubiconproject.com	2 redirects
2	527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	googleads.g.doubleclick.net	www.googleadservices.com
2	prg.smartadserver.com	studiosol-a.akamaihd.net
2	ads.us.e-planning.net	1 redirects www.cifraclub.com
2	c2shb.ssp.yahoo.com	studiosol-a.akamaihd.net
2	cdn.jsdelivr.net	studiosol-a.akamaihd.net 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
2	id.cifraclub.com.br	studiosol-a.akamaihd.net
2	connect.facebook.net	www.cifraclub.com connect.facebook.net
1	rtb.gumgum.com	ads.pubmatic.com
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	ad.turn.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	ups.analytics.yahoo.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	match.deepintent.com	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	green.erne.co	1 redirects
1	core.iprom.net	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	cm.adgrx.com	ads.pubmatic.com
1	ad4m.at	ads.pubmatic.com
1	csync.loopme.me	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	dpm.demdex.net	ssum.casalemedia.com
1	ssum-sec.casalemedia.com	ssum.casalemedia.com
1	image6.pubmatic.com	ads.pubmatic.com
1	acdn.adnxs.com	studiosol-a.akamaihd.net
1	t.tailtarget.com
1	gs.trrsf.com	s1.trrsf.com.br
1	www15.smartadserver.com	527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
1	cdn.bizibly.com	527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
1	tags.mmi360.net	s0.2mdn.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	tags.t.tailtarget.com	s1.trrsf.com.br
1	ad.doubleclick.net	www.googletagservices.com
1	static.adsafeprotected.com	527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
1	id.rlcdn.com	527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
1	ads.yahoo.com	527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
1	ie1-bid.adsrvr.org	ced-ns.sascdn.com
1	itx5.smartadserver.com	ced-ns.sascdn.com
1	choices.truste.com	ced-ns.sascdn.com
1	apps.sascdn.com	ced-ns.sascdn.com
1	ced-ns.sascdn.com	www.cifraclub.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.facebook.com	www.cifraclub.com
1	www.googleadservices.com	www.googletagmanager.com
1	fastlane.rubiconproject.com	studiosol-a.akamaihd.net
1	www.googleapis.com	studiosol-a.akamaihd.net
1	s1.trrsf.com.br	www.cifraclub.com
1	www.gstatic.com	www.cifraclub.com
1	www.cifraclub.com
1	cifraclub.com	1 redirects
0	pixel.quantserve.com Failed	ads.pubmatic.com
0	ad.atdmt.com Failed	527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
233	111

This site contains links to these domains. Also see Links.

Domain
forum.cifraclub.com.br
www.formesuabanda.com.br
play.google.com
itunes.apple.com
www.microsoft.com
www.youtube.com
id.cifraclub.com.br
suporte.cifraclub.com.br
www.studiosol.com.br
www.instagram.com
www.letras.mus.br
www.palcomp3.com
www.terra.com.br

Subject Issuer	Validity	Valid
terra.com.br DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-27` - `2021-12-01`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.cifraclub.com.br R3	`2021-11-01` - `2022-01-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-22` - `2021-11-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
id.cifraclub.com R3	`2021-11-01` - `2022-01-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2021-09-13` - `2022-09-13`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.truste.com Amazon	`2021-02-16` - `2022-03-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.adsafeprotected.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-17`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-25`	a year	crt.sh
tags.mmi360.net Amazon	`2021-06-26` - `2022-07-25`	a year	crt.sh
io.bizible.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-30` - `2022-07-05`	a year	crt.sh
events.mmi360.net Amazon	`2021-05-04` - `2022-06-02`	a year	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
*.e-planning.net R3	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.pbp.bf2.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-11-03` - `2022-02-02`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh

This page contains 34 frames:

Primary Page: https://www.cifraclub.com/
Frame ID: C23475E21DA88D5C9752F90F30504508
Requests: 107 HTTP requests in this frame

Frame: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 56CF5D5CF92CB7CD33C86C841600A839
Requests: 1 HTTP requests in this frame

Frame: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 67D5DF1663766784A987D1B42C89D7A2
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 31548D8197B0188E04A890F26385E1E8
Requests: 11 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: A4B899189E0DDDA379EAD33935999DC8
Requests: 2 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22306914992894826582%22%2c%22adomain%22%3a%22cisco.com%22%2c%22page%22%3a%22886941%22%2c%22format%22%3a%2269251%22%2c%22crid%22%3a%2218b6avuw%22%2c%22dsp%22%3a%2275%22%2c%22buyer%22%3a%2277167%22%2c%22cid%22%3a%22on5b0tw%22%2c%22adid%22%3a%22%22%2c%22hash%22%3a%22-4850650077698272977%22%7d
Frame ID: 2873B881E9239BD5D8CD743CA5A783FF
Requests: 1 HTTP requests in this frame

Frame: https://fw.adsafeprotected.com/rjss/www.googletagservices.com/794060/56592879/dcm/dcmads.js
Frame ID: C434B6599776AF50486E5AA3ED117AFD
Requests: 32 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 085F18588924332B311C6A31CCFC6870
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FC865DC44088C0B8F8F0D90E33659D73
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/5809340/1630577257528/DE-DEU_XA-02_0_728x90_BAN-S_HTML5_TOFU-no-Cross-Architecture-Visibility-ConnectedITInsights-PHOTO-wCTA-CIO_otroth025343_50/index.html
Frame ID: 61EA97EF2DD6E51AB76306460963D950
Requests: 5 HTTP requests in this frame

Frame: https://gs.trrsf.com/fe/zaz-mod-globalstorage/server.html
Frame ID: 1AE6A023A7D2CE9801E3DE95819756D8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 987ADCFE7B64024D647AEDBCAEB0351D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 905EAF6601CACC0347C7994429762B95
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: FBFD741E5AFBBB78D04734EB38B59B63
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: DAA293BCC349A48B36A5ABDF5ADBAA92
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 51CDF672C2E38A860AC4F7F8AF137715
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc5ba1affd53502c0%26uid%3D&s=190243&C=1
Frame ID: 8128C9C0FD5107218B3912CB78574AF0
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D256B171A5EC78EDC3C145C777CF89F6
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Frame ID: 27977DA28C0266984B18FCA894AFF68A
Requests: 22 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2CCD9A58-720B-4CB5-AED8-99FAB384A2F1
Frame ID: CFC6278B585B3A4949BD55A118F92210
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2522093242712026743
Frame ID: 708946E7187DFC281A43BB3C918CC691
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 55E6A94668AEC668C154E0474014D80A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7029934029798045851
Frame ID: B85657AAC8EBA7DEFC1BEAC6618337FA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YY9XvQAEKbfgaABR&gdpr=0&gdpr_consent=
Frame ID: 7472C0E7301573182505EBAA5507D4F6
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: C6FCF34DD52BDAAF0303C9270769B587
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 7BBE126BAAC43ECF0C6D0EF7EFA826A5
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 362C90103DF7FC2B5ABBE7F045A7CBCC
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 96B076B0638A07E38F319BFC8383DCDC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d03e793f-a14a-4302-9813-700bc9baf692-003
Frame ID: 388837039683C0BB72A3E085889153D8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=86102380137072
Frame ID: 7E46457679CCF36A2C722D12E66B9967
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=8Jq6dTUiwIBSMd4XuKa5Xzw2
Frame ID: 28537092BE44DD64BA7F36618567D23A
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: AD1E9F09D23D68A3DCC79C86B824644E
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: F0AA2FCED69D32BA2F04D98528385C5A
Requests: 1 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=c5ba1affd53502c0&uid=2CCD9A58-720B-4CB5-AED8-99FAB384A2F1
Frame ID: 53E9A9FC94A6BEF5B4EBF8E1278F38A3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cifra Club - Tu sitio web de cifrados y tablaturas

Page URL History Show full URLs

http://cifraclub.com/ HTTP 301
https://www.cifraclub.com/ Page URL

Page Statistics

233
Requests

87 %
HTTPS

33 %
IPv6

68
Domains

111
Subdomains

79
IPs

9
Countries

1905 kB
Transfer

5378 kB
Size

36
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: http://forum.cifraclub.com.br/
Title: Fórum Cifra Club

Search URL Search Domain Scan URL

URL: http://www.formesuabanda.com.br/
Title: Forme Sua Banda

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.studiosol.cifraclub
Title: Google Play

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/br/app/cifra-club/id921625944
Title: App Store

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/pt-br/store/apps/cifra-club/9wzdncrfj18m
Title: Windows Store

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.studiosol.afinadorlite
Title: Google Play

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/br/app/afinador-cifra-club/id480625281?mt=8
Title: App Store

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/pt-br/store/apps/cifra-club-tuner/9wzdncrfj17z
Title: Windows Store

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.studiosol.metronomo
Title: Google Play

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/br/app/metronomo-cifra-club/id569883867?mt=8
Title: App Store

Search URL Search Domain Scan URL

URL: http://www.youtube.com/channel/UCpypU2XLYmOsf36xgcgrW3w?sub_confirmation=1
Title: YouTube

Search URL Search Domain Scan URL

URL: https://id.cifraclub.com.br/cadastro/
Title: Crea tu cuenta gratis

Search URL Search Domain Scan URL

URL: https://suporte.cifraclub.com.br/support/home
Title: Contacto

Search URL Search Domain Scan URL

URL: https://www.studiosol.com.br/cifraclub?lang=es
Title: Anuncia en Cifra Club

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/br/developer/studio-sol-comunicacao-digital-ltda/id480625284
Title: Aplicaciones - App Store

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/dev?id=4640611904280183354&hl=pt_BR
Title: Aplicaciones - Google Play

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/pt-br/store/search/apps?q=Studio%20Sol%20Comunica%C3%A7%C3%A3o%20Digital%20Ltda%20Epp
Title: Aplicaciones - Microsoft Store

Search URL Search Domain Scan URL

URL: https://www.youtube.com/cifraclub
Title: Síguenos: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cifraclub.es/
Title: Síguenos: Instagram

Search URL Search Domain Scan URL

URL: https://www.letras.mus.br/
Title: Letras

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com/
Title: Palco MP3

Search URL Search Domain Scan URL

URL: https://www.studiosol.com.br/?lang=es
Title: Studio Sol

Search URL Search Domain Scan URL

URL: https://www.terra.com.br/
Title: Terra Música

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cifraclub.com/ HTTP 301
https://www.cifraclub.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://ads.us.e-planning.net/hb/1/276aa/1/www.cifraclub.com/ROS?rnd=0.11818408342387321&e=728x90_0%3A728x90%2C970x250%2C970x90%2C970x150%2C1055x250%2B728x90_1%3A728x90%2C970x250%2C970x90%2C970x150%2C1055x250&ur=https%3A%2F%2Fwww.cifraclub.com%2F&r=pbjs&pbv=4.21.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cifraclub.com%2F HTTP 302
https://ads.us.e-planning.net/hb/1/276aa/1/www.cifraclub.com/ROS?ct=1&rnd=0.11818408342387321&e=728x90_0%3A728x90%2C970x250%2C970x90%2C970x150%2C1055x250%2B728x90_1%3A728x90%2C970x250%2C970x90%2C970x150%2C1055x250&ur=https%3A%2F%2Fwww.cifraclub.com%2F&r=pbjs&pbv=4.21.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cifraclub.com%2F

Request Chain 87

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Request Chain 100

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/AWs43okqdNZCgYI0mwTDag?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1062711136526384691

Request Chain 101

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ec91618f-57bd-4400-b4ce-227c69dceede

Request Chain 102

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZYRVlWVUYtOC1LQVg0

Request Chain 103

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YY9XvQAEKbfgaABR HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YY9XvQAEKbfgaABR&_test=YY9XvQAEKbfgaABR

Request Chain 104

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVXEYVUF-8-KAX4&sigv=1&esig=2~cede0182b17f45ea07966b955e196da6007291fa

Request Chain 105

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjFlMjg0MGI2NzFmNjhjMzY0NGFlMzlmZmIyNzFkMTkwNTg3MGJhNw

Request Chain 107

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/794060/56592879/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fwww.cifraclub.com&adsafe_type=g&adsafe_url=https%3A%2F%2F527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=bd&adsafe_jsinfo=,id:9f3459a3-26ae-322e-46ce-b8aa523f6037,c:tPekEl,sl:outOfView,em:true,fr:false,thd:1,mn:app03ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:4,fm:sOCD7cS+11%7C1211%7C1212*.794060-56592879%7C12121%7C13,idMap:1212*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:19,oid:f0e05360-4448-11ec-b293-0a6fa201f3de,v:19.8.267,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://www.googletagservices.com/dcm/dcmads.js

Request Chain 119

https://sb.scorecardresearch.com/b?c1=2&c2=3000033&ns__t=1636784061381&ns_c=UTF-8&cv=3.5&c8=Cifra%20Club%20-%20Tu%20sitio%20web%20de%20cifrados%20y%20tablaturas&c7=https%3A%2F%2Fwww.cifraclub.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3000033&ns__t=1636784061381&ns_c=UTF-8&cv=3.5&c8=Cifra%20Club%20-%20Tu%20sitio%20web%20de%20cifrados%20y%20tablaturas&c7=https%3A%2F%2Fwww.cifraclub.com%2F&c9=

Request Chain 179

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Request Chain 181

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc5ba1affd53502c0%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc5ba1affd53502c0%26uid%3D&s=190243&C=1

Request Chain 189

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY9XwZpsvgzucl67YCPJGAAABFgAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY9XwZpsvgzucl67YCPJGAAABFgAAAIB&dcc=t

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YY9XwZpsvgzucl67YCPJGAAABFgAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAQSev09H86cRhp0dmjx7Cs&google_cver=1

Request Chain 192

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YY9XwZpsvgzucl67YCPJGAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHKZlqBDEZuhOl2HaMVQt7o&google_cver=1&gdpr=1

Request Chain 195

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YY9XwZpsvgzucl67YCPJGAAA%261112?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YY9XwZpsvgzucl67YCPJGAAA%261112?gdpr_consent=&us_privacy=&gdpr=1

Request Chain 198

https://c1.adform.net/serving/cookie/match?party=14&cid=2CCD9A58-720B-4CB5-AED8-99FAB384A2F1 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2CCD9A58-720B-4CB5-AED8-99FAB384A2F1

Request Chain 199

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2522093242712026743

Request Chain 201

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7029934029798045851

Request Chain 202

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YY9XvQAEKbfgaABR&gdpr=0&gdpr_consent=

Request Chain 203

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBOE1FN0RIckFBQUNqeF83YUg3Zw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 204

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 207

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7529025409 HTTP 302
https://sync.1rx.io/usersync/tradedesk/dc975bbe-5968-40f6-b97d-40c7040e0f80 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-d03e793f-a14a-4302-9813-700bc9baf692-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-d03e793f-a14a-4302-9813-700bc9baf692-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d03e793f-a14a-4302-9813-700bc9baf692-003

Request Chain 208

https://core.iprom.net/cookiesync HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=86102380137072

Request Chain 209

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=8Jq6dTUiwIBSMd4XuKa5Xzw2

Request Chain 210

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LM2aWHILTLWu2Jn6s4Si8Q%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 214

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ec91618f-57bd-4400-b4ce-227c69dceede

Request Chain 215

https://pixel.onaudience.com/?partner=214&mapped=2CCD9A58-720B-4CB5-AED8-99FAB384A2F1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=dc975bbe-5968-40f6-b97d-40c7040e0f80&icm HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=9743e0ca69096723938974229edad689

Request Chain 216

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkNDRDlBNTgtNzIwQi00Q0I1LUFFRDgtOTlGQUIzODRBMkYx&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 217

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEAQWBhy6fgyF2mKll--QJE&google_cver=1

Request Chain 219

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ec91618f-57bd-4400-b4ce-227c69dceede&gdpr=0&gdpr_consent=

Request Chain 220

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5309686342242749094

Request Chain 221

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=dc975bbe-5968-40f6-b97d-40c7040e0f80

Request Chain 222

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3196026263755864367&gdpr=0&gdpr_consent=

Request Chain 223

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2CCD9A58-720B-4CB5-AED8-99FAB384A2F1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7q.O_VZE2uUgiQ1xiZTmSHKeEK5Mndk-~A&gdpr=0&gdpr_consent=

Request Chain 226

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=e9af4728-52a3-48ef-adf9-78a6462b3096 HTTP 302
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=e9af4728-52a3-48ef-adf9-78a6462b3096 HTTP 302
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=69a17735-16fd-4604-90b1-a4f879b13be7&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e9af4728-52a3-48ef-adf9-78a6462b3096&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 228

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8714368944058975178&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 229

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 230

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:98922222-afe1-41c8-be94-da5bf0cb5276&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 231

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3196026263755864367

233 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.cifraclub.com/
Redirect Chain

http://cifraclub.com/
https://www.cifraclub.com/

115 KB
23 KB

85ms
14ms

Document
text/html

2.16.186.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cifraclub.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-17.deploy.static.akamaitechnologies.com
Software: nginx / PHP/5.6.37
Resource Hash: eaa8fcd4f239ac70701608439205111eb3978ffa456c64d2f08e11b05dbb3a77

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.6.37
Content-Encoding: gzip
Content-Length: 23523
Date: Sat, 13 Nov 2021 06:14:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: nginx
Date: Sat, 13 Nov 2021 06:14:19 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.cifraclub.com/

GET
H2 200 opensans-light.woff2
studiosol-a.akamaihd.net/cc/font/opensans/ 18 KB
18 KB 73ms
8ms Font
application/octet-stream 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://studiosol-a.akamaihd.net/cc/font/opensans/opensans-light.woff2
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4f25af342124d142dd99b5b3a4b90e660cd4b96dc7c2bf4e54c1a802cc93d521

Request headers

Referer: https://www.cifraclub.com/
Origin: https://www.cifraclub.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
last-modified: Tue, 05 Oct 2021 14:38:13 GMT
server: nginx
etag: "615c6355-4828"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 18472
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 f4031.desktop.css
studiosol-a.akamaihd.net/cc/css/ 405 KB
71 KB 72ms
7ms Stylesheet
text/css 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://studiosol-a.akamaihd.net/cc/css/f4031.desktop.css
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5f4752d2e40d18d374155b6d069527118b15e4c96d794c679b8d7a1b5905141d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
last-modified: Wed, 03 Nov 2021 17:18:44 GMT
server: nginx
etag: W/"6182c474-654b4"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 72314
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 2bc80.client.css
studiosol-a.akamaihd.net/id/ 9 KB
2 KB 84ms
19ms Stylesheet
text/css 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://studiosol-a.akamaihd.net/id/2bc80.client.css
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c4481c6ba547aa86d92e597f2ea20af2fa8f5437b6071df41fc8ed78cd8d9f74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 20:31:52 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2149
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 51ms
28ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Requested by

Host: www.cifraclub.com
URL: https://www.cifraclub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d10a1c4a1066db16cbaefa8683918f019309914d991a1ca29775e3825f9c10ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:19 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 36147
x-xss-protection: 0
expires: Sat, 13 Nov 2021 06:14:19 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 38ms
14ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.cifraclub.com
URL: https://www.cifraclub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

c20fb3853e78f1fd105254860320de5dba68c02eccade762896c91c205954a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1042 / 260 of 1000 / last-modified: 1636758378"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: clear
content-length: 26699
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 13 Nov 2021 06:14:19 GMT

GET
H2 200 7b664.ads-manager.js Show response
studiosol-a.akamaihd.net/cc/js/ 17 KB
5 KB 81ms
20ms Script
application/x-javascript 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://studiosol-a.akamaihd.net/cc/js/7b664.ads-manager.js
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 51d37de28441f112ef4cb07a881a3608d7832876e20cfcb545342ee62e7acbb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
last-modified: Wed, 03 Nov 2021 17:18:36 GMT
server: nginx
etag: W/"6182c46c-45a1"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 4479
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 cf6ceba1636729499_x1_big_1295.jpeg
studiosol-a.akamaihd.net/tb/cifraclub/destaques/e/0/e/3/ 40 KB
41 KB 550ms
490ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/tb/cifraclub/destaques/e/0/e/3/cf6ceba1636729499_x1_big_1295.jpeg
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0dd3a03081b692553e19db276fa5683b765278b15489bfffec5d1793d17d0a41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 41422
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 1286.gif
master.cifraclub.com.br/api/v3/highlight/views/1798/desktop/ 43 B
179 B 634ms
212ms Image
image/gif 177.54.144.22
Maxihost LTDA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://master.cifraclub.com.br/api/v3/highlight/views/1798/desktop/1286.gif
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 177.54.144.22 São Paulo, Brazil, ASN262287 (Maxihost LTDA, BR),
Reverse DNS: tiradentes.prod.sscdn.co
Software: nginx / CifraClubAPI/0f9cf24d
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: CifraClubAPI/0f9cf24d
content-length: 43
content-type: image/gif

GET
H2 200 e704fc71636641345_x1_small.png
studiosol-a.akamaihd.net/tb/cifraclub/destaques/a/5/a/0/ 7 KB
7 KB 527ms
467ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/tb/cifraclub/destaques/a/5/a/0/e704fc71636641345_x1_small.png
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 917f98718be3f2f3d9ce55e6c9cce3e7fe206f956d38a401dcaad887af9ee84d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 6946
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 1286.gif
master.cifraclub.com.br/api/v3/highlight/views/1791/desktop/ 43 B
179 B 632ms
210ms Image
image/gif 177.54.144.22
Maxihost LTDA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://master.cifraclub.com.br/api/v3/highlight/views/1791/desktop/1286.gif
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 177.54.144.22 São Paulo, Brazil, ASN262287 (Maxihost LTDA, BR),
Reverse DNS: tiradentes.prod.sscdn.co
Software: nginx / CifraClubAPI/0f9cf24d
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: CifraClubAPI/0f9cf24d
content-length: 43
content-type: image/gif

GET
H2 200 796b7a51636551896_x1_small.jpeg
studiosol-a.akamaihd.net/tb/cifraclub/destaques/2/b/a/a/ 12 KB
13 KB 33ms
31ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/tb/cifraclub/destaques/2/b/a/a/796b7a51636551896_x1_small.jpeg
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a2c76a6925fa5440c968fbf2455acf8209202ecb5ad6e83d4c2439e870d13e54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 12710
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 1286.gif
master.cifraclub.com.br/api/v3/highlight/views/1790/desktop/ 43 B
179 B 633ms
211ms Image
image/gif 177.54.144.22
Maxihost LTDA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://master.cifraclub.com.br/api/v3/highlight/views/1790/desktop/1286.gif
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 177.54.144.22 São Paulo, Brazil, ASN262287 (Maxihost LTDA, BR),
Reverse DNS: tiradentes.prod.sscdn.co
Software: nginx / CifraClubAPI/0f9cf24d
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: CifraClubAPI/0f9cf24d
content-length: 43
content-type: image/gif

GET
H2 200 796b7a51636475277_x1_small.jpeg
studiosol-a.akamaihd.net/tb/cifraclub/destaques/2/5/1/f/ 9 KB
9 KB 33ms
31ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/tb/cifraclub/destaques/2/5/1/f/796b7a51636475277_x1_small.jpeg
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 61bdafe3b7394bada6486525f18d5951b903ca6a086183e640a009701f8e41a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 9310
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 1286.gif
master.cifraclub.com.br/api/v3/highlight/views/1785/desktop/ 43 B
179 B 632ms
210ms Image
image/gif 177.54.144.22
Maxihost LTDA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://master.cifraclub.com.br/api/v3/highlight/views/1785/desktop/1286.gif
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 177.54.144.22 São Paulo, Brazil, ASN262287 (Maxihost LTDA, BR),
Reverse DNS: tiradentes.prod.sscdn.co
Software: nginx / CifraClubAPI/0f9cf24d
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: CifraClubAPI/0f9cf24d
content-length: 43
content-type: image/gif

GET
H2 200 796b7a51636389682_x1_small.jpeg
studiosol-a.akamaihd.net/tb/cifraclub/destaques/4/c/d/3/ 7 KB
8 KB 33ms
31ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/tb/cifraclub/destaques/4/c/d/3/796b7a51636389682_x1_small.jpeg
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 57ed75edd61eb5ea1ef9882d3775463adaa5a2af7731a75f77b23e6822bab967

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 7436
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 1286.gif
master.cifraclub.com.br/api/v3/highlight/views/1783/desktop/ 43 B
179 B 633ms
211ms Image
image/gif 177.54.144.22
Maxihost LTDA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://master.cifraclub.com.br/api/v3/highlight/views/1783/desktop/1286.gif
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 177.54.144.22 São Paulo, Brazil, ASN262287 (Maxihost LTDA, BR),
Reverse DNS: tiradentes.prod.sscdn.co
Software: nginx / CifraClubAPI/0f9cf24d
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: CifraClubAPI/0f9cf24d
content-length: 43
content-type: image/gif

GET
H2 200 d7bdb8738aa4d1cdfa9d39dbc75d2b12-tb.jpg
studiosol-a.akamaihd.net/letras/78x78/fotos/d/7/b/d/ 2 KB
2 KB 31ms
29ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/letras/78x78/fotos/d/7/b/d/d7bdb8738aa4d1cdfa9d39dbc75d2b12-tb.jpg
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1f25db87d77610f309ab941ff76ce47e1e2a8a96e19d6827ed76e30d51915e7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1872
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 bb7ae374cb7c6aefb0c6dea05363c767-tb.jpg
studiosol-a.akamaihd.net/letras/78x78/fotos/b/b/7/a/ 2 KB
2 KB 36ms
34ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/letras/78x78/fotos/b/b/7/a/bb7ae374cb7c6aefb0c6dea05363c767-tb.jpg
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c2ebd7fb391f05c5bacb2e0009ada95214f5e37215d7725dff4ce93bc2883754

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1968
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 22178e803ec7e5ef786217621f2a3aef-tb.jpg
studiosol-a.akamaihd.net/letras/78x78/fotos/2/2/1/7/ 1 KB
2 KB 35ms
33ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/letras/78x78/fotos/2/2/1/7/22178e803ec7e5ef786217621f2a3aef-tb.jpg
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 683d89b8c6998f15933616acdfadd39a1f14f2d184114f98169aad11f9c37b93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1508
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 9640a9aa5c9fd17dd1a3015756725789-tb.jpg
studiosol-a.akamaihd.net/letras/78x78/fotos/9/6/4/0/ 1 KB
1 KB 35ms
33ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/letras/78x78/fotos/9/6/4/0/9640a9aa5c9fd17dd1a3015756725789-tb.jpg
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0e46601f06360953631305662978d70135b10b6de63328498c176a52df77a22b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1132
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 756e98ab3526b08bedc630d21f059abd-tb.jpg
studiosol-a.akamaihd.net/letras/78x78/fotos/7/5/6/e/ 1 KB
1 KB 478ms
476ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/letras/78x78/fotos/7/5/6/e/756e98ab3526b08bedc630d21f059abd-tb.jpg
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0851b1e41403e40f05f04e9cde44f92f667a41602bbd875844636509500313ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1064
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 firebase-performance-standalone.js Show response
www.gstatic.com/firebasejs/7.9.1/ 44 KB
13 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.9.1/firebase-performance-standalone.js

Requested by

Host: www.cifraclub.com
URL: https://www.cifraclub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59e8f33be46fb7a03d8db862b344a3e581550c8d38e0a28345be72de04a6c0e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 13:44:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13255
x-xss-protection: 0
last-modified: Fri, 21 Feb 2020 21:28:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Sat, 12 Nov 2022 13:44:51 GMT

GET
H2 200 40bff1b-fieras_del_fingerstyle.png
studiosol-a.akamaihd.net/tb-center/247x110/cifra-blog/es/wp-content/uploads/2021/11/ 4 KB
4 KB 36ms
34ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/tb-center/247x110/cifra-blog/es/wp-content/uploads/2021/11/40bff1b-fieras_del_fingerstyle.png
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2ebbfdf48dba8589046bfc308222df6c77cbe6da907ad2391ce8f0c869826c44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3984
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 804b44e-tipos_de_harmonica.png
studiosol-a.akamaihd.net/tb-center/247x110/cifra-blog/es/wp-content/uploads/2021/11/ 4 KB
4 KB 37ms
35ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/tb-center/247x110/cifra-blog/es/wp-content/uploads/2021/11/804b44e-tipos_de_harmonica.png
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 00b1c4910c4f2b03e85c94fdca2627facfc52ba12dc4a0705d9273b47a0f730f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3900
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 cadef92-Screenshot_4.png
studiosol-a.akamaihd.net/tb-center/247x110/cifra-blog/es/wp-content/uploads/2021/10/ 7 KB
7 KB 37ms
35ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/tb-center/247x110/cifra-blog/es/wp-content/uploads/2021/10/cadef92-Screenshot_4.png
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 76e98024a3a87047a31d769777e6a488faacadd5bdfd6d847b56c7dbe872e845

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 6660
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 e8b8626-cuidar_la_guitarra_de_las_temperaturas.png
studiosol-a.akamaihd.net/tb-center/247x110/cifra-blog/es/wp-content/uploads/2021/11/ 5 KB
5 KB 33ms
32ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/tb-center/247x110/cifra-blog/es/wp-content/uploads/2021/11/e8b8626-cuidar_la_guitarra_de_las_temperaturas.png
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c3c53c6aad42cfdbe3c890ca6077e756415dd037d1739b7507397771ff70645c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 4854
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 e1f49e6-tipos_de_microfonos.png
studiosol-a.akamaihd.net/tb-center/247x110/cifra-blog/es/wp-content/uploads/2021/10/ 3 KB
3 KB 35ms
33ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/tb-center/247x110/cifra-blog/es/wp-content/uploads/2021/10/e1f49e6-tipos_de_microfonos.png
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6e64f5a628213d3f2c82270b7eacba5376b07efc8281505877ca1e9f7424665d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2936
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 27ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.cifraclub.com
URL: https://www.cifraclub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3131cce63fe43e001b37c9c65a5d8ce1c68534ff20fa7b2de462955372565ed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.cifraclub.com/
Origin: https://www.cifraclub.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: LoeGJpJOn52cRNph4oSjrQ==
cross-origin-resource-policy: cross-origin
expires: Sat, 13 Nov 2021 06:33:37 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: shWZZYN5Hq6FwOfjMYQ8ilpFuxpranJGBeNFXPKfZK7o+qCjajOm2ELtt3aoOEh7Q1x/QiHWyLZJyWGeoyJyyg==
x-fb-trip-id: 917726464
x-fb-content-md5: 7fae9cec159e23874c8fde7318507530
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 13 Nov 2021 06:14:20 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "6114befd8120e2d92cc281eca8e1f530"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 es.js Show response
studiosol-a.akamaihd.net/cc/js/65395.desktop/ 10 KB
3 KB 75ms
20ms Script
application/x-javascript 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://studiosol-a.akamaihd.net/cc/js/65395.desktop/es.js
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3a110de3c15820e188a11e96b803d8e5bbfa350c3e47029ca15951eb9039ab25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
last-modified: Mon, 25 Oct 2021 13:29:42 GMT
server: nginx
etag: W/"6176b146-26ce"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2598
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 8e11a.desktop.js Show response
studiosol-a.akamaihd.net/cc/js/ 544 KB
126 KB 15ms
13ms Script
application/x-javascript 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://studiosol-a.akamaihd.net/cc/js/8e11a.desktop.js
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5b5a73f77cadd94c8d57b9d98350ae008d3b36a35faba6b5dcd570145603e425

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
last-modified: Wed, 10 Nov 2021 19:11:30 GMT
server: nginx
etag: W/"618c1962-881ea"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 128626
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 contentpar.js Show response
s1.trrsf.com.br/metrics/js/br/ 4 KB
2 KB 1297ms
122ms Script
application/x-javascript 208.84.244.97
TERRA-NETWORKS-MIAMI

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.trrsf.com.br/metrics/js/br/contentpar.js
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.84.244.97 , United States, ASN40260 (TERRA-NETWORKS-MIAMI, US),
Reverse DNS: mia-cdn.trrsf.com
Software: cloudflare-nginx /
Resource Hash: 5daa36e8a9f6540b5076591de86299aaeb4534c48344bc7e15e4c85e26825503

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:21 GMT
content-encoding: br
last-modified: Fri, 15 Oct 2021 15:07:15 GMT
server: cloudflare-nginx
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: content-type, x-cache
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
x-cdnterra-cache-status: HIT
timing-allow-origin: *
access-control-allow-headers: Content-Type

GET
H2 200 client.4a594.js Show response
studiosol-a.akamaihd.net/id/es-es/ 169 KB
50 KB 23ms
22ms Script
application/javascript 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://studiosol-a.akamaihd.net/id/es-es/client.4a594.js
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f2ecb1fa9b7606ca79c074ee54fad0a12d74100ac3b45551665f84dc07c9b365

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
server: nginx
etag: W/"b4bb8cb309ac2e8839fec12374b58e78"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 50649
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 sprite.svg
studiosol-a.akamaihd.net/cc/img/desktop// 107 KB
35 KB 22ms
17ms Image
image/svg+xml 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/cc/img/desktop//sprite.svg?v=19
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/css/f4031.desktop.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 79a8af5637afd2e8c84967b6fd4897802e7e9d83a4177a3386e706f7dad5e1c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://studiosol-a.akamaihd.net/cc/css/f4031.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
last-modified: Wed, 06 Oct 2021 13:26:23 GMT
server: nginx
etag: W/"615da3ff-1ace0"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 35121
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 montserrat-bold.woff
studiosol-a.akamaihd.net/cc/font/ 33 KB
33 KB 11ms
8ms Font
application/font-woff 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://studiosol-a.akamaihd.net/cc/font/montserrat-bold.woff
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/css/f4031.desktop.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d97e6492cb9d2678edba3bebd34967fd593eeca64f1c268e2c3008440cb0206e

Request headers

Referer: https://studiosol-a.akamaihd.net/cc/css/f4031.desktop.css
Origin: https://www.cifraclub.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
last-modified: Tue, 05 Oct 2021 14:38:13 GMT
server: nginx
etag: "615c6355-834c"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 33612
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 icn.svg
studiosol-a.akamaihd.net/cc/img/desktop// 54 KB
18 KB 19ms
16ms Image
image/svg+xml 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/cc/img/desktop//icn.svg?v=3
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/css/f4031.desktop.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f82fb7a91781ccc799972e3e565b454c194c1c305e78f2e0ba2e4be7b84ce7bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://studiosol-a.akamaihd.net/cc/css/f4031.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
last-modified: Thu, 23 Sep 2021 19:57:47 GMT
server: nginx
etag: W/"614cdc3b-d69f"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 17823
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 cifra.svg
studiosol-a.akamaihd.net/cc/img/desktop// 20 KB
6 KB 23ms
22ms Image
image/svg+xml 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/cc/img/desktop//cifra.svg?v=4
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/css/f4031.desktop.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 902dafac434d2b1ec6c3b4dc8ca3808b9668b600b4f40ad347c59df3bd40d61a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://studiosol-a.akamaihd.net/cc/css/f4031.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
last-modified: Thu, 23 Sep 2021 19:57:47 GMT
server: nginx
etag: W/"614cdc3b-500b"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 5391
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 ilustration.svg
studiosol-a.akamaihd.net/cc/img/desktop// 114 KB
60 KB 15ms
14ms Image
image/svg+xml 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/cc/img/desktop//ilustration.svg
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/css/f4031.desktop.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 74e2f67b2e01784c7c2da00462a6d03dbc788a7a6e3209b1fbd5c3e28cecac6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://studiosol-a.akamaihd.net/cc/css/f4031.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
last-modified: Mon, 25 Oct 2021 13:43:26 GMT
server: nginx
etag: W/"6176b47e-1c872"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 60746
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 slogan-es.svg
studiosol-a.akamaihd.net/cc/img/desktop// 11 KB
4 KB 475ms
474ms Image
image/svg+xml 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/cc/img/desktop//slogan-es.svg
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/css/f4031.desktop.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f6a52fcf29e406935d551573f714d9f200f7bd8e8ca6b3e2a9d3992cd3656cb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://studiosol-a.akamaihd.net/cc/css/f4031.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
last-modified: Thu, 23 Sep 2021 19:57:47 GMT
server: nginx
etag: W/"614cdc3b-2d27"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3613
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 bg-footer.svg
studiosol-a.akamaihd.net/cc/img/desktop// 6 KB
3 KB 13ms
12ms Image
image/svg+xml 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/cc/img/desktop//bg-footer.svg?v=2
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/css/f4031.desktop.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bba69f0b413bc0844b075dbf4458ac9c22fe1944d9a0306738f6600da846bc8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://studiosol-a.akamaihd.net/cc/css/f4031.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
last-modified: Thu, 23 Sep 2021 19:57:47 GMT
server: nginx
etag: W/"614cdc3b-175b"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2229
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 sprite-footer.svg
studiosol-a.akamaihd.net/cc/img/desktop// 50 KB
14 KB 17ms
17ms Image
image/svg+xml 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/cc/img/desktop//sprite-footer.svg?v=5
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/css/f4031.desktop.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c22922a7b93dd7b7559c551d903a373800765ccdf80c42b04158bf952ec0931

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://studiosol-a.akamaihd.net/cc/css/f4031.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
last-modified: Thu, 23 Sep 2021 19:57:47 GMT
server: nginx
etag: W/"614cdc3b-c935"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 14458
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 d474b.headerbidding.js Show response
studiosol-a.akamaihd.net/cc/js/ 273 KB
72 KB 31ms
31ms Script
application/x-javascript 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://studiosol-a.akamaihd.net/cc/js/d474b.headerbidding.js
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/js/7b664.ads-manager.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1ca3f1482a2af677a77209191c3923b91320ee1a27880e9060c5a00552eca77a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
last-modified: Wed, 10 Nov 2021 19:11:30 GMT
server: nginx
etag: W/"618c1962-4438a"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 72730
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 pubads_impl_2021111001.js Show response
securepubads.g.doubleclick.net/gpt/ 342 KB
115 KB 15ms
15ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063719

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

10149e81621b3a46836cd42ffe55748208254e3054a3013cbd6dc6b9d593521d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 117754
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 09:34:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 13 Nov 2021 06:14:20 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 186 B
630 B 34ms
15ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.cifraclub.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

baf4d2f145f24a01de263e63c1d98b3aab2493451434e8eaa4d21f16a81e9e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: clear
content-length: 119
x-xss-protection: 0
expires: Sat, 13 Nov 2021 06:14:20 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 285 KB
81 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1d4526a5785ef83ebc6be6ba0be0929a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d9dc1f3e6ca5e3300b0dd29ceb4b7c57a248da5b0b249e6e14b48b175fff39ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.cifraclub.com/
Origin: https://www.cifraclub.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: eIYaQjX4+mOXRsVDdj0/uQ==
cross-origin-resource-policy: cross-origin
expires: Sun, 13 Nov 2022 04:56:42 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82871
x-fb-rlafr: 0
x-fb-debug: a4jO4LcWdiedA2eqBxqdcRWOJ9ujK7IHN5W8QyDPM7nXv4KlMDJ8PopV553pChz2VSfte73Pn95TfyqCXrDprw==
x-fb-trip-id: 917726464
x-fb-content-md5: f09d9236ff58e9242bcd7ab367ce5e9a
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 13 Nov 2021 06:14:20 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "a93eb8f406bd057eb66f5a256abe1a1a"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 794
date: Sat, 13 Nov 2021 06:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 20006
expires: Sat, 13 Nov 2021 08:01:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-102201320-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3a9534e5306171ff4ef96f0625b0663dbd52206a93b523423c1cbcc5bc811a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 36131
x-xss-protection: 0
expires: Sat, 13 Nov 2021 06:14:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-391658277&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5fafddb156cd75bb2dbad89c3d9fec14d1b04a4ae3906d674e58536b8702d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 39559
x-xss-protection: 0
expires: Sat, 13 Nov 2021 06:14:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-376007190&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8768bd4cdde9f5ebc42eea6da4611396bbcac9483af55db12c054eb196031f09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 39558
x-xss-protection: 0
expires: Sat, 13 Nov 2021 06:14:20 GMT

GET
H2 401 sponsor Show response
master.cifraclub.com.br/api/v3/ 0
145 B 367ms
205ms Fetch 177.54.144.22
Maxihost LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://master.cifraclub.com.br/api/v3/sponsor
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/js/8e11a.desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 177.54.144.22 São Paulo, Brazil, ASN262287 (Maxihost LTDA, BR),
Reverse DNS: tiradentes.prod.sscdn.co
Software: nginx / CifraClubAPI/0f9cf24d
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.cifraclub.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://www.cifraclub.com
date: Sat, 13 Nov 2021 06:14:20 GMT
access-control-allow-credentials: true
server: nginx
x-powered-by: CifraClubAPI/0f9cf24d
content-length: 0

GET
H2 200 channels Show response
www.googleapis.com/youtube/v3/ 473 B
603 B 62ms
35ms Fetch
application/json 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/youtube/v3/channels?part=statistics&id=UCpypU2XLYmOsf36xgcgrW3w&key=AIzaSyDXV19VCO_UE1DE2zzkPGTuHS0ScvxdESQ

Requested by

Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/js/8e11a.desktop.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

f8bd42a4ccddd70adda016d0b8f9e0fa3163ccd7c9422ab321aa45fa7cdf31ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: clear
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 298
x-xss-protection: 0

GET
H2 200 715e5.desktopHome.js Show response
studiosol-a.akamaihd.net/cc/js/ 5 KB
2 KB 14ms
13ms Script
application/x-javascript 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://studiosol-a.akamaihd.net/cc/js/715e5.desktopHome.js
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/js/8e11a.desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f6f23d0570533daf7876fc0365d004517a08171a0e67f4149e595e9e7b2bade3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
last-modified: Wed, 03 Nov 2021 20:09:01 GMT
server: nginx
etag: W/"6182ec5d-148c"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1778
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 3bdd3cc42a0e2d34bc0fd9bf13c11422-tb.jpg
studiosol-a.akamaihd.net/letras/78x78/fotos/3/b/d/d/ 2 KB
2 KB 15ms
14ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/letras/78x78/fotos/3/b/d/d/3bdd3cc42a0e2d34bc0fd9bf13c11422-tb.jpg
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 77b5b884b778ba935007089f641a2c861f8e0bf4050b7e3a5dde5df97b446cbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1564
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 d3189c314b3491b5a56b5f393396cf1f-tb.jpg
studiosol-a.akamaihd.net/letras/78x78/fotos/d/3/1/8/ 2 KB
2 KB 13ms
11ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/letras/78x78/fotos/d/3/1/8/d3189c314b3491b5a56b5f393396cf1f-tb.jpg
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a22a74098701fdfaa1bf3e19429ef71c637092db21de493f465187657acaa7e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2206
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 daed0547263506e1469694fafdc16172-tb.jpg
studiosol-a.akamaihd.net/letras/78x78/fotos/d/a/e/d/ 1 KB
1 KB 14ms
13ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/letras/78x78/fotos/d/a/e/d/daed0547263506e1469694fafdc16172-tb.jpg
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7d9a333b16da5feea1999073314e620c2fd81ae28633fee9b4db28dd58a1feee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1188
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 d5998de7b2e3af88ceaefe8a1ea9c37d-tb.jpg
studiosol-a.akamaihd.net/letras/78x78/fotos/d/5/9/9/ 3 KB
3 KB 15ms
14ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/letras/78x78/fotos/d/5/9/9/d5998de7b2e3af88ceaefe8a1ea9c37d-tb.jpg
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c4d91aaa775dcd14f48169022eeebdf3e473e48b280608c2b6b28cfeb54f7cfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2582
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 5416d9ee2db3cf86b60997a55820c41a-tb.jpg
studiosol-a.akamaihd.net/letras/78x78/fotos/5/4/1/6/ 2 KB
2 KB 19ms
18ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/letras/78x78/fotos/5/4/1/6/5416d9ee2db3cf86b60997a55820c41a-tb.jpg
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c2b2ee19ddc39dbb5bf02c85bfd83fda0ca700d83dd6c8d0e1165edd41d97132

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2196
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 76f9f2858cdd986d0a66a3b871f47f04-tb.jpg
studiosol-a.akamaihd.net/letras/78x78/fotos/7/6/f/9/ 1 KB
2 KB 19ms
18ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/letras/78x78/fotos/7/6/f/9/76f9f2858cdd986d0a66a3b871f47f04-tb.jpg
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 728f20edf867007be9282fc04630e90fb75db09116d466a1cdcdf1a8e6c4daea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1432
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 aaa80592f87728c2cfc1d1bdbabd6cdb-tb.jpg
studiosol-a.akamaihd.net/letras/78x78/fotos/a/a/a/8/ 2 KB
2 KB 18ms
18ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/letras/78x78/fotos/a/a/a/8/aaa80592f87728c2cfc1d1bdbabd6cdb-tb.jpg
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5eec986a1a8406f32fee23f6f6805e779dbcc85881d0c25422947e3ecb0c7934

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2050
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 4ad922060d4a0c6bd07eab23d9b08bec-tb.jpg
studiosol-a.akamaihd.net/letras/78x78/fotos/4/a/d/9/ 1 KB
2 KB 19ms
19ms Image
image/webp 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studiosol-a.akamaihd.net/letras/78x78/fotos/4/a/d/9/4ad922060d4a0c6bd07eab23d9b08bec-tb.jpg
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c89bcfa59f8de13beef845c90a489712357bdbed589cc3a92c3d32329d1762ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1370
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H2 200 / Show response
id.cifraclub.com.br/api/v1/cookies/ 72 B
442 B 673ms
215ms Fetch
text/plain 177.54.152.29
Maxihost LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://id.cifraclub.com.br/api/v1/cookies/
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/id/es-es/client.4a594.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 177.54.152.29 São Paulo, Brazil, ASN262287 (Maxihost LTDA, BR),
Reverse DNS
Software: nginx /
Resource Hash: 0f6b70839543f9ee1ef58b6353dfbc8861293d3af789e435cf4b8e8fca108650

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
server: nginx
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.cifraclub.com
access-control-expose-headers: Date
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Authorization, X-Cluster, Referer
expires: -1

GET
H2 401 sponsor Show response
master.cifraclub.com.br/api/v3/ 0
144 B 297ms
206ms Fetch 177.54.144.22
Maxihost LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://master.cifraclub.com.br/api/v3/sponsor
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/js/d474b.headerbidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 177.54.144.22 São Paulo, Brazil, ASN262287 (Maxihost LTDA, BR),
Reverse DNS: tiradentes.prod.sscdn.co
Software: nginx / CifraClubAPI/0f9cf24d
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.cifraclub.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://www.cifraclub.com
date: Sat, 13 Nov 2021 06:14:20 GMT
access-control-allow-credentials: true
server: nginx
x-powered-by: CifraClubAPI/0f9cf24d
content-length: 0

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 35ms
14ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211113

Requested by

Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/js/d474b.headerbidding.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51e9647a4b998eb6ac2dbaae2f5ab91304026a8ad66c24f70d4f0eb53cf6cb94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cifraclub.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11594
x-jsd-version: 1.0.1159
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19152-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"698-q8lD18XQsNGtajB2OT0hBLkq//Y"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6ad5dbf8ff376957-FRA

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 24 KB
11 KB 139ms
98ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15546&site_id=101124&zone_id=1047728%3B1047730&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.cifraclub.com%2F&tk_flint=pbjs_lite_v4.21.0&x_source.tid=78fd4b85-8b15-445b-bcb8-4e0efec15bb0%3Bff29a1b6-c4ce-40ed-abc9-c64e1a759d2d&p_screen_res=1600x1200&rp_secure=1&slots=2&rand=0.8360552495679652
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/js/d474b.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 0c010c7addf379872a7dcfda9d1f65f8d1156495ce88eb27155a8e3fe20b3842

Request headers

Referer: https://www.cifraclub.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 06:14:20 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.cifraclub.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 9949
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 258 B
1 KB 156ms
120ms XHR
application/json 185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/js/d474b.headerbidding.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

76bc25cb50d7e17848d8f813be27d6537df68e7675dd16c8dc26880d474ebf88

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 06:14:20 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: cca0e6e3-d4fa-45c1-ad44-2f54c2dd9091
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.cifraclub.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 258
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 108ms
68ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694fd01787821c157280f2e5b01fa&pos=cifraclub:728x90:capa:reload&cmd=bid&secure=1
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/js/d474b.headerbidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 055930badf7874089edc0566426f19458edc5b8a0a137552f5a0b62e837c703f

Request headers

Referer: https://www.cifraclub.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cifraclub.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
294 B 103ms
62ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694fd01787821c157280f2e5b01fa&pos=cifraclub:970x90:capa:reload&cmd=bid&secure=1
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/js/d474b.headerbidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: f85077bfa2a9f9bab8fe9fbaad5efd74165ebcbe3f32fb422c7d7b548a482e96

Request headers

Referer: https://www.cifraclub.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cifraclub.com
access-control-allow-credentials: true
content-length: 62

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/276aa/1/www.cifraclub.com/
Redirect Chain

https://ads.us.e-planning.net/hb/1/276aa/1/www.cifraclub.com/ROS?rnd=0.11818408342387321&e=728x90_0%3A728x90%2C970x250%2C970x90%2C970x150%2C1055x250%2B728x90_1%3A728x90%2C970x250%2C970x90%2C970x150...
https://ads.us.e-planning.net/hb/1/276aa/1/www.cifraclub.com/ROS?ct=1&rnd=0.11818408342387321&e=728x90_0%3A728x90%2C970x250%2C970x90%2C970x150%2C1055x250%2B728x90_1%3A728x90%2C970x250%2C970x90%2C97...

1 KB
947 B

176ms
176ms

XHR
application/json

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/276aa/1/www.cifraclub.com/ROS?ct=1&rnd=0.11818408342387321&e=728x90_0%3A728x90%2C970x250%2C970x90%2C970x150%2C1055x250%2B728x90_1%3A728x90%2C970x250%2C970x90%2C970x150%2C1055x250&ur=https%3A%2F%2Fwww.cifraclub.com%2F&r=pbjs&pbv=4.21.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cifraclub.com%2F
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Server: 5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: cca5b1c563e57ca5919f88623b8fd684476a2b74a83f5138ef51d198a6c2bb06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: gzip
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.cifraclub.com
expires: Sat, 13 Nov 2021 06:14:20 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
x-sid: AMS-603

Redirect headers

date: Sat, 13 Nov 2021 06:14:20 GMT
server: openresty
access-control-allow-origin: https://www.cifraclub.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/276aa/1/www.cifraclub.com/ROS?ct=1&rnd=0.11818408342387321&e=728x90_0%3A728x90%2C970x250%2C970x90%2C970x150%2C1055x250%2B728x90_1%3A728x90%2C970x250%2C970x90%2C970x150%2C1055x250&ur=https%3A%2F%2Fwww.cifraclub.com%2F&r=pbjs&pbv=4.21.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cifraclub.com%2F
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-603

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 18 KB
6 KB 166ms
104ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/js/d474b.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 210fc56d486da54979814f840551eb24c6aa485aa28bab01010efd4d637501ac

Request headers

Referer: https://www.cifraclub.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b20%3b66
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.cifraclub.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
570 B 163ms
100ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/js/d474b.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer: https://www.cifraclub.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b23%3b101
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.cifraclub.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 92 KB
36 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-P6C6QNR&t=gtag_UA_446764_81&cid=1872078260.1636784060

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91d6e0ff7543c949708c5bc62d02309bb1ab65b5e2919dd6b8ca2c7c75ad59be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 36226
x-xss-protection: 0
expires: Sat, 13 Nov 2021 06:14:20 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 49ms
28ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-391658277&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

7f0690cc7aa3e0a4f7ad0894766c1db5c291fb1d4840bfe4ab91cb393b77a608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 14377
x-xss-protection: 0
server: cafe
etag: 16570183496300854077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 06:14:20 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 33ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=366825497022071&ev=fb_page_view&dl=https%3A%2F%2Fwww.cifraclub.com%2F&rl=&if=false&ts=1636784060355&sw=1600&sh=1200&at=

Requested by

Host: www.cifraclub.com
URL: https://www.cifraclub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sat, 13 Nov 2021 06:14:20 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/391658277/ 2 KB
2 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/391658277/?random=1636784060396&cv=9&fst=1636784060396&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cifraclub.com%2F&tiba=Cifra%20Club%20-%20Tu%20sitio%20web%20de%20cifrados%20y%20tablaturas&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

088ab1707f3ca311e115c52baa1865c7152f08e536a84ff7d1dca4801436142c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: clear
content-length: 1050
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/376007190/ 2 KB
1 KB 39ms
18ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/376007190/?random=1636784060399&cv=9&fst=1636784060399&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cifraclub.com%2F&tiba=Cifra%20Club%20-%20Tu%20sitio%20web%20de%20cifrados%20y%20tablaturas&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c35297a910f397f59fb1464703f600432a7f323721a2e83baa417960e3ec89f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: clear
content-length: 1047
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/391658277/ 42 B
423 B 42ms
17ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/391658277/?random=1636784060396&cv=9&fst=1636783200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cifraclub.com%2F&tiba=Cifra%20Club%20-%20Tu%20sitio%20web%20de%20cifrados%20y%20tablaturas&async=1&fmt=3&is_vtc=1&random=2316247559&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.cifraclub.com
URL: https://www.cifraclub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/391658277/ 42 B
423 B 41ms
17ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/391658277/?random=1636784060396&cv=9&fst=1636783200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cifraclub.com%2F&tiba=Cifra%20Club%20-%20Tu%20sitio%20web%20de%20cifrados%20y%20tablaturas&async=1&fmt=3&is_vtc=1&random=2316247559&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.cifraclub.com
URL: https://www.cifraclub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/376007190/ 42 B
108 B 62ms
38ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/376007190/?random=1636784060399&cv=9&fst=1636783200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cifraclub.com%2F&tiba=Cifra%20Club%20-%20Tu%20sitio%20web%20de%20cifrados%20y%20tablaturas&async=1&fmt=3&is_vtc=1&random=902715391&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.cifraclub.com
URL: https://www.cifraclub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/376007190/ 42 B
108 B 41ms
18ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/376007190/?random=1636784060399&cv=9&fst=1636783200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cifraclub.com%2F&tiba=Cifra%20Club%20-%20Tu%20sitio%20web%20de%20cifrados%20y%20tablaturas&async=1&fmt=3&is_vtc=1&random=902715391&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.cifraclub.com
URL: https://www.cifraclub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
424 B 37ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cifraclub.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
424 B 40ms
17ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cifraclub.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 271ms
271ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=10615413543698&correlator=396337111695156&output=ldjh&impl=fifs&eid=31063711%2C31063719%2C44752540&vrg=2021111001&ptt=17&sc=1&sfv=1-0-38&ecs=20211113&iu_parts=3697496%2Ccifraclub%3A728x90%3Acapa%3Areload%2Ccifraclub%3A970x90%3Acapa%3Areload%2Ccifraclub%3AfloatingAds%2Ccifraclub%3Abg%2Ccifraclub%3Ainterstitial%2Ccifraclub%3AcustomAds&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=728x90%7C970x90%7C970x150%7C970x250%7C1055x250%2C728x90%7C970x90%7C970x150%7C970x250%7C1055x250%2C1x1%2C1x1%2C1x1%2C1x1&fsfs=1%2C1%2C0%2C0%2C0%2C0&fsbs=1%2C1%2C1%2C1%2C1%2C1&ists=15&prev_scp=hb_format_smartadser%3Dbanner%26hb_source_smartadser%3Dclient%26hb_size_smartadserve%3D728x90%26hb_pb_smartadserver%3D64.00%26hb_adid_smartadserve%3D195ff46aceb9f3a%26hb_bidder_smartadser%3Dsmartadserver%26hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.13%26hb_adid_rubicon%3D1717dc52b6ab669%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D64.00%26hb_adid%3D195ff46aceb9f3a%26hb_bidder%3Dsmartadserver%7Chb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D970x250%26hb_pb_rubicon%3D0.78%26hb_adid_rubicon%3D16c265f39722a26%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x250%26hb_pb%3D0.78%26hb_adid%3D16c265f39722a26%26hb_bidder%3Drubicon%7C%7C%7C%7C&eri=1&cust_params=reload%3D0%26page_visibility%3D1%26viewport_height%3D1200%26viewport_width%3D1600%26connection%3D4g%26page%3Dhome%26idioma%3Des&cookie_enabled=1&bc=31&abxe=1&lmt=1636784060&dt=1636784060562&dlt=1636784059935&idt=376&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C436%2C0%2C0%2C0%2C0&adys=657%2C2438%2C1200%2C1200%2C1200%2C1200&adks=997520633%2C1256583580%2C3836274097%2C2615809906%2C1887028470%2C2750821183&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cifraclub.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1295x0%7C1295x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=728x0%7C728x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1872078260.1636784060&ga_sid=1636784061&ga_hid=155950453&ga_fc=true&fws=0%2C0%2C512%2C512%2C512%2C512&ohw=0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C1%7C2%7C3%7C4%7C5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f7ea83889ad14b01ee22077e29d32c65409dd8322ac170984794148b9cdc4306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 8524
x-xss-protection: 0
google-lineitem-id: 5512769949,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138327693457,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 56CF 6 KB
3 KB 76ms
14ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 13 Nov 2021 06:14:20 GMT
expires: Sun, 13 Nov 2022 06:14:20 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: clear

GET
H2 200 container.html Show response
527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 67D5 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 13 Nov 2021 06:14:20 GMT
expires: Sun, 13 Nov 2022 06:14:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: clear

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 67D5 22 KB
7 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 09:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76452
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 12 Nov 2022 09:00:08 GMT

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 67D5 26 KB
9 KB 30ms
15ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c2210f87e564b9f117ad40e2cb2f666828d11dbb947bc4304e368b9d5e247ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 34014
x-jsd-version: 1.12.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19169-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"682b-PM7TIXX2mG/XvjIIwb9PtOhKkw4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6ad5dbfc999b4dc4-FRA

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 67D5 119 KB
37 KB 675ms
660ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Nov 2021 06:14:21 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 67D5 0
0 30ms
29ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstr5tIIJCoQm2ETF9Y7JXyO_7LYXCaSIH1V_UP3KwOkCCZSQ76p78JLW13acLUKKRIRjnXcaugGSRgs3L5Nfwr066FuznToLEVl7oAgBybyF8z_2wDNABRLB8fESSR3d9gsC41247RKHV1qtnDKsLn7B_cLK8v16hiOwyyVL5IhGbZiwJagkz8wCF6iGOAKpJqMq40uNcq0uIOZjwPBSA6rNChpZ0M_rr1lXNkw6Wv3BcdmXIewC_7VElrEItLYOT3rIgZ5WlD86mQX6Jr1m4O2Rr50roqyI65DHpRGMGuAb1otZyiSXMxcGgd3OyvHmsXaD3wfn91WAldmtriy&sig=Cg0ArKJSzFDofvzGflL0EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 06:14:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3154
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

281 B
554 B

53ms
7ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40334-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Nov 2021 06:14:21 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Date: Sat, 13 Nov 2021 06:14:20 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame A4B8 31 KB
11 KB 61ms
9ms Script
application/x-javascript 2a02:26f0:1700:10::1737:a305
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:10::1737:a305 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 62ebdd655eb7d82324ded1127e184b1f4a65132a2b4f5ba0e113d3b65cc47b61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 06:14:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Oct 2021 08:07:40 GMT
Server: AkamaiNetStorage
ETag: "0d7189fa1121540662ae60c7b7896c2f:1634717897.994352"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10406

GET
H2 200 client Show response
accounts.google.com/gsi/ 182 KB
73 KB 324ms
303ms Script
application/javascript 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/id/es-es/client.4a594.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

43462e6543c198c2624596dabf4c0dcb86148b44dfd6aae92b28396b4808d6f5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-K/qqg9PUMPREoJ7/mbbd6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
content-security-policy: script-src 'report-sample' 'nonce-K/qqg9PUMPREoJ7/mbbd6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"
expires: Sat, 13 Nov 2021 06:14:21 GMT

GET
H2 200 / Show response
id.cifraclub.com.br/api/v1/check/cookies/ 50 B
137 B 215ms
214ms Script
text/plain 177.54.152.29
Maxihost LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://id.cifraclub.com.br/api/v1/check/cookies/?callback=jsonp_1636784060943_78206
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/id/es-es/client.4a594.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 177.54.152.29 São Paulo, Brazil, ASN262287 (Maxihost LTDA, BR),
Reverse DNS
Software: nginx /
Resource Hash: 47ba98583fd2ec1fea9c7b276da4b608b7174b6531349c44557fca1bc5b75946

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:21 GMT
content-encoding: br
server: nginx
content-type: text/plain; charset=utf-8

GET
H2 200 Roboto-Medium.woff2
studiosol-a.akamaihd.net/gcs/studiosol-marketing/fonts/roboto/ 65 KB
66 KB 13ms
13ms Font
application/octet-stream 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://studiosol-a.akamaihd.net/gcs/studiosol-marketing/fonts/roboto/Roboto-Medium.woff2
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/id/2bc80.client.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 998b049e731114e2fa35d65f23fc6e6e153249a4ef328912e3c7c49546e2d207

Request headers

Referer: https://studiosol-a.akamaihd.net/id/2bc80.client.css
Origin: https://www.cifraclub.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:20 GMT
last-modified: Thu, 10 Sep 2020 19:32:10 GMT
server: nginx
etag: "5f5a7f3a-104e8"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 66792
expires: Sun, 13 Nov 2022 06:14:20 GMT

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame 2873 531 B
880 B 88ms
7ms Document
text/html 2a02:26f0:1700:10::1737:a305
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22306914992894826582%22%2c%22adomain%22%3a%22cisco.com%22%2c%22page%22%3a%22886941%22%2c%22format%22%3a%2269251%22%2c%22crid%22%3a%2218b6avuw%22%2c%22dsp%22%3a%2275%22%2c%22buyer%22%3a%2277167%22%2c%22cid%22%3a%22on5b0tw%22%2c%22adid%22%3a%22%22%2c%22hash%22%3a%22-4850650077698272977%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:10::1737:a305 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/

Response headers

Accept-Ranges: bytes
Content-Type: text/html
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage
Content-Length: 531
Cache-Control: max-age=3600
Expires: Sat, 13 Nov 2021 07:14:21 GMT
Date: Sat, 13 Nov 2021 06:14:21 GMT
Connection: keep-alive

GET
H2 200 dcmads.js Show response
fw.adsafeprotected.com/rjss/www.googletagservices.com/794060/56592879/dcm/ Frame C434 229 KB
76 KB 143ms
53ms Script
application/javascript 34.250.206.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/www.googletagservices.com/794060/56592879/dcm/dcmads.js
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.206.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-206-93.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c69435fcba942007ec9cedfdf08ca71a69549016924283e651297a9af5d5328c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:21 GMT
content-encoding: gzip
x-server-name: app03.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 ca Show response
choices.truste.com/ Frame C434 27 KB
9 KB 47ms
8ms Script
text/javascript 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=on5b0tw_mdra1xd_18b6avuw&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: fef13545aa4e3bf521c736d0aecd1accd5d22efe97668192a14e6a284e7d51d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 16:05:30 GMT
content-encoding: gzip
server: nginx
age: 50931
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 2dMg1T-iikSHS4KAkNsu_hm8uaD1hSvsZKAt_d6yHkMXK5Kx0mlvvA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK aip
itx5.smartadserver.com/h/ Frame C434 43 B
270 B 57ms
17ms Image
image/gif 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itx5.smartadserver.com/h/aip?uii=306914992894832152&tmstp=4999571715&ckid=0&pubid=20&systgt=%24qc%3d1313506140%3b%24ql%3dUnknown%3b%24qpc%3d76726%3b%24qt%3d25_1767_24818t%3b%24dma%3d0%3b%24b%3d16950%3b%24o%3d11100%3b%24wpc%3d8%3b%24wpc%3d176%3b%24wpc%3d5147%3b%24wpc%3d5148%3b%24wpc%3d5149%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d1273%3b%24wpc%3d1898%3b%24wpc%3d1904%3b%24wpc%3d1906%3b%24wpc%3d1916%3b%24wpc%3d5185&acd=1636784060374&envtype=0&opid=e0e789b0-693e-4700-993d-0823d918c857&opdt=1636784060374&siteid=201941&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=16&imptype=0&pgDomain=https%3a%2f%2fwww.cifraclub.com%2f&capp=0&mcrdbt=0&insid=8310258&imgid=0&pgid=886941&fmtid=69251&isLazy=0&rtb=1&rtbnid=2978&rtbbid=306914992894826582&rtbh=af7bb7a6599e41377aebc4cd2b9099b4485430b8&rtblt=637723808603836001&rtbet=0&rtbptnid=75&cftgid=8b23a2918600
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:20 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK smartadserver
ie1-bid.adsrvr.org/bid/feedback/ Frame C434 807 B
1 KB 102ms
32ms Image
image/gif 52.223.4.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ie1-bid.adsrvr.org/bid/feedback/smartadserver?t=1&iid=217da785-a405-4815-af60-557e41f1deff&crid=18b6avuw&wp=15&aid=df43ee9c-3106-470c-94f3-c8429644c0af&wpc=USD&sfe=13c6d7bc&puid=&tdid=00000000-0000-0000-0000-000000000000&pid=4yphk0c&ag=mdra1xd&adv=v8s96ws&sig=1mKNXSNmyFcP8F4qObNrCj6-Dy2TONA9AGWQXSOujvE4.&bp=15&cf=2702944&fq=0&td_s=www.cifraclub.com&rcats=&mcat=integral-220000&mste=&mfld=4&mssi=None&mfsi=yu9tuyw2u5&uhow=151&agsa=&rgz=60313&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=de&mlang=&svpid=2978&did=&rcxt=Other&lat=50.110000&lon=8.680000&tmpc=2.35&daid=&vp=0&osi=&osv=&mk=Google&mdl=Chrome%20-%20Windows&c=CgdHZXJtYW55EgVIZXNzZRoAIhFGcmFua2Z1cnQgYW0gTWFpbjgBUAGAAQCIAQGQAQA.&dur=CjUKHGNoYXJnZS1hbGxJbnRlZ3JhbENvbnRleHR1YWwiFQj6__________8BEghpbnRlZ3JhbAo2Ch1jaGFyZ2UtYWxsSW50ZWdyYWxCcmFuZFNhZmV0eSIVCPn__________wESCGludGVncmFsCjYKHWNoYXJnZS1hbGxJbnRlZ3JhbFZpZXdhYmlsaXR5IhUI-P__________ARIIaW50ZWdyYWwKTwodY2hhcmdlLW1heEdyYXBlc2hvdENhdGVnb3JpZXMiFgj3__________8BEglncmFwZXNob3QiFgis__________8BEglncmFwZXNob3QKPQokY2hhcmdlLWFsbEludGVncmFsU3VzcGljaW91c0FjdGl2aXR5IhUI9f__________ARIIaW50ZWdyYWwKPQojY2hhcmdlLWFsbEdyYXBlc2hvdFByZWRpY3RzQ2F0ZWdvcnkiFgjo__________8BEglncmFwZXNob3QKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..&durs=nMyMQ0&crrelr=&ipl=ODg2OTQxIDY5MjUx&grdc=CAE.&vc=3&said=306914992894826582&ict=Unknown&auct=1&im=1&mc=9df97d30-c10e-47ff-86ff-25786f6ed425
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.223.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac9557e2e67bd8033.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:20 GMT
server: Kestrel
transfer-encoding: chunked
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control: must-revalidate, no-cache
connection: close
content-type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3154 32 KB
10 KB 8ms
8ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 24cfa815e675621b16b7e1c89c0db7d3ff93eab7f758f2c885f478ae9e8a992f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 06:14:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=71794
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9510
Expires: Sun, 14 Nov 2021 02:10:55 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 3154 0
239 B 65ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 3154 70 B
265 B 108ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 3154
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/AWs43okqdNZCgYI0mwTDag?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1062711136526384691

0
239 B

7ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1062711136526384691
Requested by: Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

date: Sat, 13 Nov 2021 06:14:21 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1062711136526384691
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 3154
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ec91618f-57bd-4400-b4ce-227c69dceede

0
239 B

29ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ec91618f-57bd-4400-b4ce-227c69dceede
Requested by: Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

Date: Sat, 13 Nov 2021 06:14:21 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x26 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ec91618f-57bd-4400-b4ce-227c69dceede
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 13 Nov 2021 06:14:20 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3154
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZYRVlWVUYtOC1LQVg0

170 B
377 B

64ms
16ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZYRVlWVUYtOC1LQVg0

Requested by

Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZYRVlWVUYtOC1LQVg0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 3154
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YY9XvQAEKbfgaABR
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YY9XvQAEKbfgaABR&_test=YY9XvQAEKbfgaABR

0
239 B

8ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YY9XvQAEKbfgaABR&_test=YY9XvQAEKbfgaABR
Requested by: Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:21 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1636784061.281071,VS0,VE0
x-served-by: cache-fra19148-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YY9XvQAEKbfgaABR&_test=YY9XvQAEKbfgaABR
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 3154
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVXEYVUF-8-KAX4&sigv=1&esig=2~cede0182b17f45ea07966b955e196da6007291fa

0
445 B

36ms
7ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVXEYVUF-8-KAX4&sigv=1&esig=2~cede0182b17f45ea07966b955e196da6007291fa

Requested by

Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:21 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVXEYVUF-8-KAX4&sigv=1&esig=2~cede0182b17f45ea07966b955e196da6007291fa
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3154
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjFlMjg0MGI2NzFmNjhjMzY0NGFlMzlmZmIyNzFkMTkwNTg3MGJhNw

170 B
232 B

65ms
17ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjFlMjg0MGI2NzFmNjhjMzY0NGFlMzlmZmIyNzFkMTkwNTg3MGJhNw

Requested by

Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjFlMjg0MGI2NzFmNjhjMzY0NGFlMzlmZmIyNzFkMTkwNTg3MGJhNw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 3154 0
0 37ms
14ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2

200

dcmads.js Show response
www.googletagservices.com/dcm/ Frame C434
Redirect Chain

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/794060/56592879/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fwww.cifraclub.com&adsafe_type=g&adsafe_url=https%3A%2F%2F527f4bb0537883ecfd7a6504...
https://www.googletagservices.com/dcm/dcmads.js

9 KB
5 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4451
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 15:55:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 13 Nov 2021 07:01:04 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:21 GMT
x-server-name: app16.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://www.googletagservices.com/dcm/dcmads.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 085F 80 KB
21 KB 57ms
9ms Script
application/javascript 2600:9000:2156:ae00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ae00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 08:08:31 GMT
content-encoding: gzip
age: 3708351
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: ReKx9V-M-W-A4XujNeldr7OFv_oJ2chRNBRIEAeiPsdbir4mSems-g==

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame C434 43 B
301 B 315ms
101ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=794060&asId=9f3459a3-26ae-322e-46ce-b8aa523f6037&tv=%7Bc:tPekEG,pingTime:-3,time:40,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:40,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B32~0%5D,as:%5B32~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sOCD7cS+11%7C1211%7C1212*.794060-56592879%7C12121%7C13,idMap:1212*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 06:14:21 GMT
X-Server-Name: dt45.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame C434 43 B
301 B 313ms
100ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=794060&asId=9f3459a3-26ae-322e-46ce-b8aa523f6037&tv=%7Bc:tPekEH,pingTime:-6,time:41,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:41,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B33~0%5D,as:%5B33~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sOCD7cS+11%7C1211%7C1212*.794060-56592879%7C12121%7C13,idMap:1212*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:www.cifraclub.com*%2C527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com*%2C527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com*&br=c
Requested by: Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 06:14:21 GMT
X-Server-Name: dt02.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame C434 43 B
301 B 313ms
101ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=794060&asId=9f3459a3-26ae-322e-46ce-b8aa523f6037&tv=%7Bc:tPekEK,pingTime:-2,time:44,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:8,mdZ:182,beA:212,beZ:214,mfA:216,cmA:218,inA:218,inZ:222,prA:222,prZ:227,si:231,poA:232,poZ:248,cmZ:248,mfZ:248,loA:253,loZ:254,ltA:256,ltZ:256%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:44,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B36~0%5D,as:%5B36~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sOCD7cS+11%7C1211%7C1212*.794060-56592879%7C12121%7C13,idMap:1212*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,sinceFw:24,readyFired:false%7D&br=c
Requested by: Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 06:14:21 GMT
X-Server-Name: dt50.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame C434 41 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/794060/56592879/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fwww.cifraclub.com&adsafe_type=g&adsafe_url=https%3A%2F%2F527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=bd&adsafe_jsinfo=,id:9f3459a3-26ae-322e-46ce-b8aa523f6037,c:tPekEl,sl:outOfView,em:true,fr:false,thd:1,mn:app03ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:4,fm:sOCD7cS+11%7C1211%7C1212*.794060-56592879%7C12121%7C13,idMap:1212*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:19,oid:f0e05360-4448-11ec-b293-0a6fa201f3de,v:19.8.267,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 20:08:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 16:55:49 GMT

GET
H2 200 B26267104.310923431;dc_ver=81.235;sz=728x90;u_sd=1;dc_adk=2209108882;ord=mm9n7t;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D217da785-a405-4815-af60-557e41f1deff%26ag%3Dmdra1xd%26sfe... Show response
ad.doubleclick.net/ddm/adj/N7442.274641IDG/ Frame C434 62 KB
26 KB 74ms
38ms Script
text/javascript 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7442.274641IDG/B26267104.310923431;dc_ver=81.235;sz=728x90;u_sd=1;dc_adk=2209108882;ord=mm9n7t;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D217da785-a405-4815-af60-557e41f1deff%26ag%3Dmdra1xd%26sfe%3D13c6d7bc%26sig%3D-6hkltx9k1FPZ1DZnLD9Sv1ZqMwy2I86_3WE9L-YUGg.%26crid%3D18b6avuw%26cf%3D2702944%26fq%3D0%26t%3D1%26td_s%3Dwww.cifraclub.com%26rcats%3D%26mcat%3Dintegral-220000%26mste%3D%26mfld%3D4%26mssi%3DNone%26mfsi%3Dyu9tuyw2u5%26sv%3Dsmartadserver%26uhow%3D151%26agsa%3D%26wp%3D15%26rgz%3D60313%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D2978%26rlangs%3Dde%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D2.35%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EgVIZXNzZRoAIhFGcmFua2Z1cnQgYW0gTWFpbjgBUAGAAQCIAQGQAQA.%26dur%3DCjUKHGNoYXJnZS1hbGxJbnRlZ3JhbENvbnRleHR1YWwiFQj6__________8BEghpbnRlZ3JhbAo2Ch1jaGFyZ2UtYWxsSW50ZWdyYWxCcmFuZFNhZmV0eSIVCPn__________wESCGludGVncmFsCjYKHWNoYXJnZS1hbGxJbnRlZ3JhbFZpZXdhYmlsaXR5IhUI-P__________ARIIaW50ZWdyYWwKTwodY2hhcmdlLW1heEdyYXBlc2hvdENhdGVnb3JpZXMiFgj3__________8BEglncmFwZXNob3QiFgis__________8BEglncmFwZXNob3QKPQokY2hhcmdlLWFsbEludGVncmFsU3VzcGljaW91c0FjdGl2aXR5IhUI9f__________ARIIaW50ZWdyYWwKPQojY2hhcmdlLWFsbEdyYXBlc2hvdFByZWRpY3RzQ2F0ZWdvcnkiFgjo__________8BEglncmFwZXNob3QKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DnMyMQ0%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3DODg2OTQxIDY5MjUx%26ict%3DUnknown%26said%3D306914992894826582%26auct%3D1%26grdc%3DCAE.%26r%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=3,https%3A%2F%2Fwww.cifraclub.com%2F$0;xdt=1;crlt=mgZFsSuzk4;sttr=18;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f6.1e100.net

Software

cafe /

Resource Hash

2f4477d365125ab8f44bb1c9908932ed5e5a77be77ee227022112de0e04f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: clear
content-length: 25763
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame C434 43 B
301 B 265ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=794060&asId=9f3459a3-26ae-322e-46ce-b8aa523f6037&tv=%7Bc:tPekFM,time:108,type:e,im:%7Bimprf:%7Bttecl:273,ecd:7,tsecr:5%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:108,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B100~0%5D,as:%5B100~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sOCD7cS+11%7C1211%7C1212*.794060-56592879%7C12121%7C13,idMap:1212*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 06:14:21 GMT
X-Server-Name: dt53.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
184 B 13ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=155950453&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cifraclub.com%2F&ul=en-us&de=UTF-8&dt=Cifra%20Club%20-%20Tu%20sitio%20web%20de%20cifrados%20y%20tablaturas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUADQAAAAC~&jid=427678722&gjid=882657940&cid=1872078260.1636784060&tid=UA-54936151-1&_gid=1552119181.1636784060&_r=1&_slc=1&cd1=diversao&cd2=musica&cd3=cifraclub&cd4=contenido_digital&cd9=alianza&z=158064263

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cifraclub.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cifraclub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 33ms
9ms Script
application/javascript 143.204.98.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/metrics/js/br/contentpar.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-86.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 03:38:18 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 9372
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: SE2o0paReJevTy9lz_t0l-ENEdlu9TBLzPyuIlaK6AeXt83gEgzmeA==

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 263 KB
24 KB 38ms
7ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-10969-0/CT-411
Requested by: Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/metrics/js/br/contentpar.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: a66e9526c9030932376432303a07a4965edf912547a8291cf7ba3190c105473f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 04:25:32 GMT
content-encoding: gzip
age: 6529
x-guploader-uploadid: ADPycduJzkAlEmUAvQLoTd05giRQ2oW0iaAoguH26xCgVoxAqdzKqzQIanwsVYriUGO6hCSq5yHBAMJUQutSqyWhkKc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 24197
last-modified: Wed, 06 Oct 2021 18:03:33 GMT
server: nginx/1.8.1
etag: "8c55ec5c1338e792075f5ef9f50a8720"
vary: Accept-Encoding
x-goog-hash: md5=jFXsXBM455IHX1759QqHIA==
x-goog-generation: 1633543413658569
via: 1.1 google
cache-control: max-age=7200,public
x-goog-stored-content-length: 24197
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 13 Nov 2021 06:25:32 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
319 B 43ms
14ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54936151-1&cid=1872078260.1636784060&jid=427678722&gjid=882657940&_gid=1552119181.1636784060&_u=aGDAAUACQAAAAC~&z=1481449451

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cifraclub.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 13 Nov 2021 06:14:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.cifraclub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3000033&ns__t=1636784061381&ns_c=UTF-8&cv=3.5&c8=Cifra%20Club%20-%20Tu%20sitio%20web%20de%20cifrados%20y%20tablaturas&c7=https%3A%2F%2Fwww.cifraclub.com%2...
https://sb.scorecardresearch.com/b2?c1=2&c2=3000033&ns__t=1636784061381&ns_c=UTF-8&cv=3.5&c8=Cifra%20Club%20-%20Tu%20sitio%20web%20de%20cifrados%20y%20tablaturas&c7=https%3A%2F%2Fwww.cifraclub.com%...

64 B
330 B

9ms
9ms

Image
image/gif

143.204.98.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3000033&ns__t=1636784061381&ns_c=UTF-8&cv=3.5&c8=Cifra%20Club%20-%20Tu%20sitio%20web%20de%20cifrados%20y%20tablaturas&c7=https%3A%2F%2Fwww.cifraclub.com%2F&c9=
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Server: 143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-86.fra50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:21 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: aS_8H35ZQQlngIhbxT9i3FXN3M0-ZIubrs1_qbKLl0oiFfHY3FB_6g==

Redirect headers

date: Sat, 13 Nov 2021 06:14:21 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=3000033&ns__t=1636784061381&ns_c=UTF-8&cv=3.5&c8=Cifra%20Club%20-%20Tu%20sitio%20web%20de%20cifrados%20y%20tablaturas&c7=https%3A%2F%2Fwww.cifraclub.com%2F&c9=
content-length: 225
x-amz-cf-id: Tsdjv7YcniYj4FXeZGdDRBwcZC1sEi5iqOQpdWIg7KmiKvLnoIuSNA==

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame C434 106 KB
37 KB 56ms
6ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.cifraclub.com
URL: https://www.cifraclub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
Origin: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 16:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47910
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Nov 2021 16:55:51 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame C434 8 KB
3 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.274641IDG/B26267104.310923431;dc_ver=81.235;sz=728x90;u_sd=1;dc_adk=2209108882;ord=mm9n7t;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D217da785-a405-4815-af60-557e41f1deff%26ag%3Dmdra1xd%26sfe%3D13c6d7bc%26sig%3D-6hkltx9k1FPZ1DZnLD9Sv1ZqMwy2I86_3WE9L-YUGg.%26crid%3D18b6avuw%26cf%3D2702944%26fq%3D0%26t%3D1%26td_s%3Dwww.cifraclub.com%26rcats%3D%26mcat%3Dintegral-220000%26mste%3D%26mfld%3D4%26mssi%3DNone%26mfsi%3Dyu9tuyw2u5%26sv%3Dsmartadserver%26uhow%3D151%26agsa%3D%26wp%3D15%26rgz%3D60313%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D2978%26rlangs%3Dde%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D2.35%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EgVIZXNzZRoAIhFGcmFua2Z1cnQgYW0gTWFpbjgBUAGAAQCIAQGQAQA.%26dur%3DCjUKHGNoYXJnZS1hbGxJbnRlZ3JhbENvbnRleHR1YWwiFQj6__________8BEghpbnRlZ3JhbAo2Ch1jaGFyZ2UtYWxsSW50ZWdyYWxCcmFuZFNhZmV0eSIVCPn__________wESCGludGVncmFsCjYKHWNoYXJnZS1hbGxJbnRlZ3JhbFZpZXdhYmlsaXR5IhUI-P__________ARIIaW50ZWdyYWwKTwodY2hhcmdlLW1heEdyYXBlc2hvdENhdGVnb3JpZXMiFgj3__________8BEglncmFwZXNob3QiFgis__________8BEglncmFwZXNob3QKPQokY2hhcmdlLWFsbEludGVncmFsU3VzcGljaW91c0FjdGl2aXR5IhUI9f__________ARIIaW50ZWdyYWwKPQojY2hhcmdlLWFsbEdyYXBlc2hvdFByZWRpY3RzQ2F0ZWdvcnkiFgjo__________8BEglncmFwZXNob3QKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DnMyMQ0%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3DODg2OTQxIDY5MjUx%26ict%3DUnknown%26said%3D306914992894826582%26auct%3D1%26grdc%3DCAE.%26r%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=3,https%3A%2F%2Fwww.cifraclub.com%2F$0;xdt=1;crlt=mgZFsSuzk4;sttr=18;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 05:57:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1032
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 05:57:09 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C434 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.cifraclub.com
URL: https://www.cifraclub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93390
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 12 Nov 2022 04:17:51 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FC86 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 10 Nov 2021 14:17:34 GMT
expires: Thu, 10 Nov 2022 14:17:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 230207
alt-svc: clear

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54936151-1&cid=1872078260.1636784060&jid=427678722&_u=aGDAAUACQAAAAC~&z=1649037852

Requested by

Host: www.cifraclub.com
URL: https://www.cifraclub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 24ms
23ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54936151-1&cid=1872078260.1636784060&jid=427678722&_u=aGDAAUACQAAAAC~&z=1649037852

Requested by

Host: www.cifraclub.com
URL: https://www.cifraclub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame FC86 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 16:57:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Nov 2022 16:57:06 GMT

GET
H2 200 style
accounts.google.com/gsi/ 658 B
665 B 45ms
45ms Stylesheet
text/css 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.C6ednk1U05I.O/am=chE/d=1/rs=AF0KOtUsoDfmqz30ATltkTjQMlyMRZ1yug/m=gis_client_library

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

735896fb65aadc7751e4ce6bcd629f399f4f974cc9e36bab715e2a4536238609

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-enS2YBMd4VtRNzSdte/X4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: clear
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-enS2YBMd4VtRNzSdte/X4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"
expires: Sat, 13 Nov 2021 06:14:21 GMT

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
496 B 218ms
217ms XHR
application/json 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=1030638109871-ffp7d0aeu1q12ufr2d7teht7av9i6ufq.apps.googleusercontent.com&as=6vKw%2BDuiJUD1nMX%2B10yHtg

Requested by

Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.C6ednk1U05I.O/am=chE/d=1/rs=AF0KOtUsoDfmqz30ATltkTjQMlyMRZ1yug/m=gis_client_library

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8edc5f5bcca05c6f4a78daf2f0a285f3a04908e6ef4c3ae7c6283f353beaa12

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0SHXZWHm6asLTE0yIykLUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods: GET
alt-svc: clear
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cifraclub.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-0SHXZWHm6asLTE0yIykLUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mmi-zip.js Show response
tags.mmi360.net/ Frame C434 5 KB
5 KB 506ms
443ms Script
application/javascript 2600:9000:2156:b400:19:72bf:4340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mmi360.net/mmi-zip.js?cust=Cisco&type=js&plat=CM360&mode=ivt-blk&advid=5809340&siteid=4433659&cmpnid=26267104&pcmtid=310923431&crtvid=157219731&rndnum=3232588560&site=N7442.274641IDG&adid=503571845&aucid=&exchid=&sellid=
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:b400:19:72bf:4340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8ea95fa2eeaae1adb90212ad254536a1b7a1b59ee601b7187ff5c9ffc41d75d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:22 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
last-modified: Sat, 26 Jun 2021 08:12:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "9e4abdb289fe6c51f7aaafb89013805b"
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5027
x-amz-cf-id: 5baZIO2MmWCk55d2pLDVtj0s7P1B2uMXNTx5OraQHYt40yt9vKsI_w==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C434 119 KB
36 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Nov 2021 06:14:21 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/5809340/1630577257528/DE-DEU_XA-02_0_728x90_BAN-S_HTML5_TOFU-no-Cross-Architecture-Visibility-ConnectedITInsights-PHOTO-wCTA-CIO_otroth025343_50/ Frame 61EA 4 KB
2 KB 26ms
7ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/5809340/1630577257528/DE-DEU_XA-02_0_728x90_BAN-S_HTML5_TOFU-no-Cross-Architecture-Visibility-ConnectedITInsights-PHOTO-wCTA-CIO_otroth025343_50/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdbb89b42e298a47214f0e32c0496284d6360a967f9b71bda4f161ee9889dc2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 1675
date: Fri, 12 Nov 2021 19:25:08 GMT
expires: Sat, 13 Nov 2021 19:25:08 GMT
last-modified: Thu, 02 Sep 2021 10:07:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 38953
cache-control: public, max-age=86400
alt-svc: clear

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C434 0
399 B 79ms
43ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuTFW-LvrNGwc_r7kpJQqbEVbYH7amJlpXtr0f1_ufvF8MOg7kgay-KX6YUCcKro5J2raPEGSdb_7SNmdtd6zBULuw93ucTsRgIXysn36a-ZkBdKcmdsudXeTmbZq3Gy_ewIEK1qMTeejqt27Byo8NFoSP4ZmNSHF1nSWYQtecMePU4OSoQ&sig=Cg0ArKJSzBGfeke8kzkXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=93&cbvp=1&cstd=90&cisv=r20211109.10804&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.cifraclub.com
URL: https://www.cifraclub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 06:14:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 i
cdn.bizibly.com/ Frame C434 43 B
345 B 63ms
6ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/i?v=5809340&a=503571845&c=157219731&s=4433659&p=310923431&m=0&n=3232588560
Requested by: Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:21 GMT
last-modified: Thu, 11 Nov 2021 23:58:45 GMT
server: ECS (frb/674C)
age: 108936
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 /
events.mmi360.net/ Frame C434 68 B
135 B 387ms
174ms Image
image/jpeg 3.137.111.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.mmi360.net/?cust=Cisco&type=img&plat=CM360&advid=5809340&siteid=4433659&cmpnid=26267104&pcmtid=310923431&crtvid=157219731&rndnum=3232588560&site=N7442.274641IDG&adid=503571845&aucid=&exchid=&sellid=
Requested by: Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.137.111.143 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-137-111-143.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:21 GMT
server: awselb/2.0
content-length: 68
content-type: image/jpeg

GET img;adv=11002245653149;ec=11002245685555;adv.a=5809340;c.a=26267104;s.a=4433659;p.a=310923431;a.a=503571845;cache=3232588560;
ad.atdmt.com/i/ Frame C434 0
0

GET
H2 200 bkg.jpg
s0.2mdn.net/5809340/1630577257528/DE-DEU_XA-02_0_728x90_BAN-S_HTML5_TOFU-no-Cross-Architecture-Visibility-ConnectedITInsights-PHOTO-wCTA-CIO_otroth025343_50/ Frame 61EA 6 KB
6 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/5809340/1630577257528/DE-DEU_XA-02_0_728x90_BAN-S_HTML5_TOFU-no-Cross-Architecture-Visibility-ConnectedITInsights-PHOTO-wCTA-CIO_otroth025343_50/bkg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/5809340/1630577257528/DE-DEU_XA-02_0_728x90_BAN-S_HTML5_TOFU-no-Cross-Architecture-Visibility-ConnectedITInsights-PHOTO-wCTA-CIO_otroth025343_50/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfdb2bb924f18d7a1b89f45c9d633b1318f548d4edbc0256cbc66e42c2963643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5809340/1630577257528/DE-DEU_XA-02_0_728x90_BAN-S_HTML5_TOFU-no-Cross-Architecture-Visibility-ConnectedITInsights-PHOTO-wCTA-CIO_otroth025343_50/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 19:25:08 GMT
x-content-type-options: nosniff
age: 38953
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 6262
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 10:07:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Nov 2021 19:25:08 GMT

GET
H2 200 cta.png
s0.2mdn.net/5809340/1630577257528/DE-DEU_XA-02_0_728x90_BAN-S_HTML5_TOFU-no-Cross-Architecture-Visibility-ConnectedITInsights-PHOTO-wCTA-CIO_otroth025343_50/ Frame 61EA 19 KB
19 KB 8ms
8ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/5809340/1630577257528/DE-DEU_XA-02_0_728x90_BAN-S_HTML5_TOFU-no-Cross-Architecture-Visibility-ConnectedITInsights-PHOTO-wCTA-CIO_otroth025343_50/cta.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f3588c6fe1e75d771538c71a2e54ab29eb9be802e0c2b28f1767a0b01b2bca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5809340/1630577257528/DE-DEU_XA-02_0_728x90_BAN-S_HTML5_TOFU-no-Cross-Architecture-Visibility-ConnectedITInsights-PHOTO-wCTA-CIO_otroth025343_50/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 19:25:08 GMT
x-content-type-options: nosniff
age: 38953
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 18998
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 10:07:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Nov 2021 19:25:08 GMT

GET
H2 200 logo.png
s0.2mdn.net/5809340/1630577257528/DE-DEU_XA-02_0_728x90_BAN-S_HTML5_TOFU-no-Cross-Architecture-Visibility-ConnectedITInsights-PHOTO-wCTA-CIO_otroth025343_50/ Frame 61EA 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/5809340/1630577257528/DE-DEU_XA-02_0_728x90_BAN-S_HTML5_TOFU-no-Cross-Architecture-Visibility-ConnectedITInsights-PHOTO-wCTA-CIO_otroth025343_50/logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bfc9725a40baa479497ea187462dc25033038234f0a6e8058e95cc1aa107cd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5809340/1630577257528/DE-DEU_XA-02_0_728x90_BAN-S_HTML5_TOFU-no-Cross-Architecture-Visibility-ConnectedITInsights-PHOTO-wCTA-CIO_otroth025343_50/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 19:25:08 GMT
x-content-type-options: nosniff
age: 38953
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 3482
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 10:07:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Nov 2021 19:25:08 GMT

GET
H2 200 headline.png
s0.2mdn.net/5809340/1630577257528/DE-DEU_XA-02_0_728x90_BAN-S_HTML5_TOFU-no-Cross-Architecture-Visibility-ConnectedITInsights-PHOTO-wCTA-CIO_otroth025343_50/ Frame 61EA 25 KB
25 KB 13ms
13ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/5809340/1630577257528/DE-DEU_XA-02_0_728x90_BAN-S_HTML5_TOFU-no-Cross-Architecture-Visibility-ConnectedITInsights-PHOTO-wCTA-CIO_otroth025343_50/headline.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36ed919e9b606d9ea9788db0ccebe8336407757aaf9d12a0b44ce0d712567676

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5809340/1630577257528/DE-DEU_XA-02_0_728x90_BAN-S_HTML5_TOFU-no-Cross-Architecture-Visibility-ConnectedITInsights-PHOTO-wCTA-CIO_otroth025343_50/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 19:25:08 GMT
x-content-type-options: nosniff
age: 38953
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 25410
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 10:07:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Nov 2021 19:25:08 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C434 0
60 B 43ms
43ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuTFW-LvrNGwc_r7kpJQqbEVbYH7amJlpXtr0f1_ufvF8MOg7kgay-KX6YUCcKro5J2raPEGSdb_7SNmdtd6zBULuw93ucTsRgIXysn36a-ZkBdKcmdsudXeTmbZq3Gy_ewIEK1qMTeejqt27Byo8NFoSP4ZmNSHF1nSWYQtecMePU4OSoQ&sig=Cg0ArKJSzBGfeke8kzkXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=146&vt=11&dtpt=53&dett=3&cstd=90&cisv=r20211109.10804&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.cifraclub.com
URL: https://www.cifraclub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 06:14:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC86 0
121 B 42ms
42ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BViXDvVePYYHfFY_s3wOXwougBQAAAAA4AeAEAg&bg=!ERKlElbNAAZQLpa_UC47ACkAdvg8WhofPAq_GfVIkRlSwHAzAeVxwwWK36_wA8cJygKKkhaZubvSrgIAAABfUgAAAAdoAQeZA6jtp_LNeHlMkRKtN2WtvBdADwQBNHJi5NxHPB7kShIIIdXr4r8yseJW4NuyLxXdHo69jk4BMraI_ehk_JFMETKb8zNgxXYBrw8xJNiwMIwMrhkOZma68rM120yre08b5MaFnuNr1XPo8gfnO23DUHGHAyNulVBZGTpSmF6dFvjHhAYcLwNaa1gx6HrwYARiZD-zKve--iQosCAAHgwbxkxZy50d4neO7ZJV4EIE_txrQm0-oOJ1pxmZtGNWToe0OH12jN7zJSC52D2KgBDoeJWcpju0gRq65HF0Ob3YbvpWKKPTOXocI2BX9Y1VVSx3jZiWhDEdrEr9V7vIMtZTxwktVrHelK2KLkyYjb3H2BLm16WScVNinlW5rDA5ws_eoqE93P7FQgdrADhIuy0Ituw4RwyP7nH56R1bNqe0zV7Lr9SgaAGERI_jM3CsAFceMIoVkMi452ytSfkuRQZRIiN_2h0ufGnSMIxCcJL0WO870FqYzr8pEWlz3ogm-mlzMFVEYdS9YgntHpfufVyfgM4MKTNY0kfQjfHPyFQ5db-PU0ZlxOsiqffF1_ZpKIniE5RibCxrTZ9-h-F4OJK4e3PV9q1GAXn2cIovwEW4IMGa_kYzBbv9P_AYAl6JvhlAJD8fC9IhLzTm7rPMbE2AwT44qUEXhp2EN75vaGfj0GR38tjrlgZCMMhwPaOIVNBoqrwYGcH2p87_xP4k973Sh9rZ4iG2LslyFbkycVHcE8lL-L8J4GvMQLd2ht2izmiNSc7LjUiXGe09HDoG3uCz_jVtGwugUCZB1-grMUrWTZ7XdKWHvVJNpzrWuuA0Ipq8Mhq4sRp0Bie_irMtVDxBA56ASzzSAtpc5TL3RUepGmsuM2c9E0DU7z_gjEuaJFKf_tGETelPTp27cYYWBoGFoKq0YAsc3BtLfHRZQDgj3ztEEtE-MP-fJfmjTKRn98x6Ui2_KLRG2W9_sNqtvLRlrEfCTcfJuVNiDRDG4msph6StU9XCRLITyx4lQYxeCHl3yL5aOaRmufWIdHiGREGB9ffMQDDnwwam6sdnfWEGwEyXPHzgD2H-6_tj7n4HsHv7KxV-ZDqUACpu_2URlv5M2ta9UmMD1RUUUJ4DB_8H1uRvbNs0rZihNt88eUvpQwnkUson9VtDCljbEVjU3HQTOIrWPt1Wv_UEevPUnZqM7DGY8101uBfAkvjS5xFdOEA5GGcApIRYewALns0l8dYxkOuwM6dXItkTF4g

Requested by

Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 67D5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea7f5b9f529ef3927267e3206e949b001fbe9a5d41dc531d04980c0e9d0a66bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame C434 43 B
301 B 91ms
91ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=794060&asId=9f3459a3-26ae-322e-46ce-b8aa523f6037&tv=%7Bc:tPekKz,pingTime:-10,time:405,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85NS4wLjQ2MzguNTQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1636784061622%7C%7Cb98d09275c2d62e5fe57cce37b8edbac%7C%7C9ceebc4ad83ababb94d4029b4dca4e66%7C%7C516fd475790c511461ebe2147a60c6cd%7C%7Ce1498c824261d24ec1a9abb55eeb6c0c%7C%7C40dc95b10800db7294dbf33cb0b3f49f%7C%7Cb4a913e9425eaf7312b0909e26987637%7C%7C3988dc2cd1bd5c1da391b12eed4af2ea%7C%7C1629390669%7D
Requested by: Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 06:14:21 GMT
X-Server-Name: dt53.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 /
events.mmi360.net/ Frame C434 68 B
134 B 184ms
184ms Image
image/jpeg 3.137.111.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.mmi360.net/?cust=Cisco&type=js&plat=CM360&mode=ivt-blk&advid=5809340&siteid=4433659&cmpnid=26267104&pcmtid=310923431&crtvid=157219731&rndnum=3232588560&site=N7442.274641IDG&adid=503571845&aucid=&exchid=&sellid=&ad_frame_root=https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com&ad_frame_full=aHR0cHM6Ly81MjdmNGJiMDUzNzg4M2VjZmQ3YTY1MDRhYjRkMDU0YS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tL3NhZmVmcmFtZS8xLTAtMzgvaHRtbC9jb250YWluZXIuaHRtbA==&domain=https://www.cifraclub.com&url=&gpu=Intel%20Iris%20OpenGL%20Engine&timezone=GMT0&navua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/95.0.4638.54%20Safari/537.36&webdriver=false
Requested by: Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.137.111.143 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-137-111-143.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:22 GMT
server: awselb/2.0
content-length: 68
content-type: image/jpeg

GET
H/1.1 200
OK action
www15.smartadserver.com/track/ Frame A4B8 43 B
163 B 413ms
125ms Image
image/gif 199.187.193.164
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www15.smartadserver.com/track/action?sid=1636784060938&pid=886941&iid=8310258&cid=0&key=viewcount&rtb=1&rtbbid=306914992894826582&rtbet=0&rtblt=637723808603836001&rtbnid=2978&rtbh=af7bb7a6599e41377aebc4cd2b9099b4485430b8&ts=1636784060938
Requested by: Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:22 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame C434 43 B
301 B 89ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=794060&asId=9f3459a3-26ae-322e-46ce-b8aa523f6037&tv=%7Bc:tPekU5,time:995,type:e,im:%7Bpci:%7Btdr:951%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:995,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B987~0%5D,as:%5B987~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:93,fm:sOCD7cS+11%7C1211%7C1212*.794060-56592879%7C12121%7C13,idMap:1212*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Requested by: Host: 527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
URL: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 06:14:22 GMT
X-Server-Name: dt53.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 67D5 0
0 30ms
30ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4AgWRuzrd1PckSODNiiuc9x0rDobmOGxcPbXFCMJAsUohCzDtXywt5o_RW6Xge54tpOZauXzLMlx1qv1ESc6tkXLNZ-4w27k-HIN0yTWD9HBjy9x13lcinFs87Igqb4fywAq-ug9iUWZuekRVcp2BmD75GKU0lmVewCJQF7kwpyxcdB-cIKZI-PHUKVJwv-mxSk9nahR5eGls-KEhYDYKd_RWvEFV1zECJcfdY3UVlCXXumOV37IkbGbD7XHBXSpisVdlsbB0f-P4Xe3SeTtNpCawlaQOt2sFk_UIn_DngHXbKUrkz3xchNoTikCCJCrI75HcuDIPA_EFVCT08rU&sig=Cg0ArKJSzFUzxz7wwnBREAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 06:14:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 13 Nov 2021 06:14:22 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 39ms
19ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebbbb755aa2e45ce51fe5f033092cd22dd83e4458798d4fd878634d2d53c62ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 06:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: clear
content-length: 9158
x-xss-protection: 0

GET
H2 200 server.html Show response
gs.trrsf.com/fe/zaz-mod-globalstorage/ Frame 1AE6 7 KB
2 KB 513ms
12ms Document
text/html 2a02:26f0:1700:10::1737:a320
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://gs.trrsf.com/fe/zaz-mod-globalstorage/server.html
Requested by: Host: s1.trrsf.com.br
URL: https://s1.trrsf.com.br/metrics/js/br/contentpar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:10::1737:a320 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 04e7071a81370cfc7670a7e4d8f06627d02641c3e094759c7d2ac6f836739a06

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/

Response headers

server: cloudflare-nginx
content-type: text/html
last-modified: Fri, 15 Oct 2021 15:07:12 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
timing-allow-origin: *
access-control-expose-headers: content-type, x-cache
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
x-cdnterra-cache-status: HIT
content-encoding: gzip
content-length: 1824
date: Sat, 13 Nov 2021 06:14:22 GMT
vary: Accept-Encoding

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
283 B 49ms
49ms XHR
application/json 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=1030638109871-ffp7d0aeu1q12ufr2d7teht7av9i6ufq.apps.googleusercontent.com&as=6KZhMLvBn5BJ6o1WCOK%2FzA

Requested by

Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.C6ednk1U05I.O/am=chE/d=1/rs=AF0KOtUsoDfmqz30ATltkTjQMlyMRZ1yug/m=gis_client_library

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2119ec82a5e0b3e8390a7abcb45a77f87f7540f39813eef60f769f688f13c2ac

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JV2f3hNbYgLzv7Hl11THgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods: GET
alt-svc: clear
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cifraclub.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-JV2f3hNbYgLzv7Hl11THgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 13ms
7ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: www.cifraclub.com
URL: https://www.cifraclub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 19:12:46 GMT
content-encoding: gzip
age: 39696
x-guploader-uploadid: ADPycdsnoqKyngBmKstfkMvyeEOs3L0aDtT8fHQPmW03ytXPExCACxYiWzeXxzFK6yUdKkLSZ56aev2ZzOkh8srTdYU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 6114
last-modified: Thu, 23 Sep 2021 17:37:36 GMT
server: UploadServer
etag: "c011d7eff3edda011a5511fb703d925a"
x-goog-hash: crc32c=I6Sd4w==, md5=wBHX7/Pt2gEaVRH7cD2SWg==
content-language: en
x-goog-generation: 1632418656103247
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6114
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 13 Nov 2021 19:12:46 GMT

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/integral-accord-651/ 579 B
650 B 259ms
259ms Fetch
application/json 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/integral-accord-651/installations

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.9.1/firebase-performance-standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95e654623f8bf86d0d14230196d28b6a3be88ee07adff9c74c268a930840ccc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://www.cifraclub.com/
x-goog-api-key: AIzaSyD2I8uP0YAQbvdfovfJrBhJN48fh468rJw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: application/json

Response headers

date: Sat, 13 Nov 2021 06:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: clear
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 460
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/integral-accord-651/ Frame 0
0 49ms
14ms Preflight
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/integral-accord-651/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key
Origin: https://www.cifraclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.cifraclub.com
vary: origin referer x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key
access-control-max-age: 3600
date: Sat, 13 Nov 2021 06:14:22 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: clear

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 7ms
7ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 00:37:19 GMT
content-encoding: gzip
age: 20223
x-guploader-uploadid: ADPycdticFitSye9U8W59dqGWc7aa9cgadAHAV70mMUdcY4CL-ah612xuGfOGp3gVAOhIYItbeTkguWMc8rckBsBGRw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 8332
last-modified: Thu, 23 Sep 2021 17:37:36 GMT
server: UploadServer
etag: "3bd196ed5cd9e1a21cd3f4a34c4baf1b"
x-goog-hash: crc32c=QnHpIw==, md5=O9GW7VzZ4aIc0/SjTEuvGw==
content-language: en
x-goog-generation: 1632418656026668
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8332
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 14 Nov 2021 00:37:19 GMT

GET
H2 200 trk
tt-10969-0.seg.t.tailtarget.com/ 70 B
513 B 143ms
103ms Image
image/png 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-10969-0.seg.t.tailtarget.com/trk?tA=TT-10969-0&tJ=_channel:bratargettecinformaticaapple:1|_channel:bratargetdiversidade:1|_channel:cifraclub:1&tK=1636784062&tM=direct&tL=direct&tN=direct&tY=3&tZ=455018558
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:22 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
content-type: image/png
alt-svc: clear
content-length: 70

GET
H2 200 u Show response
b.t.tailtarget.com/ 72 B
482 B 124ms
103ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttqtt_terra
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 366b314f1e0e2939889fc4cadc1dea6871a88c45651af32f951affa88058c370

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:22 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: clear
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 13 Nov 2021 06:14:22 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 987A 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 12 Nov 2021 18:50:52 GMT
expires: Sat, 12 Nov 2022 18:50:52 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 41010
alt-svc: clear

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 905E 783 B
954 B 17ms
17ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6917e9cd80086d1b54b01dcb644a1a620c10b4cb242276b082ba398097b00ab0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UmJ0TANgZ35Uf0IE3ODniQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 13 Nov 2021 06:14:22 GMT
date: Sat, 13 Nov 2021 06:14:22 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-UmJ0TANgZ35Uf0IE3ODniQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: clear

GET
H2 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 987A 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 20:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 294828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 20:20:34 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 905E 0
0 59ms
58ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111001&jk=10615413543698&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C434 42 B
174 B 29ms
28ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssb2VTK3MGsVhx4O4j2byTz4xnr5f2dp37UJ7Z-hXuTJ96BsUFQyZBmEWEd_POfxjvMGxi_a9lGLl1kzKZYO3rPG9CyWXBcknA&sig=Cg0ArKJSzH4fCQtg5ktrEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=2209108882&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636784061006&rpt=643&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 43ms
42ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111001&jk=10615413543698&bg=!paalpuLNAAZQLpa_UC47ACkAdvg8WkiRNYgv0dBU8SM9eZbZ4ISttnvO5SQWMiTwlL5c1pBUYs3NwAIAAABkUgAAAA9oAQeZArTCIR-HgUgE0lc980syHu3r1WvG4xaSOvq8bLo8pGn_oWGBNYHBbtza7AIs-iNWhYcPPH-OKK5aoMaVKq5puKROEieoS7GlEGyEo-cyxeTN_2Q7Ls0y2cOeteO5DnUapCHfIayooG5I_eami4892NQAaPApbh7485k2i9kePKa4Wj3k-Y9rqd5bU5PgZwvno4FSl9ZWX4y6CABLP0WAXU0K7lFBGcA1YA4HrfxxT8UAMUAK1DePLbRujxDwFZEuWFGaR5vDyuMDE-hOgXt_-QNRdpnD90ZqHMM0gygAJN4luqziJQkDQjCuvQarwNrrwRluQMtEHL1pXetOMRqK1PT1vvyav_7aHP4XuXK4i7iOIM--A9bU22mZKCVHgfBk4W48f18MCpiVHp8rtwIm1pBgwdKoLLb_GlnuKZpKE284ykSlk5GKqrgdfrfdiYruX_eoVnfcM3ll73Tl63QxPFIPIl88SEQQM6zC8np_f-Yg-YJ2Uab5WKad_dcg5OFyu-B76eTOgYPiNoGqZnfylfeSVbSpS1ZvqkeX_v3qc1HlKvEsvOxWqelMNXtmBOSMtkRMzIUd0_JYxV3spTLXxg-AGAQSW8RxKaMwhYdQpMAnxkVLBIbicJ2KJB-Hq43nsdwG0Tfxe-H9FbxJOMnzXPGaseg_gvagkEh-YXXPsldbAEZ5vK0mme1IExfLkN9bEv2IYRJra5a0VbM7d7bzV7CTeuPVZxRHVxGOKZDXgwdECbGMITStBe6HB3CzpI66apuY2FwTWrwKa6KDrYD3fDFpgl7S_v7ZabFKjbpt-aR4KU8CQeMtSVksKA3VENhPkWeqrZNZVthP1K4ac7q864a9BkHX69vU5ZWuXbNYjYmua5NcIDF7zxmk6ZvhhHDRezZ4HBTUfeajiutjPzLwIrus5d19Bw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b Show response
b.t.tailtarget.com/ 150 B
589 B 106ms
105ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-10969-0&tY=1&tS=2&tU=0100007FBE578F61B906AA8E02526A3D&tX=b.52&tZ=519376971&env=_ttqtt_terra
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cdefaf3a7c60b6d05ad52853a8394cb0ff610dbb13d32a540ef824ef0be04584

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:22 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

POST
H2 200 fireperf:fetch Show response
firebaseremoteconfig.googleapis.com/v1/projects/integral-accord-651/namespaces/ 1 KB
656 B 200ms
200ms Fetch
application/json 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/integral-accord-651/namespaces/fireperf:fetch?key=AIzaSyD2I8uP0YAQbvdfovfJrBhJN48fh468rJw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.9.1/firebase-performance-standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8bc7b96d982daa6d6ec1dab06959f5441127cb4bc452b937fa757c36323793df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Referer: https://www.cifraclub.com/
Accept-Language: de-DE,de;q=0.9
Authorization: FIREBASE_INSTALLATIONS_AUTH eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjE6MTA0NjU0MTE0ODQ2MTp3ZWI6ZTAzZjU2N2QxYTAyZDM4ZWI2YjNhNCIsImV4cCI6MTYzNzM4ODg2MiwiZmlkIjoiZU5sZGItLUY2V09vN3FxdnpYOXVKdiIsInByb2plY3ROdW1iZXIiOjEwNDY1NDExNDg0NjF9.AB2LPV8wRAIgbUcX0AEnhhcE8RC5J-SQQ2fZT8qVvjiSuO0SQvLqK1ECIC_UNZZzjsY734PPNv3on3fNniQgxgZ556TmY3nRAfRZ
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 13 Nov 2021 06:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: clear
server: ESF
etag: etag-integral-accord-651-fireperf-fetch-1855464140
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 425
x-xss-protection: 0

OPTIONS
H2 200 fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/integral-accord-651/namespaces/ Frame 0
0 62ms
14ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/integral-accord-651/namespaces/fireperf:fetch?key=AIzaSyD2I8uP0YAQbvdfovfJrBhJN48fh468rJw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://www.cifraclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.cifraclub.com
vary: origin referer x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: authorization
access-control-max-age: 3600
date: Sat, 13 Nov 2021 06:14:22 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: clear

GET
H2 200 ca Show response
tt-10969-0.seg.t.tailtarget.com/ 99 B
373 B 105ms
105ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10969-0.seg.t.tailtarget.com/ca?tZ=875958073&env=_ttqtt_terra
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: ad4a79d3326f422fcc078f71bc33a838628f00c3faed2adffa17c2d312323282

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:22 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 ca Show response
choices.trustarc.com/ Frame C434 7 KB
3 KB 57ms
12ms Script
text/javascript 143.204.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=on5b0tw_mdra1xd_18b6avuw&w=728&h=90&c=tradedesk01cont1&js=pmw1&base=te-clr1-f6b0ba43-9ae0-45ee-bebb-2da285d70fea&sid=0
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=on5b0tw_mdra1xd_18b6avuw&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-4.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 7b99dba2222f2b926849c69c8b28fce63a6dc664eb3ca391ed780a11fbb15c86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 16:05:32 GMT
content-encoding: gzip
server: nginx
age: 50930
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA50-C1
content-length: 2412
x-amz-cf-id: wEu5PytBPlry92l_YMIQKtLLBXkl3YeLHW5y78GFaV7CkYmWngn2hg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame C434 38 KB
11 KB 56ms
10ms Script
text/javascript 143.204.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=on5b0tw_mdra1xd_18b6avuw&w=728&h=90&c=tradedesk01cont1&js=pmw2
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=on5b0tw_mdra1xd_18b6avuw&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-4.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 15:59:34 GMT
content-encoding: gzip
server: nginx
age: 51288
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: WHcL7bU3gfZpZtdXCLNLzfsB34W7wK3RgJ6amQkdZIdTe-J5RFPtyA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame C434 43 B
384 B 177ms
132ms Image
image/gif 143.204.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=on5b0tw_mdra1xd_18b6avuw&w=728&h=90&c=20a0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-4.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:23 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: fNZEN7UnqTJFHLUTbKXecqVPTjkQpU7onVpl0MviYcO3A16fQPKwoQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
299 B 110ms
103ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-10969-0&tE=0&tF=&tI=_frankfurt%20am%20main_hesse_de_1636784062767_1539798603&tJ=CA6935,CA4723,CA4729&tQ=bratargettecinformaticaapple,bratargetdiversidade,cifraclub&tU=0100007FBE578F61B906AA8E02526A3D&tX=b.52&tY=1&tZ=203693154
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:23 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 get
choices.trustarc.com/ Frame C434 287 B
629 B 7ms
7ms Image
image/png 143.204.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-4.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 20 Oct 2021 06:27:51 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
server: nginx
age: 2072792
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
content-length: 287
x-amz-cf-id: KLpVHw_HAbG4TIe5YH7No3uFR5yaujg-DDI8cgLAJQSBwhmTP4ZHLg==
expires: Fri, 19 Nov 2021 06:27:51 GMT

GET
H2 200 get
choices.trustarc.com/ Frame FBFD 287 B
627 B 7ms
7ms Image
image/png 143.204.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by: Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=on5b0tw_mdra1xd_18b6avuw&w=728&h=90&c=tradedesk01cont1&js=pmw2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-4.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 20 Oct 2021 06:27:51 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
server: nginx
age: 2072792
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
content-length: 287
x-amz-cf-id: UFow9bUK9v-Ur1oPGoFUAgS0VeclhEgN1S1YnuQqIFxeWFFT-hGeig==
expires: Fri, 19 Nov 2021 06:27:51 GMT

GET
H2 200 get
choices.trustarc.com/ Frame FBFD 739 B
1 KB 7ms
7ms Image
image/png 143.204.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-4.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Thu, 14 Oct 2021 13:35:20 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
server: nginx
age: 2565543
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
content-length: 739
x-amz-cf-id: rEyZzoYDM7l44PfIs_MIUVJfnRgX3sCydfGHdDc-gs-OisbmykIsgQ==
expires: Sat, 13 Nov 2021 13:35:21 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 67D5 42 B
108 B 28ms
28ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBNVApENuenlZ482xu_1B5soxPsLMBeUlajO2bTUsapXn9jm1r1ijL9yNQJhmKds4MO9ipjEPKybl63--3xhOPuuoExdw157DguA3RuAoV5aggjHzp&sig=Cg0ArKJSzIy1K5mtwW4vEAE&id=lidar2&mcvt=1000&p=657,436,747,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=997520633&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636784060864&rpt=1567&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame C434 43 B
301 B 90ms
89ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=794060&asId=9f3459a3-26ae-322e-46ce-b8aa523f6037&tv=%7Bc:tPeleP,pingTime:1,time:2281,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D,%7Bpiv:100,vs:i,r:,t:1280%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1280,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1273~0,0~100%5D,as:%5B1273~728.90%5D%7D%7D,%7Bsl:i,t:1280,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:90,fm:sOCD7cS+11%7C1211%7C1212*.794060-56592879%7C12121%7C13,idMap:1212*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 06:14:23 GMT
X-Server-Name: dt53.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame C434 43 B
301 B 101ms
101ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=794060&asId=9f3459a3-26ae-322e-46ce-b8aa523f6037&tv=%7Bc:tPeleQ,pingTime:1,time:2282,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D,%7Bpiv:100,vs:i,r:,t:1280%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:1280,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1273~0,0~100%5D,as:%5B1273~728.90%5D%7D%7D,%7Bsl:i,t:1280,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:90,fm:sOCD7cS+11%7C1211%7C1212*.794060-56592879%7C12121%7C13,idMap:1212*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 06:14:23 GMT
X-Server-Name: dt50.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 /
events.mmi360.net/ Frame C434 68 B
134 B 186ms
185ms Image
image/jpeg 3.137.111.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.mmi360.net/?cust=Cisco&type=js&plat=CM360&mode=ivt-blk&advid=5809340&siteid=4433659&cmpnid=26267104&pcmtid=310923431&crtvid=157219731&rndnum=3232588560&site=N7442.274641IDG&adid=503571845&aucid=&exchid=&sellid=&ad_frame_root=https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com&ad_frame_full=aHR0cHM6Ly81MjdmNGJiMDUzNzg4M2VjZmQ3YTY1MDRhYjRkMDU0YS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tL3NhZmVmcmFtZS8xLTAtMzgvaHRtbC9jb250YWluZXIuaHRtbA==&domain=https://www.cifraclub.com&url=&gpu=Intel%20Iris%20OpenGL%20Engine&timezone=GMT0&navua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/95.0.4638.54%20Safari/537.36&webdriver=false&viewed=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.137.111.143 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-137-111-143.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:24 GMT
server: awselb/2.0
content-length: 68
content-type: image/jpeg

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame DAA2
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

281 B
554 B

7ms
7ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/js/d474b.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40334-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Nov 2021 06:14:25 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date: Sat, 13 Nov 2021 06:14:25 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 51CD 281 B
554 B 7ms
7ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/js/d474b.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40334-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Nov 2021 06:14:25 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

usermatch Show response
ssum.casalemedia.com/ Frame 8128
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc5ba1affd53502c0%26uid%3D
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc5ba1affd53502c0%26uid%3D&s=190243&C=1

2 KB
3 KB

19ms
19ms

Document
text/html

2.18.234.21

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc5ba1affd53502c0%26uid%3D&s=190243&C=1
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/js/d474b.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7f36b2875777c49183652c7ae0e44baa446d5fc15b7116f9cfb2950d4deffa2a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|39|45|218|111|221|130
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1667
Expires: Sat, 13 Nov 2021 06:14:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 13 Nov 2021 06:14:25 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 345
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc5ba1affd53502c0%26uid%3D&s=190243&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sat, 13 Nov 2021 06:14:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 13 Nov 2021 06:14:25 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame D256 52 KB
17 KB 43ms
12ms Document
text/html 2.18.232.130

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/js/d474b.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 -, , ASN (),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sun, 14 Nov 2021 06:14:27 GMT
Date: Sat, 13 Nov 2021 06:14:25 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2797 14 KB
5 KB 38ms
8ms Document
text/html 2.18.233.180

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Requested by: Host: studiosol-a.akamaihd.net
URL: https://studiosol-a.akamaihd.net/cc/js/d474b.headerbidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=60837
expires: Sat, 13 Nov 2021 23:08:22 GMT
date: Sat, 13 Nov 2021 06:14:25 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 51CD 32 KB
10 KB 10ms
8ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 24cfa815e675621b16b7e1c89c0db7d3ff93eab7f758f2c885f478ae9e8a992f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 06:14:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=71790
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9510
Expires: Sun, 14 Nov 2021 02:10:55 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DAA2 32 KB
10 KB 8ms
7ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 24cfa815e675621b16b7e1c89c0db7d3ff93eab7f758f2c885f478ae9e8a992f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 06:14:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=71790
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9510
Expires: Sun, 14 Nov 2021 02:10:55 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame DAA2 0
239 B 8ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 2797 5 KB
6 KB 58ms
13ms Script
text/html 198.47.127.19

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=63015915&p=156631&s=857421&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c68cb24ea61332edbefc27e5539b4f295b55bdbb79db6411d1afb494f2804bec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:25 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D256 0
731 B 14ms
13ms Script
text/html 185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 06:14:25 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5c4d033b-7a2d-4ad7-9a86-2f4a57327cdf
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 8128
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY9XwZpsvgzucl67YCPJGAAABFgAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY9XwZpsvgzucl67YCPJGAAABFgAAAIB&dcc=t

43 B
645 B

95ms
94ms

Image
image/gif

209.54.177.54

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY9XwZpsvgzucl67YCPJGAAABFgAAAIB&dcc=t

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc5ba1affd53502c0%26uid%3D&s=190243&C=1

Protocol

HTTP/1.1

Server

209.54.177.54 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 06:14:25 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: J8XY523T29KJ4N94QBK3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 06:14:25 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PZH9EPGF8FC52HGGHDZD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY9XwZpsvgzucl67YCPJGAAABFgAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 8128
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YY9XwZpsvgzucl67YCPJGAAABFgAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAQSev09H86cRhp0dmjx7Cs&google_cver=1

43 B
315 B

36ms
18ms

Image
image/gif

2.18.234.21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAQSev09H86cRhp0dmjx7Cs&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc5ba1affd53502c0%26uid%3D&s=190243&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 06:14:25 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 13 Nov 2021 06:14:25 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAQSev09H86cRhp0dmjx7Cs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 8128 70 B
264 B 33ms
31ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc5ba1affd53502c0%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 8128
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YY9XwZpsvgzucl67YCPJGAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHKZlqBDEZuhOl2HaMVQt7o&google_cver=1&gdpr=1

43 B
999 B

16ms
16ms

Image
image/gif

2.18.234.21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHKZlqBDEZuhOl2HaMVQt7o&google_cver=1&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc5ba1affd53502c0%26uid%3D&s=190243&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 06:14:25 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 13 Nov 2021 06:14:25 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHKZlqBDEZuhOl2HaMVQt7o&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=YY9XwZpsvgzucl67YCPJGAAA%261112
dpm.demdex.net/ Frame 8128 0
0 153ms
32ms Image
application/json 34.250.85.122

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YY9XwZpsvgzucl67YCPJGAAA%261112?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc5ba1affd53502c0%26uid%3D&s=190243&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.85.122 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 8128 0
331 B 89ms
17ms Image
text/plain 37.157.5.142

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc5ba1affd53502c0%26uid%3D&s=190243&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:25 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

tpid=YY9XwZpsvgzucl67YCPJGAAA%261112
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 8128
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YY9XwZpsvgzucl67YCPJGAAA%261112?gdpr_consent=&us_privacy=&gdpr=1
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YY9XwZpsvgzucl67YCPJGAAA%261112?gdpr_consent=&us_privacy=&gdpr=1

49 B
740 B

39ms
39ms

Image
image/gif

54.194.226.253

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YY9XwZpsvgzucl67YCPJGAAA%261112?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc5ba1affd53502c0%26uid%3D&s=190243&C=1
Protocol: H2
Server: 54.194.226.253 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:25 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.24.214
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:25 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YY9XwZpsvgzucl67YCPJGAAA%261112?gdpr_consent=&us_privacy=&gdpr=1
cache-control: no-cache
x-server: 10.45.2.20
content-length: 0
expires: 0

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 8128 43 B
430 B 150ms
33ms Image
image/gif 34.248.204.54

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc5ba1affd53502c0%26uid%3D&s=190243&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.248.204.54 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
Date: Sat, 13 Nov 2021 06:14:25 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
u-ams02.e-planning.net/ Frame 8128 42 B
103 B 49ms
13ms Image
image/gif 46.249.52.248

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=c5ba1affd53502c0&uid=YY9XwZpsvgzucl67YCPJGAAA%261112
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc5ba1affd53502c0%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:25 GMT
server: openresty
content-type: image/gif

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame CFC6
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=2CCD9A58-720B-4CB5-AED8-99FAB384A2F1
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2CCD9A58-720B-4CB5-AED8-99FAB384A2F1

35 B
467 B

18ms
16ms

Document
image/gif

37.157.5.142

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2CCD9A58-720B-4CB5-AED8-99FAB384A2F1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 13 Nov 2021 06:14:25 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Sat, 13 Nov 2021 06:14:25 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2CCD9A58-720B-4CB5-AED8-99FAB384A2F1
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 7089
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2522093242712026743

42 B
209 B

12ms
12ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2522093242712026743
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 13 Nov 2021 06:14:24 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug016:0:313
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2522093242712026743
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 55E6 43 B
334 B 47ms
14ms Document
image/gif 178.250.2.151

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 13 Nov 2021 06:14:25 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Sat, 13 Nov 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 500811

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B856
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7029934029798045851

42 B
367 B

33ms
12ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7029934029798045851
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 13 Nov 2021 05:33:28 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug0022:0:394
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Sat, 13 Nov 2021 06:14:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7029934029798045851

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7472
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YY9XvQAEKbfgaABR&gdpr=0&gdpr_consent=

1 B
410 B

58ms
12ms

Document
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YY9XvQAEKbfgaABR&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 13 Nov 2021 06:14:23 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: amspug018:0:478
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YY9XvQAEKbfgaABR&gdpr=0&gdpr_consent=
accept-ranges: bytes
date: Sat, 13 Nov 2021 06:14:25 GMT
via: 1.1 varnish
x-served-by: cache-fra19148-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1636784066.687151,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame C6FC
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBOE1FN0RIckFBQUNqeF83YUg3Zw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

31ms
31ms

Document
image/gif

34.248.204.54

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.248.204.54 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Sat, 13 Nov 2021 06:14:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Sat, 13 Nov 2021 06:14:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: clear

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7BBE
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

0
88 B

14ms
12ms

Document
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 13 Nov 2021 06:14:25 GMT
content-type: text/html; charset=utf-8
x-lat: amspug012:2:246
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length: 0
date: Sat, 13 Nov 2021 06:14:25 GMT
server: _

GET
H2 404 dpe Show response
ad4m.at/ad/ Frame 362C 15 B
915 B 46ms
18ms Document
text/plain 2606:4700:3039::6815:c027

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c027 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 13 Nov 2021 06:14:25 GMT
content-type: text/plain; charset=utf-8
content-length: 15
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ad5dc1ab8ff6964-FRA

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 96B0 43 B
408 B 64ms
13ms Document
image/gif 173.231.181.122

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.181.122 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Date: Sat, 13 Nov 2021 06:14:25 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-3
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3888
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7529025409
https://sync.1rx.io/usersync/tradedesk/dc975bbe-5968-40f6-b97d-40c7040e0f80
https://sync.targeting.unrulymedia.com/csync/RX-d03e793f-a14a-4302-9813-700bc9baf692-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d03e793f-a14a-4302-9813-700bc9baf692-003

42 B
228 B

12ms
12ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d03e793f-a14a-4302-9813-700bc9baf692-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 13 Nov 2021 05:33:28 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug0022:0:480
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Sat, 13 Nov 2021 06:14:25 GMT
content-type: text/html
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d03e793f-a14a-4302-9813-700bc9baf692-003
etag: RXd03e793fa14a43029813700bc9baf692003

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7E46
Redirect Chain

https://core.iprom.net/cookiesync
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=86102380137072

42 B
362 B

12ms
12ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=86102380137072
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 13 Nov 2021 06:14:25 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug014:0:385
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Vary: Accept-Encoding
X-adserver-worker: avatar-1943f0b41eb4@version_1.345v4
Connection: close
X-server-arch: v2
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=86102380137072
Content-Type: text/html; charset=utf-8
Content-Length: 277
X-core-time: 0ms
Date: Sat, 13 Nov 2021 06:14:25 GMT

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 2853
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=8Jq6dTUiwIBSMd4XuKa5Xzw2

42 B
372 B

14ms
14ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=8Jq6dTUiwIBSMd4XuKa5Xzw2
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 13 Nov 2021 06:14:24 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug001:0:2224
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Sat, 13 Nov 2021 06:14:25 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=8Jq6dTUiwIBSMd4XuKa5Xzw2
strict-transport-security: max-age=0; includeSubDomains;

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame AD1E
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
440 B

164ms
163ms

Document
image/gif

2606:4700::6812:c05

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 13 Nov 2021 06:14:26 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ad5dc1bbd9a4ed9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Sat, 13 Nov 2021 06:14:25 GMT
content-type: text/html
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 413
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ad5dc1aac6d4ed9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame F0AA 0
44 B 297ms
96ms Document
text/plain 169.197.150.7

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 -, , ASN (),
Reverse DNS
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Sat, 13 Nov 2021 06:14:25 GMT
server: c

GET
H2 200 um Show response
u-ams02.e-planning.net/ Frame 53E9 42 B
104 B 17ms
13ms Document
image/gif 46.249.52.248

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=c5ba1affd53502c0&uid=2CCD9A58-720B-4CB5-AED8-99FAB384A2F1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: openresty
date: Sat, 13 Nov 2021 06:14:25 GMT
content-type: image/gif

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2797
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LM2aWHILTLWu2Jn6s4Si8Q%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

10ms
9ms

Image
text/html

2.18.233.180

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Server: 2.18.233.180 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:25 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=60837
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Sat, 13 Nov 2021 23:08:22 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 2797
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ec91618f-57bd-4400-b4ce-227c69dceede

0
260 B

62ms
12ms

Image
text/plain

198.47.127.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ec91618f-57bd-4400-b4ce-227c69dceede
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:25 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sat, 13 Nov 2021 06:14:25 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x6 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ec91618f-57bd-4400-b4ce-227c69dceede
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 13 Nov 2021 06:14:24 GMT

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame 2797
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=2CCD9A58-720B-4CB5-AED8-99FAB384A2F1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=dc975bbe-5968-40f6-b97d-40c7040e0f80&icm
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=9743e0ca69096723938974229edad689

35 B
248 B

17ms
17ms

Image
image/gif

146.59.148.16

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=9743e0ca69096723938974229edad689
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: HTTP/1.1
Server: 146.59.148.16 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

date: Sat, 13 Nov 2021 06:14:25 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=9743e0ca69096723938974229edad689
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/html
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2797
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkNDRDlBNTgtNzIwQi00Q0I1LUFFRDgtOTlGQUIzODRBMkYx&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
188 B

40ms
13ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 05:33:28 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0022:0:390
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2797
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEAQWBhy6fgyF2mKll--QJE&google_cver=1

42 B
437 B

40ms
13ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEAQWBhy6fgyF2mKll--QJE&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:25 GMT
cache-control: no-store, no-cache, private
x-lat: amspug012:0:480
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEAQWBhy6fgyF2mKll--QJE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 2797 43 B
616 B 57ms
14ms Image
image/gif 169.50.137.184

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 12 Nov 2021 06:14:25 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2797
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ec91618f-57bd-4400-b4ce-227c69dceede&gdpr=0&gdpr_consent=

42 B
649 B

28ms
12ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ec91618f-57bd-4400-b4ce-227c69dceede&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 05:30:40 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0021:0:381
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sat, 13 Nov 2021 06:14:25 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x24 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ec91618f-57bd-4400-b4ce-227c69dceede&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 13 Nov 2021 06:14:24 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2797
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5309686342242749094

42 B
233 B

12ms
12ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5309686342242749094
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:24 GMT
cache-control: no-store, no-cache, private
x-lat: amspug016:0:385
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:25 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5309686342242749094
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2797
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=dc975bbe-5968-40f6-b97d-40c7040e0f80

42 B
448 B

12ms
12ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=dc975bbe-5968-40f6-b97d-40c7040e0f80
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:24 GMT
cache-control: no-store, no-cache, private
x-lat: amspug011:0:395
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=dc975bbe-5968-40f6-b97d-40c7040e0f80
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2797
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3196026263755864367&gdpr=0&gdpr_consent=

42 B
520 B

44ms
12ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3196026263755864367&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 05:30:40 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0021:0:348
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 06:14:25 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4292ae6a-a8b1-4716-a7fc-b4dbb7bcfaed
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3196026263755864367&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 2797
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2CCD9A58-720B-4CB5-AED8-99FAB384A2F1&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7q.O_VZE2uUgiQ1xiZTmSHKeEK5Mndk-~A&gdpr=0&gdpr_consent=

0
128 B

32ms
12ms

Image
text/plain

198.47.127.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7q.O_VZE2uUgiQ1xiZTmSHKeEK5Mndk-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:24 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7q.O_VZE2uUgiQ1xiZTmSHKeEK5Mndk-~A&gdpr=0&gdpr_consent=
date: Sat, 13 Nov 2021 06:14:25 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 2CCD9A58-720B-4CB5-AED8-99FAB384A2F1
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2797 43 B
203 B 36ms
35ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/2CCD9A58-720B-4CB5-AED8-99FAB384A2F1?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:25 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET p-5aWVS_roA1dVM.gif
pixel.quantserve.com/pixel/ Frame 2797 0
0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2797
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=e9af4728-52a3-48ef-adf9-78a6462b3096
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=e9af4728-52a3-48ef-adf9-78a6462b3096
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=69a17735-16fd-4604-90b1-a4f879b13be7&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e9af4728-52a3-48ef-adf9-78a6462b3096&gdpr=&gdpr_consent=&gdpr_pd=

1 B
259 B

12ms
12ms

Image
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e9af4728-52a3-48ef-adf9-78a6462b3096&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:24 GMT
cache-control: no-store, no-cache, private
x-lat: amspug017:0:373
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e9af4728-52a3-48ef-adf9-78a6462b3096&gdpr=&gdpr_consent=&gdpr_pd=
Date: Sat, 13 Nov 2021 06:14:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 2797 0
104 B 124ms
59ms Image
text/plain 2a02:fa8:8806:12::1370

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2CCD9A58-720B-4CB5-AED8-99FAB384A2F1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:25 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2797
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8714368944058975178&gdpr=0&gdpr_consent=&us_privacy=

1 B
243 B

12ms
12ms

Image
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8714368944058975178&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:25 GMT
cache-control: no-store, no-cache, private
x-lat: amspug016:0:365
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8714368944058975178&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sat, 13 Nov 2021 06:14:25 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2797
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
279 B

12ms
12ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:25 GMT
cache-control: no-store, no-cache, private
x-lat: amspug002:0:400
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:25 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2797
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:98922222-afe1-41c8-be94-da5bf0cb5276&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
110 B

12ms
12ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:98922222-afe1-41c8-be94-da5bf0cb5276&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:24 GMT
cache-control: no-store, no-cache, private
x-lat: amspug002:0:398
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:98922222-afe1-41c8-be94-da5bf0cb5276&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Sat, 13 Nov 2021 06:14:25 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2797
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3196026263755864367

42 B
110 B

12ms
12ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3196026263755864367
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:14:23 GMT
cache-control: no-store, no-cache, private
x-lat: amspug018:0:314
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 06:14:25 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 95f8eba7-f941-45db-9b3c-d0c6c05fadf3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3196026263755864367
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 d1ba4609
rtb.gumgum.com/getuid/ Frame 2797 35 B
238 B 110ms
30ms Image
image/gif 54.228.52.99

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=857421&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc5ba1affd53502c0%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.52.99 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 06:14:25 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad.atdmt.com
URL: https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=5809340;c.a=26267104;s.a=4433659;p.a=310923431;a.a=503571845;cache=3232588560;

Domain: pixel.quantserve.com
URL: https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cifraclub.com/	1970-01-20 16:10:56	Name: _ga Value: GA1.2.1872078260.1636784060
.cifraclub.com/	1970-01-19 22:41:10	Name: _gid Value: GA1.2.1552119181.1636784060
.cifraclub.com/	1970-01-20 00:49:20	Name: _gcl_au Value: 1.1.777407778.1636784060
ads.us.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.rubiconproject.com/	1970-01-20 07:25:20	Name: khaos Value: KVXEYVUF-8-KAX4
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|A9CsNFoQ5K/DWCet2ogsIBP0vIhaOOWfliBRT/qkfmAh+urPaQTjRsKcZLjliObLRXOqtD6qDAuneV3IXSeRTVvE8QI6g1Y1yk4Vad3QREh28zX8YKRfI6r+JKnHMVn/BdTLwVQPPUDx
.rubiconproject.com/	1970-01-20 07:25:20	Name: audit Value: 1\|hLZGFuTafB0yRllQ1ru5+6Q/Fn9jJ2Tlph+Ceuqbr/f24WPzaViPwfWtJ8tvWrIQovFfJqxka8IeIZvfCt5c1OBxGCOXoSK1jgJ+fqjTPAvc6UO785F0Pw==
.adnxs.com/	1970-01-20 00:49:20	Name: icu Value: ChgIy6c-EAoYASABKAEwvK-9jAY4AUABSAEQvK-9jAYYAA..
.adnxs.com/	1970-01-20 00:49:20	Name: uuid2 Value: 3196026263755864367
.e-planning.net/	1970-01-22 11:58:56	Name: E Value: ANaNnLtLEXvZxunN
.doubleclick.net/	1970-01-20 08:01:20	Name: IDE Value: AHWqTUltqDv4e7lNLI-OYrL9mC_w_1SkDxKs3VIgdDsFyULHReGOwDoPiWNsPt-CiQk
.cifraclub.com/	1970-01-20 08:01:20	Name: __gads Value: ID=8091c1d31b8221ab:T=1636784060:S=ALNI_MbxqS5vDSZZKIrD-GzG9CNKyqzNXA
.cifraclub.com.br/	1970-01-19 22:39:47	Name: always Value: true
www.cifraclub.com/	1970-01-19 23:22:56	Name: always Value: true
.mathtag.com/	1970-01-20 08:05:39	Name: uuid Value: ec91618f-57bd-4400-b4ce-227c69dceede
.google.com/	1970-01-20 03:03:15	Name: NID Value: 511=vyrkM5o8ZBGAmSaFcPzzbyfAfFs8RJrRlxe6M6pk0Uy4Cy1qUl8FA2l3qtYkgdEMVh1onojJ0svycJi54yhzvm5W_FvgD_klt9mHONLHHslwc3z8pi2DSJm31Q1-D9C_HbMt6FnePQSO4vTgmlYBXz3tlD8nMLdPpsiNc9I1Hnw
.everesttech.net/	1970-01-20 07:25:20	Name: everest_g_v2 Value: g_surferid~YY9XvQAEKbfgaABR
.cifraclub.com/	1970-01-19 22:39:44	Name: _gat_terra Value: 1
.yahoo.com/	1970-01-20 07:25:41	Name: A3 Value: d=AQABBL1Xj2ECECSGUdv5QlliwGzTuMto8f4&S=AQAAAgg0D-wDVbMekNFWPoH787I
.scorecardresearch.com/	1970-01-20 15:56:32	Name: UID Value: 1TSDJV7YCNIYJ4FXEZGDDRg1636784061
.bizibly.com/	1970-01-20 07:25:20	Name: _BUID Value: b779ea961a07c26f8796c8a131f55746
www.cifraclub.com/	1970-01-19 22:39:45	Name: tt_c_vmt Value: 1636784062
www.cifraclub.com/	1970-01-19 22:39:45	Name: tt_c_c Value: direct
www.cifraclub.com/	1970-01-19 22:39:45	Name: tt_c_s Value: direct
www.cifraclub.com/	1970-01-19 22:39:45	Name: tt_c_m Value: direct
www.cifraclub.com/	1970-01-20 15:56:32	Name: _ttuu.s Value: 1636784062469
.t.tailtarget.com/	1970-01-19 22:42:36	Name: _ssc Value: y
www.cifraclub.com/	1970-01-20 07:25:20	Name: tt.u Value: 0100007FBE578F61B906AA8E02526A3D
.tt-10969-0.seg.t.tailtarget.com/	1970-01-19 23:22:56	Name: trk Value: xJkT5pcww2IAbjQtEUv7/JL8/LyK6eHRu5EZ+wTumQaSobno0X/ZR1HZNe9NJ6ljAdaz8nEbRcmdT+u2xCK4DOV3QhHuPMxBl68ttybDe30=
.t.tailtarget.com/	1970-01-20 07:25:20	Name: u Value: fwAAAWGPV769awa9IRanAgB=
.t.tailtarget.com/	1970-01-19 23:22:56	Name: ttbprf Value: _frankfurt am main_hesse_de_1636784062767_1539798603
.t.tailtarget.com/	1970-01-19 22:39:45	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-19 23:22:56	Name: ttnprf Value:
www.cifraclub.com/	1970-01-19 22:41:10	Name: tt.nprf Value:
.tt-10969-0.seg.t.tailtarget.com/	1970-01-19 22:39:47	Name: ttca Value: CA6935,CA4723,CA4729_1636784062
.t.tailtarget.com/	1970-01-19 23:22:56	Name: n Value: 1636784063

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://master.cifraclub.com.br/api/v3/sponsor Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://master.cifraclub.com.br/api/v3/sponsor Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=5809340;c.a=26267104;s.a=4433659;p.a=310923431;a.a=503571845;cache=3232588560; Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

527f4bb0537883ecfd7a6504ab4d054a.safeframe.googlesyndication.com
a.tribalfusion.com
a.volvelle.tech
accounts.google.com
acdn.adnxs.com
ad.atdmt.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
ads.yahoo.com
adservice.google.com
adservice.google.de
apps.sascdn.com
b.t.tailtarget.com
bcp.crwdcntrl.net
c1.adform.net
c2shb.ssp.yahoo.com
cdn.bizibly.com
cdn.jsdelivr.net
ced-ns.sascdn.com
choices.trustarc.com
choices.truste.com
cifraclub.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
core.iprom.net
csync.loopme.me
d.tailtarget.com
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eus.rubiconproject.com
events.mmi360.net
fastlane.rubiconproject.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gs.trrsf.com
ib.adnxs.com
id.cifraclub.com.br
id.rlcdn.com
ie1-bid.adsrvr.org
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
itx5.smartadserver.com
loada.exelator.com
master.cifraclub.com.br
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prg.smartadserver.com
pubmatic-match.dotomi.com
rtb.gumgum.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s1.trrsf.com.br
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
studiosol-a.akamaihd.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
t.tailtarget.com
tags.mmi360.net
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
tt-10969-0.seg.t.tailtarget.com
u-ams02.e-planning.net
um.simpli.fi
ups.analytics.yahoo.com
www.cifraclub.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www15.smartadserver.com
x.bidswitch.net
ad.atdmt.com
pixel.quantserve.com
104.244.36.20
142.250.185.226
142.250.186.66
142.250.186.98
143.204.98.27
143.204.98.4
143.204.98.86
146.59.148.16
151.101.130.49
152.195.15.58
159.65.196.12
162.55.6.213
169.197.150.7
169.50.137.184
172.217.16.130
173.231.181.122
177.54.144.22
177.54.152.29
178.250.2.151
18.156.0.31
18.157.58.24
185.29.134.244
185.33.221.90
185.33.223.38
185.64.189.110
185.86.138.121
195.5.165.20
198.47.127.19
198.47.127.20
199.187.193.164
2.16.186.17
2.16.186.82
2.18.232.130
2.18.233.180
2.18.234.21
208.84.244.97
209.54.177.54
213.155.156.165
213.19.147.45
216.58.212.166
23.37.42.132
2600:9000:2156:ae00:8:48e:53c0:93a1
2600:9000:2156:b400:19:72bf:4340:93a1
2602:803:c004:200::141
2606:4700:3039::6815:c027
2606:4700::6810:5914
2606:4700::6812:c05
2620:112:f000:bbbb::11
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:808::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200d
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9a
2a02:26f0:1700:10::1737:a305
2a02:26f0:1700:10::1737:a320
2a02:fa8:8806:12::1370
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.137.111.143
34.102.185.99
34.102.253.54
34.248.204.54
34.250.206.93
34.250.85.122
34.254.143.3
35.157.246.167
35.201.123.184
35.210.178.101
35.244.174.68
37.157.5.142
46.249.52.248
5.178.65.245
52.223.4.62
52.223.40.198
54.194.226.253
54.228.52.99
66.155.71.150
69.173.144.138
69.173.144.165
85.114.159.118
87.98.128.108
00b1c4910c4f2b03e85c94fdca2627facfc52ba12dc4a0705d9273b47a0f730f
04e7071a81370cfc7670a7e4d8f06627d02641c3e094759c7d2ac6f836739a06
055930badf7874089edc0566426f19458edc5b8a0a137552f5a0b62e837c703f
0851b1e41403e40f05f04e9cde44f92f667a41602bbd875844636509500313ad
088ab1707f3ca311e115c52baa1865c7152f08e536a84ff7d1dca4801436142c
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c010c7addf379872a7dcfda9d1f65f8d1156495ce88eb27155a8e3fe20b3842
0dd3a03081b692553e19db276fa5683b765278b15489bfffec5d1793d17d0a41
0e46601f06360953631305662978d70135b10b6de63328498c176a52df77a22b
0f6b70839543f9ee1ef58b6353dfbc8861293d3af789e435cf4b8e8fca108650
10149e81621b3a46836cd42ffe55748208254e3054a3013cbd6dc6b9d593521d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1bfc9725a40baa479497ea187462dc25033038234f0a6e8058e95cc1aa107cd5
1c22922a7b93dd7b7559c551d903a373800765ccdf80c42b04158bf952ec0931
1ca3f1482a2af677a77209191c3923b91320ee1a27880e9060c5a00552eca77a
1f25db87d77610f309ab941ff76ce47e1e2a8a96e19d6827ed76e30d51915e7e
210fc56d486da54979814f840551eb24c6aa485aa28bab01010efd4d637501ac
2119ec82a5e0b3e8390a7abcb45a77f87f7540f39813eef60f769f688f13c2ac
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
24cfa815e675621b16b7e1c89c0db7d3ff93eab7f758f2c885f478ae9e8a992f
2c2210f87e564b9f117ad40e2cb2f666828d11dbb947bc4304e368b9d5e247ee
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ebbfdf48dba8589046bfc308222df6c77cbe6da907ad2391ce8f0c869826c44
2f4477d365125ab8f44bb1c9908932ed5e5a77be77ee227022112de0e04f0d77
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3131cce63fe43e001b37c9c65a5d8ce1c68534ff20fa7b2de462955372565ed7
366b314f1e0e2939889fc4cadc1dea6871a88c45651af32f951affa88058c370
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36ed919e9b606d9ea9788db0ccebe8336407757aaf9d12a0b44ce0d712567676
3a110de3c15820e188a11e96b803d8e5bbfa350c3e47029ca15951eb9039ab25
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43462e6543c198c2624596dabf4c0dcb86148b44dfd6aae92b28396b4808d6f5
47ba98583fd2ec1fea9c7b276da4b608b7174b6531349c44557fca1bc5b75946
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f25af342124d142dd99b5b3a4b90e660cd4b96dc7c2bf4e54c1a802cc93d521
4f3588c6fe1e75d771538c71a2e54ab29eb9be802e0c2b28f1767a0b01b2bca6
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51d37de28441f112ef4cb07a881a3608d7832876e20cfcb545342ee62e7acbb9
51e9647a4b998eb6ac2dbaae2f5ab91304026a8ad66c24f70d4f0eb53cf6cb94
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
57ed75edd61eb5ea1ef9882d3775463adaa5a2af7731a75f77b23e6822bab967
59e8f33be46fb7a03d8db862b344a3e581550c8d38e0a28345be72de04a6c0e1
5b5a73f77cadd94c8d57b9d98350ae008d3b36a35faba6b5dcd570145603e425
5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266
5daa36e8a9f6540b5076591de86299aaeb4534c48344bc7e15e4c85e26825503
5eec986a1a8406f32fee23f6f6805e779dbcc85881d0c25422947e3ecb0c7934
5f4752d2e40d18d374155b6d069527118b15e4c96d794c679b8d7a1b5905141d
61bdafe3b7394bada6486525f18d5951b903ca6a086183e640a009701f8e41a4
62ebdd655eb7d82324ded1127e184b1f4a65132a2b4f5ba0e113d3b65cc47b61
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
683d89b8c6998f15933616acdfadd39a1f14f2d184114f98169aad11f9c37b93
6917e9cd80086d1b54b01dcb644a1a620c10b4cb242276b082ba398097b00ab0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c35297a910f397f59fb1464703f600432a7f323721a2e83baa417960e3ec89f
6e64f5a628213d3f2c82270b7eacba5376b07efc8281505877ca1e9f7424665d
728f20edf867007be9282fc04630e90fb75db09116d466a1cdcdf1a8e6c4daea
735896fb65aadc7751e4ce6bcd629f399f4f974cc9e36bab715e2a4536238609
74e2f67b2e01784c7c2da00462a6d03dbc788a7a6e3209b1fbd5c3e28cecac6c
76bc25cb50d7e17848d8f813be27d6537df68e7675dd16c8dc26880d474ebf88
76e98024a3a87047a31d769777e6a488faacadd5bdfd6d847b56c7dbe872e845
77b5b884b778ba935007089f641a2c861f8e0bf4050b7e3a5dde5df97b446cbb
79a8af5637afd2e8c84967b6fd4897802e7e9d83a4177a3386e706f7dad5e1c9
7b99dba2222f2b926849c69c8b28fce63a6dc664eb3ca391ed780a11fbb15c86
7d9a333b16da5feea1999073314e620c2fd81ae28633fee9b4db28dd58a1feee
7f0690cc7aa3e0a4f7ad0894766c1db5c291fb1d4840bfe4ab91cb393b77a608
7f36b2875777c49183652c7ae0e44baa446d5fc15b7116f9cfb2950d4deffa2a
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8768bd4cdde9f5ebc42eea6da4611396bbcac9483af55db12c054eb196031f09
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8bc7b96d982daa6d6ec1dab06959f5441127cb4bc452b937fa757c36323793df
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
902dafac434d2b1ec6c3b4dc8ca3808b9668b600b4f40ad347c59df3bd40d61a
917f98718be3f2f3d9ce55e6c9cce3e7fe206f956d38a401dcaad887af9ee84d
91d6e0ff7543c949708c5bc62d02309bb1ab65b5e2919dd6b8ca2c7c75ad59be
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
95e654623f8bf86d0d14230196d28b6a3be88ee07adff9c74c268a930840ccc8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
998b049e731114e2fa35d65f23fc6e6e153249a4ef328912e3c7c49546e2d207
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a22a74098701fdfaa1bf3e19429ef71c637092db21de493f465187657acaa7e8
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c76a6925fa5440c968fbf2455acf8209202ecb5ad6e83d4c2439e870d13e54
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a66e9526c9030932376432303a07a4965edf912547a8291cf7ba3190c105473f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ad4a79d3326f422fcc078f71bc33a838628f00c3faed2adffa17c2d312323282
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5fafddb156cd75bb2dbad89c3d9fec14d1b04a4ae3906d674e58536b8702d2e
ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c
baf4d2f145f24a01de263e63c1d98b3aab2493451434e8eaa4d21f16a81e9e7a
bba69f0b413bc0844b075dbf4458ac9c22fe1944d9a0306738f6600da846bc8c
bfdb2bb924f18d7a1b89f45c9d633b1318f548d4edbc0256cbc66e42c2963643
c20fb3853e78f1fd105254860320de5dba68c02eccade762896c91c205954a98
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b2ee19ddc39dbb5bf02c85bfd83fda0ca700d83dd6c8d0e1165edd41d97132
c2ebd7fb391f05c5bacb2e0009ada95214f5e37215d7725dff4ce93bc2883754
c3c53c6aad42cfdbe3c890ca6077e756415dd037d1739b7507397771ff70645c
c4481c6ba547aa86d92e597f2ea20af2fa8f5437b6071df41fc8ed78cd8d9f74
c4d91aaa775dcd14f48169022eeebdf3e473e48b280608c2b6b28cfeb54f7cfc
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c68cb24ea61332edbefc27e5539b4f295b55bdbb79db6411d1afb494f2804bec
c69435fcba942007ec9cedfdf08ca71a69549016924283e651297a9af5d5328c
c89bcfa59f8de13beef845c90a489712357bdbed589cc3a92c3d32329d1762ce
c8ea95fa2eeaae1adb90212ad254536a1b7a1b59ee601b7187ff5c9ffc41d75d
cca5b1c563e57ca5919f88623b8fd684476a2b74a83f5138ef51d198a6c2bb06
cdefaf3a7c60b6d05ad52853a8394cb0ff610dbb13d32a540ef824ef0be04584
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10a1c4a1066db16cbaefa8683918f019309914d991a1ca29775e3825f9c10ed
d3a9534e5306171ff4ef96f0625b0663dbd52206a93b523423c1cbcc5bc811a3
d97e6492cb9d2678edba3bebd34967fd593eeca64f1c268e2c3008440cb0206e
d9dc1f3e6ca5e3300b0dd29ceb4b7c57a248da5b0b249e6e14b48b175fff39ac
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8edc5f5bcca05c6f4a78daf2f0a285f3a04908e6ef4c3ae7c6283f353beaa12
ea7f5b9f529ef3927267e3206e949b001fbe9a5d41dc531d04980c0e9d0a66bd
eaa8fcd4f239ac70701608439205111eb3978ffa456c64d2f08e11b05dbb3a77
ebbbb755aa2e45ce51fe5f033092cd22dd83e4458798d4fd878634d2d53c62ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2ecb1fa9b7606ca79c074ee54fad0a12d74100ac3b45551665f84dc07c9b365
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5
f6a52fcf29e406935d551573f714d9f200f7bd8e8ca6b3e2a9d3992cd3656cb4
f6f23d0570533daf7876fc0365d004517a08171a0e67f4149e595e9e7b2bade3
f7ea83889ad14b01ee22077e29d32c65409dd8322ac170984794148b9cdc4306
f82fb7a91781ccc799972e3e565b454c194c1c305e78f2e0ba2e4be7b84ce7bf
f85077bfa2a9f9bab8fe9fbaad5efd74165ebcbe3f32fb422c7d7b548a482e96
f8bd42a4ccddd70adda016d0b8f9e0fa3163ccd7c9422ab321aa45fa7cdf31ec
fdbb89b42e298a47214f0e32c0496284d6360a967f9b71bda4f161ee9889dc2c
fef13545aa4e3bf521c736d0aecd1accd5d22efe97668192a14e6a284e7d51d4

www.cifraclub.com Open in urlscan Pro 2.16.186.17 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

233 Requests

87 %HTTPS

33 %IPv6

68 Domains

111 Subdomains

79 IPs

9 Countries

1905 kBTransfer

5378 kBSize

36 Cookies

23 Outgoing links

Page URL History

Redirected requests

233 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cifraclub.com Open in urlscan Pro
2.16.186.17 Public Scan

Screenshot
Live screenshot

Full Image

233
Requests

87 %
HTTPS

33 %
IPv6

68
Domains

111
Subdomains

79
IPs

9
Countries

1905 kB
Transfer

5378 kB
Size

36
Cookies

233 HTTP transactions
1 data transactions