URL: http://ares02.caferadib2.click/
Submission: On October 12 via api from US — Scanned from US

Summary

This website contacted 28 IPs in 2 countries across 23 domains to perform 68 HTTP transactions. The main IP is 66.220.23.67, located in Castle Rock, United States and belongs to HURRICANE, US. The main domain is ares02.caferadib2.click.
This is the only time ares02.caferadib2.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 66.220.23.67 6939 (HURRICANE)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 52.85.132.25 16509 (AMAZON-02)
3 35.201.71.192 15169 (GOOGLE)
12 151.101.64.176 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:20e... 16509 (AMAZON-02)
1 3 18.65.39.70 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
10 54.186.23.98 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
3 108.138.109.24 16509 (AMAZON-02)
2 2620:116:800b... 14618 (AMAZON-AES)
1 2 2600:9000:208... 16509 (AMAZON-02)
1 23.217.153.125 16625 (AKAMAI-AS)
1 108.138.128.46 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 54.91.220.167 14618 (AMAZON-AES)
1 3.223.138.69 14618 (AMAZON-AES)
1 141.95.98.67 16276 (OVH)
1 2001:41d0:701... 16276 (OVH)
1 162.19.138.116 16276 (OVH)
1 52.39.215.30 16509 (AMAZON-02)
68 28
Apex Domain
Subdomains
Transfer
21 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2689
q.stripe.com — Cisco Umbrella Rank: 23069
r.stripe.com — Cisco Umbrella Rank: 8728
m.stripe.com — Cisco Umbrella Rank: 2266
307 KB
8 pub.network
a.pub.network — Cisco Umbrella Rank: 8178
d.pub.network — Cisco Umbrella Rank: 8811
c.pub.network — Cisco Umbrella Rank: 8902
410 KB
5 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 3642
apis.cmp.quantcast.com — Cisco Umbrella Rank: 9105
46 KB
4 caferadib2.click
ares02.caferadib2.click
1 MB
3 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 391
49 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 218
3 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2869
17 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1743
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1864
593 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1477
id5-sync.com — Cisco Umbrella Rank: 642
17 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1563
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1096
10 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1200
2 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1449
pixel.quantserve.com — Cisco Umbrella Rank: 683
10 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
130 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 4219
87 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
359 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
106 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 2197
17 KB
1 btloader.com
btloader.com — Cisco Umbrella Rank: 1979
104 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 10416
463 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 228
28 KB
1 gstatic.com
fonts.gstatic.com
13 KB
1 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 874
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
1 KB
68 23
Domain Requested by
10 js.stripe.com ares02.caferadib2.click
js.stripe.com
6 r.stripe.com js.stripe.com
5 a.pub.network ares02.caferadib2.click
a.pub.network
4 q.stripe.com ares02.caferadib2.click
4 ares02.caferadib2.click ares02.caferadib2.click
3 apis.cmp.quantcast.com cmp.quantcast.com
3 c.amazon-adsystem.com a.pub.network
c.amazon-adsystem.com
3 sb.scorecardresearch.com 1 redirects a.pub.network
ares02.caferadib2.click
2 m.stripe.network js.stripe.com
m.stripe.network
2 c.pub.network a.pub.network
2 rules.quantcount.com 1 redirects ares02.caferadib2.click
2 securepubads.g.doubleclick.net www.googletagservices.com
2 cdn.confiant-integrations.net a.pub.network
cdn.confiant-integrations.net
2 www.google-analytics.com www.googletagmanager.com
2 cmp.quantcast.com a.pub.network
cmp.quantcast.com
2 www.googletagmanager.com ares02.caferadib2.click
www.googletagmanager.com
1 m.stripe.com m.stripe.network
1 id5-sync.com cdn.id5-sync.com
1 pixel.quantserve.com ares02.caferadib2.click
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.id5-sync.com ares02.caferadib2.click
1 tags.crwdcntrl.net ares02.caferadib2.click
1 secure.cdn.fastclick.net ares02.caferadib2.click
1 secure.quantserve.com a.pub.network
1 btloader.com ares02.caferadib2.click
1 freestar-io.videoplayerhub.com 1 redirects
1 www.googletagservices.com a.pub.network
1 fonts.gstatic.com fonts.googleapis.com
1 d.pub.network a.pub.network
1 static.hotjar.com ares02.caferadib2.click
1 fonts.googleapis.com ares02.caferadib2.click
68 33

This site contains links to these domains. Also see Links.

Domain
tinyurl.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-16 -
2023-05-16
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2
2022-03-19 -
2023-04-20
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2022-08-31 -
2023-01-10
4 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.cmp.quantcast.com
R3
2022-08-22 -
2022-11-20
3 months crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-06 -
2022-12-07
3 months crt.sh
*.confiant-integrations.net
E1
2022-09-26 -
2022-12-25
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
*.eu-1-id5-sync.com
R3
2022-08-18 -
2022-11-16
3 months crt.sh
*.id5-sync.com
R3
2022-08-18 -
2022-11-16
3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-15 -
2023-01-26
4 months crt.sh

This page contains 4 frames:

Primary Page: http://ares02.caferadib2.click/
Frame ID: CD7E500A94666C17B6CB6DFCF81121A8
Requests: 47 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-1b787f84f3d3c590bab2c2fcad7d6409.html
Frame ID: 7FFE928F987288E28F3D611DC143F59A
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-92174f9de8d9a1ad86bf34fedf0bf9ce.html
Frame ID: 5B5363E493385CA5F0CCF7A94530FD77
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 05C1283BEB5FAAD1E11C79DDCCF9905E
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

TinyURL.com - shorten that long URL into a tiny URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

68
Requests

81 %
HTTPS

52 %
IPv6

23
Domains

33
Subdomains

28
IPs

2
Countries

2787 kB
Transfer

6625 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 35
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1665590783672&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=10&cs_cmp_sv=44&cs_cmp_rt=0&c7=http%3A%2F%2Fares02.caferadib2.click%2F&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1665590783672&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=10&cs_cmp_sv=44&cs_cmp_rt=0&c7=http%3A%2F%2Fares02.caferadib2.click%2F&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9=
Request Chain 40
  • http://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js HTTP 301
  • https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Request Chain 43
  • http://cdn.id5-sync.com/api/1.0/id5-api.js HTTP 307
  • https://cdn.id5-sync.com/api/1.0/id5-api.js

68 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ares02.caferadib2.click/
22 KB
24 KB
Document
General
Full URL
http://ares02.caferadib2.click/
Protocol
HTTP/1.1
Server
66.220.23.67 Castle Rock, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software
lighttpd/1.4.55 / PHP/8.1.10
Resource Hash
f8f5c8cf1aa5731b6817e50585d7295cb6ba972c4a562daad132edb971edd5f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
close
Content-Language
en
Content-Length
22650
Content-Type
text/html; charset=UTF-8
Date
Wed, 12 Oct 2022 16:06:21 GMT
Server
lighttpd/1.4.55
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/8.1.10
X-XSS-Protection
1; mode=block
front.css
ares02.caferadib2.click/css/
481 KB
482 KB
Stylesheet
General
Full URL
http://ares02.caferadib2.click/css/front.css?id=6890d080d2b03ea4d836426a8f34abf4
Requested by
Host: ares02.caferadib2.click
URL: http://ares02.caferadib2.click/
Protocol
HTTP/1.1
Server
66.220.23.67 Castle Rock, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software
lighttpd/1.4.55 /
Resource Hash
00c88d374107d1ea175fe68045b88c424445ce5b3d19fcffc5e66c00c956e9ad

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 16:06:21 GMT
Last-Modified
Tue, 04 Oct 2022 10:18:17 GMT
Server
lighttpd/1.4.55
ETag
"1598066530"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
492930
app.js
ares02.caferadib2.click/js/
920 KB
920 KB
Script
General
Full URL
http://ares02.caferadib2.click/js/app.js?id=9cd5ba620c5d67cc94fc9b64c604ceb3
Requested by
Host: ares02.caferadib2.click
URL: http://ares02.caferadib2.click/
Protocol
HTTP/1.1
Server
66.220.23.67 Castle Rock, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software
lighttpd/1.4.55 /
Resource Hash
12874ffeed1e94a43f9d977d6f88a6dd56e8fe6ed08682a7d682e468748709ec

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 16:06:21 GMT
Last-Modified
Wed, 05 Oct 2022 17:01:45 GMT
Server
lighttpd/1.4.55
ETag
"4174284541"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
941827
cls.css
a.pub.network/core/pubfig/
2 KB
1 KB
Stylesheet
General
Full URL
https://a.pub.network/core/pubfig/cls.css
Requested by
Host: ares02.caferadib2.click
URL: http://ares02.caferadib2.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d510e16e6e569e573980fd67a55221795d539fd56688ecaca8d284255e86ee6

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:06:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1705
x-guploader-uploadid
ADPycdsbWBblthFqqCyoYTif87W455jLSP2vjsL_eECugflLqxZiH6_KHSECEKeMRE1j-3s1e8DbGmXP8bvkMutFBvZX
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 11 May 2021 20:31:48 GMT
server
cloudflare
etag
W/"2ad42c99ece77b46e5a42a85207a3750"
vary
Accept-Encoding
x-goog-hash
crc32c=kjwd8A==, md5=KtQsmezne0blpCqFIHo3UA==
x-goog-generation
1620765108454625
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBZMFod2bZ6zVgkdhWdk%2FYv9W2uEs6hCT%2Bm1hyn%2FqLZMRkvMuxrpgAt0eOKUqhw5XezE0%2Fpme42h5lqAWVYggQtVINZVpUNc8wzCpQTXty1V1Bg3b86yb%2Fsc95gkTeQMVNSyelXFG87S%2Fzg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
1752
cf-ray
75911511d8681861-EWR
expires
Wed, 12 Oct 2022 16:01:45 GMT
pubfig.min.js
a.pub.network/tinyurl-com/
146 KB
55 KB
Script
General
Full URL
https://a.pub.network/tinyurl-com/pubfig.min.js
Requested by
Host: ares02.caferadib2.click
URL: http://ares02.caferadib2.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c68a16e0e8c3237b6bd87d7d131456d3cbfa421c01518cbd38c9efa2e59241d

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:06:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66493
x-guploader-uploadid
ADPycduI0WK1_sVAAbO7JdrkwakkBv01TCuxBbmeFLkfpNaaaTNzYkqtJwh1MOpZ1V7RqsaBFlb54T2KR3uAcI92_0mX-vx894ag
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Tue, 11 Oct 2022 13:41:57 GMT
server
cloudflare
etag
W/"332fa8e4c64bad5c080c8f9803b45bac"
vary
Accept-Encoding
x-goog-hash
crc32c=mUnp+A==, md5=My+o5MZLrVwIDI+YA7RbrA==
x-goog-generation
1665495717538119
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x51Y3LX7TcvPNgZtIz4MFlC08lqQLAs%2Fg%2B%2Fc4gFbM2ktHdOqID4kj0nMUeR8IU2E2iPf3KzwSBMML4ysVry9ZLKJEzxvJh%2BiyKL5DyGz5TntQFfb9baqVrxX3p8lv8M%2BmuVRXHTPB0EZbFs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
149754
cf-ray
75911518ef701861-EWR
expires
Tue, 11 Oct 2022 21:38:49 GMT
gtm.js
www.googletagmanager.com/
96 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5C3DL4X
Requested by
Host: ares02.caferadib2.click
URL: http://ares02.caferadib2.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e4219794143fc62ce29078d1fbdd852b2157865c968f8c36cc0d7825fd5d83ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:06:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38184
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Oct 2022 16:06:22 GMT
css2
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Bungee&family=Montserrat&display=swap
Requested by
Host: ares02.caferadib2.click
URL: http://ares02.caferadib2.click/css/front.css?id=6890d080d2b03ea4d836426a8f34abf4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b86e53804a765565afa03dccaf776881947ccaaa4a6506bbbafa420bfa5b75f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 12 Oct 2022 16:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 15:23:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 Oct 2022 16:06:22 GMT
hotjar-2976777.js
static.hotjar.com/c/
5 KB
3 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-2976777.js?sv=6
Requested by
Host: ares02.caferadib2.click
URL: http://ares02.caferadib2.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-25.iad50.r.cloudfront.net
Software
/
Resource Hash
3cea5c00d31d21ef821cf0a53f2c9227ab8aca70d30b56d8b3a90789e40fc173
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Wed, 12 Oct 2022 16:05:57 GMT
via
1.1 c57d1eb27f41d3e95fc5060845849c06.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD50-C2
age
41
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/3a480766d0b89ebe82cc829abcb37297
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
YSo3e9oCYIDrfxyDBGEdDDEgOpUr50Y1jmoojQP6mrKZ-DCNFFql6Q==
init
d.pub.network/v2/
40 KB
6 KB
XHR
General
Full URL
https://d.pub.network/v2/init?siteId=3163&env=PROD
Requested by
Host: a.pub.network
URL: https://a.pub.network/tinyurl-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
8dfdb44523e0b6f8b091e5edb2dbc449282e013b9b5866aa104867d5964ebf34

Request headers

Accept
application/json, text/plain, */*
Referer
http://ares02.caferadib2.click/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:06:23 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
http://ares02.caferadib2.click
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
js
www.googletagmanager.com/gtag/
191 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2PJZZW5GKP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5C3DL4X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cec876ea12bf674d7b54bd8ac4bde5e0ccd8ebab977364d629fe62b3fe2576ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:06:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
70079
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 12 Oct 2022 16:06:23 GMT
state
ares02.caferadib2.click/app/api/
72 B
2 KB
XHR
General
Full URL
http://ares02.caferadib2.click/app/api/state
Requested by
Host: ares02.caferadib2.click
URL: http://ares02.caferadib2.click/js/app.js?id=9cd5ba620c5d67cc94fc9b64c604ceb3
Protocol
HTTP/1.1
Server
66.220.23.67 Castle Rock, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software
lighttpd/1.4.55 / PHP/8.1.10
Resource Hash
38d8511edbc029729dcebd0d2d5491612ab9bb4721b1f54ab84415b35aa91558
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ares02.caferadib2.click/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 16:06:23 GMT
X-Content-Type-Options
nosniff
Server
lighttpd/1.4.55
X-Powered-By
PHP/8.1.10
X-Frame-Options
SAMEORIGIN
Content-Language
en
Content-Type
application/json
Cache-Control
max-age=0, private
Connection
close
Content-Length
72
X-XSS-Protection
1; mode=block
v3
js.stripe.com/
360 KB
87 KB
Script
General
Full URL
https://js.stripe.com/v3
Requested by
Host: ares02.caferadib2.click
URL: http://ares02.caferadib2.click/js/app.js?id=9cd5ba620c5d67cc94fc9b64c604ceb3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
dcdbb3db33af86248df80e58aa04f833a8ea2ca8d67fbfb264d6788b1c2ef397
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 12 Oct 2022 16:06:23 GMT
via
1.1 varnish
age
2
x-cache
HIT
content-length
88541
x-request-id
e189064b-84d8-4e2c-9bf7-1db6ca50063e
x-served-by
cache-ewr18121-EWR
last-modified
Tue, 11 Oct 2022 22:24:07 GMT
server
Fastly
etag
"12f0dfad0ea9348fea4459bda3742ae1"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/
12 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bungee&family=Montserrat&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://ares02.caferadib2.click
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 10:57:08 GMT
x-content-type-options
nosniff
age
364155
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12708
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:55:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Oct 2023 10:57:08 GMT
choice.js
cmp.quantcast.com/choice/wZt3yQfgdwnz-/tinyurl.com/
5 KB
2 KB
Script
General
Full URL
https://cmp.quantcast.com/choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2
Requested by
Host: a.pub.network
URL: https://a.pub.network/tinyurl-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:ee00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3dc2024d040e9fd2c86538442752902779b5db67377a394482fa58766abf8ee5

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:05:49 GMT
content-encoding
br
via
1.1 235099561ba63a2b7662a2b20d9ac036.cloudfront.net (CloudFront)
last-modified
Tue, 13 Sep 2022 14:22:31 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
43
x-amz-server-side-encryption
AES256
etag
W/"9b1bcf279ce40fabb7d1a9fa392e9538"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
cDi3sEcWQefm5UuySLIdBJH8iZiG4n9y7r4eZQeou89-inec-bYYhw==
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/tinyurl-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-70.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 05:57:34 GMT
content-encoding
gzip
via
1.1 acee7e60faaea7b7699fe033930a0164.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
36841
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
IFj_FFhrQ7hUSt01TgUMAgIrXYnsNQYyGMLGfoe_pyryws226SE0GQ==
pubfig.engine.4.34.0.62a5f358cf8a80857c127e6e18bb326ea3afc819.js
a.pub.network/core/pubfig/
432 KB
130 KB
Script
General
Full URL
https://a.pub.network/core/pubfig/pubfig.engine.4.34.0.62a5f358cf8a80857c127e6e18bb326ea3afc819.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/tinyurl-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffa1ef3b6065995f2c73fb5bc9c3bb98f7f6109ffa646ae304128abbb594aa7d

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:06:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66524
x-guploader-uploadid
ADPycdtiNIdSkH11BM56iKA7LlJcWTt9zSi6YdqAZ9dO-Iez8Y9B2wswFWZ9sDmAOpwulmrnl0qAnC4JTf-r27nJ_1eo1yOBhTLi
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Mon, 03 Oct 2022 15:09:40 GMT
server
cloudflare
etag
W/"e3b2e2ba031cf970277911c7451a340c"
vary
Accept-Encoding
x-goog-generation
1664809780243767
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=ooZLNg==, md5=47LiugMc+XAneRHHRRo0DA==
access-control-expose-headers
*
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q17i26%2B%2FzE11ewUEj3DB1mmzor5FMIovewtKCgVC6cOR0mWPn0fsdvcKlctbvC1KbGvu8QaH73VPiexjlAFcmmuwRfWje73iInP0Gq4KLtk%2FVZXjSV0v1OKG6YW7RSvUv5A33bMA99iNxXc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
442076
access-control-allow-origin
*
cf-ray
7591151b2c2d1861-EWR
expires
Tue, 11 Oct 2022 22:37:36 GMT
collect
www.google-analytics.com/g/
0
342 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2PJZZW5GKP&gtm=2oeaa0&_p=1765367708&cid=633027957.1665590783&ul=en-us&sr=1600x1200&_s=1&sid=1665590783&sct=1&seg=0&dl=http%3A%2F%2Fares02.caferadib2.click%2F&dt=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2PJZZW5GKP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 16:06:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://ares02.caferadib2.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cmp2.js
cmp.quantcast.com/tcfv2/
177 KB
43 KB
Script
General
Full URL
https://cmp.quantcast.com/tcfv2/cmp2.js?referer=tinyurl.com
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:ee00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0cf2b7289702dca0ff5503e0240839328d81248f9c64914e7c691fefda11c482

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:06:06 GMT
content-encoding
br
via
1.1 235099561ba63a2b7662a2b20d9ac036.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
28
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 14 Sep 2022 18:13:50 GMT
server
AmazonS3
etag
W/"6835d12405de8533286f8684cb7a484d"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
x-amz-cf-id
mZO7hjft8KtyrlBnYE24tMFRqUmGc51sSCxUqJYNCga3ZB2QhFWBFA==
controller-1b787f84f3d3c590bab2c2fcad7d6409.html
js.stripe.com/v3/ Frame 7FFE
297 B
665 B
Document
General
Full URL
https://js.stripe.com/v3/controller-1b787f84f3d3c590bab2c2fcad7d6409.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e29fa745a0f082d0ab00b94a43d3fe4d24a63bb9243858e3a94550e55146a421
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://ares02.caferadib2.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
26
cache-control
max-age=60
content-encoding
br
content-length
142
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 12 Oct 2022 16:06:23 GMT
etag
"1b787f84f3d3c590bab2c2fcad7d6409"
last-modified
Tue, 11 Oct 2022 21:52:41 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
8
x-content-type-options
nosniff
x-request-id
84932ae3-f7e7-42af-a0b2-af6ac0bf9680
x-served-by
cache-ewr18121-EWR
csp-report
q.stripe.com/ Frame 7FFE
0
571 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: ares02.caferadib2.click
URL: http://ares02.caferadib2.click/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 12 Oct 2022 16:06:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
shared-3026ee2be9cc42ca7afa79af50b21761.js
js.stripe.com/v3/fingerprinted/js/ Frame 7FFE
319 KB
73 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-3026ee2be9cc42ca7afa79af50b21761.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-1b787f84f3d3c590bab2c2fcad7d6409.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
4ad5fc194ea52158c3fc470f84bbe08e4072f687c49ad39ddde87184478a679a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/controller-1b787f84f3d3c590bab2c2fcad7d6409.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 12 Oct 2022 16:06:23 GMT
via
1.1 varnish
age
65525
x-cache
HIT
content-length
74736
x-request-id
c33ef012-81ce-4829-b2bd-31daca0e3a44
x-served-by
cache-ewr18121-EWR
last-modified
Tue, 11 Oct 2022 21:52:52 GMT
server
Fastly
etag
"eadacc3cef52e65d78ce913ae1ec72d9"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
6579
controller-a1f509ee2eb1b4ed7b59839dbc07bbe7.js
js.stripe.com/v3/fingerprinted/js/ Frame 7FFE
369 KB
93 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-a1f509ee2eb1b4ed7b59839dbc07bbe7.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-1b787f84f3d3c590bab2c2fcad7d6409.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
43e8d135b7de44aa2ac7100af30b88b61753e422aabaa3921f7ac447983c08ad
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/controller-1b787f84f3d3c590bab2c2fcad7d6409.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 12 Oct 2022 16:06:23 GMT
via
1.1 varnish
age
65525
x-cache
HIT
content-length
94570
x-request-id
e666fe2e-3397-4d0b-a596-d2840f8bccbd
x-served-by
cache-ewr18121-EWR
last-modified
Tue, 11 Oct 2022 21:52:50 GMT
server
Fastly
etag
"c50ebe2fa5bb93bd3885e5f108463e2b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
6359
config.js
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/
88 KB
20 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.34.0.62a5f358cf8a80857c127e6e18bb326ea3afc819.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
025ddcf95f3e6e2397944edc3544c30e75e55ce591ca3b54e6fd60a6ebe2ee53

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:06:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 15:11:56 GMT
server
cloudflare
x-amz-request-id
F3F4D61XEYSQY811
age
189
etag
W/"169b61343c9e99fa5143ab4816ae314a"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7591151d5dffc47f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
T35A45g5KNphJppxMks/P3RYqmabOzbG/OUglFRGWys5G+Z3HvLgMs4X9+E8n2jsiShUovgdUQQ=
gpt.js
www.googletagservices.com/tag/js/
79 KB
28 KB
Script
General
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.34.0.62a5f358cf8a80857c127e6e18bb326ea3afc819.js
Protocol
HTTP/1.1
Server
2607:f8b0:4006:807::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df7a24e63a6318e0d8f74ed2b504486034f9c26993de8d78aaff4fa4ca00627e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 16:06:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1361 / 906 of 1000 / last-modified: 1665590172"
Vary
Accept-Encoding
Report-To
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
27728
X-XSS-Protection
0
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="ads-gpt-scs"
Expires
Wed, 12 Oct 2022 16:06:23 GMT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
868 KB
104 KB
Script
General
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Requested by
Host: ares02.caferadib2.click
URL: http://ares02.caferadib2.click/
Protocol
H2
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a851b7558a43873d2bf57f53e41a176f2178e50a13976ea5e6fa4670d0d93642

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:06:23 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 15:21:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2708
etag
W/"c297a813fdd21fce8205dffc8d54a5ee"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYYYIVnl%2Fiummb2rfmQ83GEuVaYuDISCEiJndHwc7ivJG2jf3wiy0z1LBVo7YPTweFCbfXPzNha6%2BYyIyaIKnn5B3dGM62FyvKH1%2BtEevYCHAD8i7lyarvSf0R9OW%2Bb12u7%2FRxn1eRbGRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray
7591151dff01199d-EWR

Redirect headers

date
Wed, 12 Oct 2022 16:06:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhPryRjA6FzKwSMmJzx3p3gMLQnS0aEHEDBJ3bwuN2rtATmy9Tl6OGqy9x2iAnPWwLbc6C8y1bW3Gbud3X%2B%2BaeEih4NnyZo90FsA%2Bxr0iboVgmCoaPFHAvGh%2FeKM5ZvCTWpsPULE6WT2wTY0oVQLeEO61doMQ%2B9rsd1EZA%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
7591151d5ef48cb3-EWR
expires
Wed, 12 Oct 2022 17:06:23 GMT
prebid-analytics-6.19.13.js
a.pub.network/core/
533 KB
150 KB
Script
General
Full URL
https://a.pub.network/core/prebid-analytics-6.19.13.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.34.0.62a5f358cf8a80857c127e6e18bb326ea3afc819.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70fbc2bab5280ce8aa1b20c58a0df76cfaff01701e7f99f5216a986714955f5d

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:06:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66526
x-guploader-uploadid
ADPycdvyhEK430ciOYt7rg-doK2or2I8xtmQRTWzWLJ13qWXGdvJFKvbFHbLE506BxHAPvwSWsQu8XrDOrVm2HAGGeEWbhdWtZU1
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Tue, 28 Jun 2022 15:25:08 GMT
server
cloudflare
etag
W/"b8b371d9c59a412918c1649c4ab4fa8f"
vary
Accept-Encoding
x-goog-generation
1656429908313193
content-type
text/html
access-control-allow-origin
*
x-goog-hash
crc32c=xBWN/w==, md5=uLNx2cWaQSkYwWScSrT6jw==
content-language
en
access-control-expose-headers
*
cache-control
private, max-age=86400
x-goog-stored-content-length
545828
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PV5hvtzUCMibEACNnmretg1B%2Fo9ImOGzrWey76coaFlTz7%2BDaQQUAQR%2FjNcTcvxdypCSISjjIInpjfqxZi2ddtUvBNKrso0XdWGF%2BmvLgtVjONJ2EmruG55sZvSt8R%2BCB8Ge8HalNCXGCA0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7591151c6e841861-EWR
expires
Wed, 11 Oct 2023 21:37:37 GMT
1489-8b86da401d493fc7478fbafda5019691.js
js.stripe.com/v3/fingerprinted/js/ Frame 7FFE
231 KB
47 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/1489-8b86da401d493fc7478fbafda5019691.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-a1f509ee2eb1b4ed7b59839dbc07bbe7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
369b0ad32cb6966ef124ab33c4187f851c987e29d5c21d7d3aa47a140ab18429
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/controller-1b787f84f3d3c590bab2c2fcad7d6409.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 12 Oct 2022 16:06:23 GMT
via
1.1 varnish
age
1720368
x-cache
HIT
content-length
47921
x-request-id
c94339c4-2f55-47e8-ae3e-70f6a7f5b9c3
x-served-by
cache-ewr18121-EWR
last-modified
Mon, 19 Sep 2022 14:35:58 GMT
server
Fastly
etag
"ab675b71d19378124fcdf3c0f6dad353"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
18031
phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js
js.stripe.com/v3/fingerprinted/js/ Frame 7FFE
2 KB
1 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-a1f509ee2eb1b4ed7b59839dbc07bbe7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/controller-1b787f84f3d3c590bab2c2fcad7d6409.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 12 Oct 2022 16:06:23 GMT
via
1.1 varnish
age
1720340
x-cache
HIT
content-length
770
x-request-id
ddb8ed34-32a4-429e-9e15-9f7723df0e1f
x-served-by
cache-ewr18121-EWR
last-modified
Fri, 02 Sep 2022 18:36:32 GMT
server
Fastly
etag
"f1717e2e478c68d16ccd7b37768700be"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
17454
.deploy_status_henson.json
js.stripe.com/v3/ Frame 7FFE
474 B
607 B
Fetch
General
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3026ee2be9cc42ca7afa79af50b21761.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ae50e7801602c609f7c4b4853d4795c7da907b011a694d06aa524cf443ab9b8c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-1b787f84f3d3c590bab2c2fcad7d6409.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 12 Oct 2022 16:06:23 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
13
x-cache
HIT
content-length
296
x-request-id
4e33d0f5-9a0c-4f74-9cc1-e265ff567cca
x-served-by
cache-ewr18176-EWR
last-modified
Tue, 11 Oct 2022 22:24:08 GMT
server
Fastly
etag
"b7e1a48dfd18cf3bf364ef99b99e4bb4"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9
0
r.stripe.com/ Frame 7FFE
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3026ee2be9cc42ca7afa79af50b21761.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Wed, 12 Oct 2022 16:06:23 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 7FFE
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3026ee2be9cc42ca7afa79af50b21761.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Wed, 12 Oct 2022 16:06:23 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 7FFE
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3026ee2be9cc42ca7afa79af50b21761.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Wed, 12 Oct 2022 16:06:23 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
pubads_impl_2022100402.js
securepubads.g.doubleclick.net/gpt/
380 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c3c648447514db2f2f7c8f04b3ac0b1cf1e8ea00fe8c743f427f63d938a198c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 19:41:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159895
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131498
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 18:24:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 10 Oct 2023 19:41:28 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
45 B
694 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ares02.caferadib2.click
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77d41d6b2c4c5606123e4646e579c8d7efda8b52387448e308579c13cb980f84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58
x-xss-protection
0
expires
Wed, 12 Oct 2022 16:06:23 GMT
0
r.stripe.com/ Frame 7FFE
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3026ee2be9cc42ca7afa79af50b21761.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Wed, 12 Oct 2022 16:06:23 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202210031351/
208 KB
67 KB
Script
General
Full URL
http://cdn.confiant-integrations.net/gptprebidnative/202210031351/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Server
2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d249b361a6ae00ae9f7fb9c92123796a721f94653283d830bb78b0ebc3a29329

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 16:06:23 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
x-amz-request-id
1GMFR6084MNGEJPM
Age
765794
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
68048
x-amz-id-2
3ATie4BUpqYTniJ+iyBEszarLenDatXFEzO2gyolxWOhHWp3wfHEshjgBHPMd0AtxrUoUV4WYwk=
Last-Modified
Mon, 03 Oct 2022 18:35:15 GMT
Server
cloudflare
ETag
"bfa2cb2fcba193a15075ce5a72776e05"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
7591151e4ff9c440-EWR
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1665590783672&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=10&cs_cmp_...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1665590783672&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=10&cs_cmp...
0
189 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1665590783672&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=10&cs_cmp_sv=44&cs_cmp_rt=0&c7=http%3A%2F%2Fares02.caferadib2.click%2F&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9=
Requested by
Host: ares02.caferadib2.click
URL: http://ares02.caferadib2.click/
Protocol
H2
Server
18.65.39.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-70.ams1.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:06:23 GMT
via
1.1 acee7e60faaea7b7699fe033930a0164.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
x-amz-cf-id
hvtb0QmI9dwjhkzVR4-IoZLZZlQQP1LrNvG4_qjwkO01u07MyWjnzQ==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1665590783672&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=10&cs_cmp_sv=44&cs_cmp_rt=0&c7=http%3A%2F%2Fares02.caferadib2.click%2F&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9=
date
Wed, 12 Oct 2022 16:06:23 GMT
via
1.1 acee7e60faaea7b7699fe033930a0164.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
content-length
0
x-amz-cf-id
YQD6kc3Okbx3SW_84GFGguYR8hiNPvDof0YgXxWiHuXinVoU5HtyUA==
x-cache
Miss from cloudfront
apstag.js
c.amazon-adsystem.com/aax2/
176 KB
44 KB
Script
General
Full URL
http://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.34.0.62a5f358cf8a80857c127e6e18bb326ea3afc819.js
Protocol
HTTP/1.1
Server
108.138.109.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-109-24.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e23aa41677b6c7479e9f2a46fb0e8a85c5ece6c088bb9fa8938fe970fc8493ab

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 15:21:14 GMT
Content-Encoding
gzip
Via
1.1 1bd7d779bed244375679d82e1821cc3c.cloudfront.net (CloudFront), 1.1 134f499632d1e15750219cb766bdc50c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD89-P2, JFK50-P3
Age
2710
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 06 Oct 2022 22:15:21 GMT
Server
AmazonS3
ETag
W/"4c87a00941c1aa3dcbab77fc8dc08ec0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
X-Amz-Cf-Id
3aU8rPJLB0R8_w5Pcx6W3f3U7sIu4Urs2KSNLCpysH-pej2S_GVXrA==
quant.js
secure.quantserve.com/
26 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.34.0.62a5f358cf8a80857c127e6e18bb326ea3afc819.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:06:23 GMT
content-encoding
gzip
etag
"cbFpuah7ilcpMTJLYeCgng=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 19 Oct 2022 16:06:23 GMT
config
c.amazon-adsystem.com/cdn/prod/
1 KB
2 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fares02.caferadib2.click&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.109.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-109-24.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
730e96616988922cd538428876c21d36306d05852666fc86b1b3af3486e87d8a

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:06:23 GMT
via
1.1 84eb14fd35e56c52f969c1decfba148c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://ares02.caferadib2.click
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1421
x-amz-cf-id
-U7wS71EKNXx-EA80gI_eKE_RQQB6X7B3PZ5uypw_YCAZI_ZZo8bLQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Server
108.138.109.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-109-24.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 16:06:25 GMT
x-amz-version-id
YousslGi_alc9N7i1PBVBMNtdY1LkTzi
Content-Encoding
gzip
Via
1.1 8ef35b07fe667674a2922c9d83a75c52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK50-P3
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Last-Modified
Thu, 06 Oct 2022 01:32:47 GMT
Server
AmazonS3
ETag
W/"a4d296427fc806b21335359e398c025c"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Vary
Accept-Encoding,Origin
X-Amz-Cf-Id
q9yw8dmhX_m8QULAWmByRfQ62_HWkuRyv7fpr2cnLigD5Ny38vk0gw==
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
  • https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
2 KB
1 KB
Script
General
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: ares02.caferadib2.click
URL: http://ares02.caferadib2.click/
Protocol
H2
Server
2600:9000:208f:c000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 15:11:32 GMT
content-encoding
gzip
via
1.1 6115ccbf06ce7bea7cea8806dfa86752.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C3
age
3293
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
ZlgbgJU4ZDnQdzErkJsLM2EEI5_yHejXFuuMdIjWMjcHp6Muby-DHw==

Redirect headers

Date
Wed, 12 Oct 2022 16:06:24 GMT
Via
1.1 15cde442051269a0307a638d23683c8c.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
IAD79-C3
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
CHnZ1P2QA8o_zDEU9FqL1s2vL6aNRSmM7xbj45WCtrbNpIrLL9MFCw==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
54 KB
17 KB
Script
General
Full URL
http://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: ares02.caferadib2.click
URL: http://ares02.caferadib2.click/
Protocol
HTTP/1.1
Server
23.217.153.125 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-125.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 16:06:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Sep 2022 20:10:31 GMT
Server
Apache
ETag
"d71e-5e830058020dd-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17404
Expires
Wed, 12 Oct 2022 16:21:24 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/
29 KB
9 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: ares02.caferadib2.click
URL: http://ares02.caferadib2.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ca7d45c26841657f394d905623d5e5c9c7f32aecc66d66ff8401388ffc43097

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 19:14:20 GMT
content-encoding
gzip
via
1.1 b4bbc10bb9b68293dc88560c2ddfcc2c.cloudfront.net (CloudFront)
last-modified
Tue, 19 Jul 2022 18:12:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
75125
etag
W/"979a52ecf913f8004d0123a9b7ba2a05"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
HEpW1Dzuu_SfnNslreHCKoJp1oe8tN-qbuRiTXwq229prtF79_NyDg==
id5-api.js
cdn.id5-sync.com/api/1.0/
Redirect Chain
  • http://cdn.id5-sync.com/api/1.0/id5-api.js
  • https://cdn.id5-sync.com/api/1.0/id5-api.js
56 KB
16 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: ares02.caferadib2.click
URL: http://ares02.caferadib2.click/
Protocol
H2
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:06:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
M2C37VG6JCF7J926
age
608
etag
W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
759115207a1bc431-EWR
x-amz-id-2
QMqs45CKSYTfEqPLBQc0euOka5GMjXAuQifbFVoKOCqkWz1tc2ZDCpgblbvh3Wy1J53kCrf7zeg=

Redirect headers

Location
https://cdn.id5-sync.com/api/1.0/id5-api.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
geoip
apis.cmp.quantcast.com/
52 B
173 B
XHR
General
Full URL
https://apis.cmp.quantcast.com/geoip
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=tinyurl.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.220.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-220-167.compute-1.amazonaws.com
Software
/
Resource Hash
2b4b62e403a73fa81f9e5b89d190807c19732ad3212c48d6a5415c179f888ac4

Request headers

Accept
application/json, text/plain, */*
Referer
http://ares02.caferadib2.click/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 12 Oct 2022 16:06:24 GMT
content-type
application/json; charset=utf-8
content-length
52
x-geo-ip-version
1.2
map
bcp.crwdcntrl.net/6/
156 B
619 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.138.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-138-69.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
6ab2eb5572d6b29eb77f4fae5b13691a3e5444fccb6fc1feec716730ae843d8d

Request headers

Referer
http://ares02.caferadib2.click/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 16:06:24 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
http://ares02.caferadib2.click
cache-control
no-cache
x-server
10.40.43.58
access-control-allow-credentials
true
content-length
156
expires
0
geoip
apis.cmp.quantcast.com/
52 B
172 B
XHR
General
Full URL
https://apis.cmp.quantcast.com/geoip
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=tinyurl.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.220.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-220-167.compute-1.amazonaws.com
Software
/
Resource Hash
2b4b62e403a73fa81f9e5b89d190807c19732ad3212c48d6a5415c179f888ac4

Request headers

Accept
application/json, text/plain, */*
Referer
http://ares02.caferadib2.click/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 12 Oct 2022 16:06:24 GMT
content-type
application/json; charset=utf-8
content-length
52
x-geo-ip-version
1.2
geoip
apis.cmp.quantcast.com/
52 B
172 B
XHR
General
Full URL
https://apis.cmp.quantcast.com/geoip
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=tinyurl.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.220.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-220-167.compute-1.amazonaws.com
Software
/
Resource Hash
2b4b62e403a73fa81f9e5b89d190807c19732ad3212c48d6a5415c179f888ac4

Request headers

Accept
application/json, text/plain, */*
Referer
http://ares02.caferadib2.click/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 12 Oct 2022 16:06:24 GMT
content-type
application/json; charset=utf-8
content-length
52
x-geo-ip-version
1.2
pubfig.messaging.2.34.0.62a5f358cf8a80857c127e6e18bb326ea3afc819.js
a.pub.network/core/pubfig/
211 KB
68 KB
Script
General
Full URL
https://a.pub.network/core/pubfig/pubfig.messaging.2.34.0.62a5f358cf8a80857c127e6e18bb326ea3afc819.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.34.0.62a5f358cf8a80857c127e6e18bb326ea3afc819.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
518476a8bd784f357143a7a2dde34e8b4de06223222e1e8a0bc869a048cb229e

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:06:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66524
x-guploader-uploadid
ADPycduwXFnZhsnV2tYHE9Ir9290zHXPo7T_9gYGYLWil-BDPVzsFAPh7-kEehgfYmMlTqyM7N1RzNaQQdfJQVR_WFK8QTSFYu77
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Mon, 03 Oct 2022 15:09:46 GMT
server
cloudflare
etag
W/"bff95fd220eef0362d4604c7135b71b6"
vary
Accept-Encoding
x-goog-generation
1664809786829357
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=EQEMCw==, md5=v/lf0iDu8DYtRgTHE1txtg==
access-control-expose-headers
*
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UewoNvXlu4eAszItrDvlRhUfZr7n8Il8A0onUP1OkYGueE%2Bvanc1pkpcQeK7byTuIJZrpyZEpp4JHW%2BTwHhM3RuQ8BFFd6OfwYcS5aellxchmS%2BN5O5Pcx9FeGudVv5hLGUNdhlByTG1jP8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
216534
access-control-allow-origin
*
cf-ray
75911522dd461861-EWR
expires
Tue, 11 Oct 2022 22:37:37 GMT
v1
lb.eu-1-id5-sync.com/lb/
33 B
336 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.67 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216533.ip-141-95-98.eu
Software
/
Resource Hash
f0a8e37abcc9391362982cdb91b22316e1636f3d7ec5916368db70aed111f216

Request headers

Referer
http://ares02.caferadib2.click/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ares02.caferadib2.click
date
Wed, 12 Oct 2022 16:06:24 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/
74 B
257 B
XHR
General
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f0dd1c948610f58a704f93aa17dc13a8814b3bcd438151ae0592feb40459c15c

Request headers

Referer
http://ares02.caferadib2.click/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ares02.caferadib2.click
date
Wed, 12 Oct 2022 16:06:24 GMT
content-length
74
vary
Origin
content-type
application/json
pixel;r=108577389;labels=keywords.tinyurl%20url%20save%20share%20shorten%20analyze;rf=0;a=p-UeXruRVtZz7w6;url=http%3A%2F%2Fares02.caferadib2.click%2F;uht=2;fpan=1;fpa=P0-595433764-1665590784470;pbc...
pixel.quantserve.com/
35 B
372 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=108577389;labels=keywords.tinyurl%20url%20save%20share%20shorten%20analyze;rf=0;a=p-UeXruRVtZz7w6;url=http%3A%2F%2Fares02.caferadib2.click%2F;uht=2;fpan=1;fpa=P0-595433764-1665590784470;pbc=;ns=0;ce=1;qjs=1;qv=7a1cba14-20221011131736;cm=;gdpr=0;us_privacy=1---;ref=;d=caferadib2.click;dst=0;et=1665590784470;tzo=0;ogl=;ses=972a76ef-7587-4de5-aa98-b44df7d6cd33
Requested by
Host: ares02.caferadib2.click
URL: http://ares02.caferadib2.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 16:06:24 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
c
c.pub.network/
36 B
359 B
XHR
General
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.34.0.62a5f358cf8a80857c127e6e18bb326ea3afc819.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
5baf582d6059ef900deeae7190575ec68ce93ad018693b226b3ecde8c14c16b9

Request headers

Referer
http://ares02.caferadib2.click/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 12 Oct 2022 16:06:24 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
http://ares02.caferadib2.click
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
m-outer-92174f9de8d9a1ad86bf34fedf0bf9ce.html
js.stripe.com/v3/ Frame 5B53
186 B
798 B
Document
General
Full URL
https://js.stripe.com/v3/m-outer-92174f9de8d9a1ad86bf34fedf0bf9ce.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
63c7f0b0b52f7cf7eae8e80eecd4ecbaf6729da5da42cc592250f4bc57f5aeb0
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://ares02.caferadib2.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
68141
cache-control
max-age=31536000
content-encoding
br
content-length
113
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 12 Oct 2022 16:06:24 GMT
etag
"92174f9de8d9a1ad86bf34fedf0bf9ce"
last-modified
Tue, 11 Oct 2022 21:05:46 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
34247
x-content-type-options
nosniff
x-request-id
24ecfe63-5c2f-4434-bd3b-e4702aef280f
x-served-by
cache-ewr18121-EWR
0
r.stripe.com/ Frame 7FFE
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3026ee2be9cc42ca7afa79af50b21761.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Wed, 12 Oct 2022 16:06:24 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
csp-report
q.stripe.com/ Frame 5B53
0
570 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: ares02.caferadib2.click
URL: http://ares02.caferadib2.click/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 12 Oct 2022 16:06:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 5B53
0
570 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: ares02.caferadib2.click
URL: http://ares02.caferadib2.click/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 12 Oct 2022 16:06:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-2a24a891f35e204633749452ee32e8c9.js
js.stripe.com/v3/fingerprinted/js/ Frame 5B53
526 B
484 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-2a24a891f35e204633749452ee32e8c9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-92174f9de8d9a1ad86bf34fedf0bf9ce.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-92174f9de8d9a1ad86bf34fedf0bf9ce.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 12 Oct 2022 16:06:24 GMT
via
1.1 varnish
age
68140
x-cache
HIT
content-length
256
x-request-id
6ac9fe24-b6af-4bb6-a59b-5a1c8e6fd799
x-served-by
cache-ewr18121-EWR
last-modified
Tue, 11 Oct 2022 21:05:45 GMT
server
Fastly
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
29631
inner.html
m.stripe.network/ Frame 05C1
930 B
1 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-2a24a891f35e204633749452ee32e8c9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
205
cache-control
max-age=300, public
content-encoding
gzip
content-length
527
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 12 Oct 2022 16:06:24 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
315
x-content-type-options
nosniff
x-request-id
64706c8e-fdae-4e0e-84ab-cc1085709910
x-served-by
cache-ewr18121-EWR
x-timer
S1665590785.642054,VS0,VE0
csp-report
q.stripe.com/ Frame 05C1
0
344 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: ares02.caferadib2.click
URL: http://ares02.caferadib2.click/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 16:06:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
cross-origin-opener-policy
same-origin
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
x-robots-tag
none
content-length
0
expires
0
out-4.5.42.js
m.stripe.network/ Frame 05C1
86 KB
16 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Wed, 12 Oct 2022 16:06:24 GMT
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 varnish
age
98
x-cache
HIT
content-length
16031
x-request-id
9c534e88-6471-42a6-bacd-0b65db37a0fb
x-served-by
cache-ewr18121-EWR
server
Fastly
x-timer
S1665590785.666935,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
148
882.json
id5-sync.com/g/v2/
457 B
1 KB
XHR
General
Full URL
https://id5-sync.com/g/v2/882.json
Requested by
Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
ca1e303ffd88e4f793d8410e7a2642299f63f143212dcf1f14867cb78ff1bbae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://ares02.caferadib2.click/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 12 Oct 2022 16:06:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://ares02.caferadib2.click
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
6
m.stripe.com/ Frame 05C1
156 B
523 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.39.215.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-39-215-30.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
98c4f68ba963ba735dfaabd4ba04ca640c33d3efffbbf578431d56caaf9784c1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 12 Oct 2022 16:06:25 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
c
c.pub.network/
36 B
53 B
XHR
General
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.34.0.62a5f358cf8a80857c127e6e18bb326ea3afc819.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
5baf582d6059ef900deeae7190575ec68ce93ad018693b226b3ecde8c14c16b9

Request headers

Referer
http://ares02.caferadib2.click/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 12 Oct 2022 16:06:25 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
http://ares02.caferadib2.click
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2PJZZW5GKP&gtm=2oeaa0&_p=1765367708&cid=633027957.1665590783&ul=en-us&sr=1600x1200&_s=2&sid=1665590783&sct=1&seg=0&dl=http%3A%2F%2Fares02.caferadib2.click%2F&dt=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&en=scroll&epn.percent_scrolled=90&_et=11
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2PJZZW5GKP&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 16:06:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://ares02.caferadib2.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trusted-types-checker-b31b0d3b211d1247a37e6120682932ed.js
js.stripe.com/v3/fingerprinted/js/
174 B
312 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-b31b0d3b211d1247a37e6120682932ed.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
79db4d79a6e53e3aa9b5703a1156cc9accef42d4d3d31b5019d2eabf216fa751
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ares02.caferadib2.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 12 Oct 2022 16:06:29 GMT
via
1.1 varnish
age
1720383
x-cache
HIT
content-length
119
x-request-id
f90a81d2-ec2f-4ac1-8c35-b9a619c0bab5
x-served-by
cache-ewr18121-EWR
last-modified
Tue, 20 Sep 2022 13:38:31 GMT
server
Fastly
etag
"5cbd8f0579eb735eea933bbd78b29553"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
6549
0
r.stripe.com/ Frame 7FFE
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3026ee2be9cc42ca7afa79af50b21761.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Wed, 12 Oct 2022 16:06:29 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| dataLayer object| Spark function| hj object| _hjSettings object| freestar object| regeneratorRuntime object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| google_tag_manager object| webpackChunk function| _ object| $cookies function| SparkForm function| SparkFormErrors object| Bus object| core function| __ object| fsdata function| __tcfapi function| __uspapi object| _comscore object| fsprebid object| google_tag_data object| gaGlobal object| webpackChunkstripe_js_v3 function| Stripe function| __tcfapiui function| load_script object| confiant object| googletag object| ggeac object| google_js_reporting_queue object| fsprebidChunk object| _pbjsGlobals object| mnet object| COMSCORE function| udm_ object| ns_p undefined| google_measure_js_timing object| apstag object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| _qevents boolean| apstagLOADED function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| lotame_sync_16576 boolean| creativeVendorLibraryLoaded function| lotameIsCompatible function| sync16576_c function| sync16576_d undefined| sync16576_e undefined| sync16576_f undefined| sync16576_g function| sync16576_h object| sync16576_j function| sync16576_k function| sync16576_l object| sync16576_ object| sync16576_la function| sync16576_a function| sync16576_b function| sync16576_i function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_aa function| sync16576_q function| sync16576_r function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_ba function| sync16576_ca function| sync16576_v function| sync16576_da function| sync16576_w function| sync16576_x function| sync16576_y function| sync16576_ea function| sync16576_z function| sync16576_A function| sync16576_B function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_fa function| sync16576_J function| sync16576_K function| sync16576_ga function| sync16576_ha function| sync16576_L function| sync16576_M function| sync16576_ia function| sync16576_ja function| sync16576_ka function| sync16576_N function| sync16576_O function| sync16576_P function| sync16576_Q function| sync16576_R function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Z function| sync16576_Y function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_4 function| sync16576_5 function| sync16576_ma function| sync16576_3 function| sync16576_7 function| sync16576_6 function| sync16576_na function| sync16576_8 function| sync16576_oa function| sync16576_9 function| sync16576_pa function| sync16576_$ function| sync16576_qa object| PublisherCommonId function| setImmediate function| clearImmediate object| ID5

15 Cookies

Domain/Path Name / Value
.caferadib2.click/ Name: _ga_2PJZZW5GKP
Value: GS1.1.1665590783.1.0.1665590783.0.0.0
.caferadib2.click/ Name: _ga
Value: GA1.1.633027957.1665590783
.scorecardresearch.com/ Name: UID
Value: 16C2ad68c388b53c09840f01665590783
.caferadib2.click/ Name: lotame_domain_check
Value: caferadib2.click
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: d73b9dea34b06a48e58174e58d61fbdf
.caferadib2.click/ Name: _cc_id
Value: d73b9dea34b06a48e58174e58d61fbdf
.caferadib2.click/ Name: panoramaId_expiry
Value: 1665677184444
.quantserve.com/ Name: mc
Value: 6346e600-75cdf-0843f-32fe0
.caferadib2.click/ Name: __qca
Value: P0-595433764-1665590784470
.pub.network/ Name: _fsuid
Value: 80fb23f2-bf2e-498f-a7e1-1e6c6683d93a
.id5-sync.com/ Name: id5
Value: f25b0b5c-0e9a-4e18-a21d-220ccc69fc24#1665590785525#1
m.stripe.com/ Name: m
Value: dcc5fc69-2da1-4255-9ef4-3f4999c13b5200d588
.ares02.caferadib2.click/ Name: __stripe_mid
Value: db4b1a82-05f5-4c53-9954-e8617a8b512f995e39
.ares02.caferadib2.click/ Name: __stripe_sid
Value: 97846bae-9bbb-4c00-acfb-28e85acf729b288728

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
apis.cmp.quantcast.com
ares02.caferadib2.click
bcp.crwdcntrl.net
btloader.com
c.amazon-adsystem.com
c.pub.network
cdn.confiant-integrations.net
cdn.id5-sync.com
cmp.quantcast.com
d.pub.network
fonts.googleapis.com
fonts.gstatic.com
freestar-io.videoplayerhub.com
id5-sync.com
js.stripe.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
m.stripe.com
m.stripe.network
pixel.quantserve.com
q.stripe.com
r.stripe.com
rules.quantcount.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
static.hotjar.com
tags.crwdcntrl.net
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
108.138.109.24
108.138.128.46
141.95.98.67
151.101.64.176
162.19.138.116
18.65.39.70
2001:41d0:701:1000::96f
23.217.153.125
2600:9000:208f:c000:6:44e3:f8c0:93a1
2600:9000:20ed:ee00:9:46dc:4700:93a1
2606:4700:10::6816:3456
2606:4700:20::681a:78b
2606:4700:20::681a:932
2606:4700:20::ac43:443c
2606:4700::6812:116b
2607:f8b0:4006:807::2002
2607:f8b0:4006:80a::2003
2607:f8b0:4006:80b::2008
2607:f8b0:4006:81d::200e
2607:f8b0:4006:820::2002
2607:f8b0:4006:823::200a
2620:116:800b:21:f059:4f7e:28a9:1588
3.223.138.69
35.201.71.192
52.39.215.30
52.85.132.25
54.186.23.98
54.91.220.167
66.220.23.67
00c88d374107d1ea175fe68045b88c424445ce5b3d19fcffc5e66c00c956e9ad
025ddcf95f3e6e2397944edc3544c30e75e55ce591ca3b54e6fd60a6ebe2ee53
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0cf2b7289702dca0ff5503e0240839328d81248f9c64914e7c691fefda11c482
12874ffeed1e94a43f9d977d6f88a6dd56e8fe6ed08682a7d682e468748709ec
1ca7d45c26841657f394d905623d5e5c9c7f32aecc66d66ff8401388ffc43097
2b4b62e403a73fa81f9e5b89d190807c19732ad3212c48d6a5415c179f888ac4
2c68a16e0e8c3237b6bd87d7d131456d3cbfa421c01518cbd38c9efa2e59241d
369b0ad32cb6966ef124ab33c4187f851c987e29d5c21d7d3aa47a140ab18429
38d8511edbc029729dcebd0d2d5491612ab9bb4721b1f54ab84415b35aa91558
3cea5c00d31d21ef821cf0a53f2c9227ab8aca70d30b56d8b3a90789e40fc173
3d510e16e6e569e573980fd67a55221795d539fd56688ecaca8d284255e86ee6
3dc2024d040e9fd2c86538442752902779b5db67377a394482fa58766abf8ee5
43e8d135b7de44aa2ac7100af30b88b61753e422aabaa3921f7ac447983c08ad
4ad5fc194ea52158c3fc470f84bbe08e4072f687c49ad39ddde87184478a679a
518476a8bd784f357143a7a2dde34e8b4de06223222e1e8a0bc869a048cb229e
5baf582d6059ef900deeae7190575ec68ce93ad018693b226b3ecde8c14c16b9
63c7f0b0b52f7cf7eae8e80eecd4ecbaf6729da5da42cc592250f4bc57f5aeb0
6ab2eb5572d6b29eb77f4fae5b13691a3e5444fccb6fc1feec716730ae843d8d
6c3c648447514db2f2f7c8f04b3ac0b1cf1e8ea00fe8c743f427f63d938a198c
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
70fbc2bab5280ce8aa1b20c58a0df76cfaff01701e7f99f5216a986714955f5d
730e96616988922cd538428876c21d36306d05852666fc86b1b3af3486e87d8a
77d41d6b2c4c5606123e4646e579c8d7efda8b52387448e308579c13cb980f84
79db4d79a6e53e3aa9b5703a1156cc9accef42d4d3d31b5019d2eabf216fa751
7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56
8dfdb44523e0b6f8b091e5edb2dbc449282e013b9b5866aa104867d5964ebf34
98c4f68ba963ba735dfaabd4ba04ca640c33d3efffbbf578431d56caaf9784c1
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a851b7558a43873d2bf57f53e41a176f2178e50a13976ea5e6fa4670d0d93642
ae50e7801602c609f7c4b4853d4795c7da907b011a694d06aa524cf443ab9b8c
b86e53804a765565afa03dccaf776881947ccaaa4a6506bbbafa420bfa5b75f6
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
ca1e303ffd88e4f793d8410e7a2642299f63f143212dcf1f14867cb78ff1bbae
cec876ea12bf674d7b54bd8ac4bde5e0ccd8ebab977364d629fe62b3fe2576ee
d249b361a6ae00ae9f7fb9c92123796a721f94653283d830bb78b0ebc3a29329
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887
dcdbb3db33af86248df80e58aa04f833a8ea2ca8d67fbfb264d6788b1c2ef397
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
df7a24e63a6318e0d8f74ed2b504486034f9c26993de8d78aaff4fa4ca00627e
e23aa41677b6c7479e9f2a46fb0e8a85c5ece6c088bb9fa8938fe970fc8493ab
e29fa745a0f082d0ab00b94a43d3fe4d24a63bb9243858e3a94550e55146a421
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4219794143fc62ce29078d1fbdd852b2157865c968f8c36cc0d7825fd5d83ef
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
f0a8e37abcc9391362982cdb91b22316e1636f3d7ec5916368db70aed111f216
f0dd1c948610f58a704f93aa17dc13a8814b3bcd438151ae0592feb40459c15c
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f8f5c8cf1aa5731b6817e50585d7295cb6ba972c4a562daad132edb971edd5f4
ffa1ef3b6065995f2c73fb5bc9c3bb98f7f6109ffa646ae304128abbb594aa7d