www.clubpremier.com Open in urlscan Pro
2606:4700::6812:9e71 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.americanexpress.com/a/hBiE$g6AQB6DpB96T8TNzJR9-mD/amex9]
Effective URL:
https://www.clubpremier.com/mx/bienvenido/
Submission: On February 21 via api (February 21st 2022, 8:07:23 pm UTC) from US — Scanned from DE

Summary HTTP 144 Redirects Links 45 Behaviour Indicators

Summary

This website contacted 54 IPs in 10 countries across 63 domains to perform 144 HTTP transactions. The main IP is 2606:4700::6812:9e71, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.clubpremier.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2021. Valid for: a year.

This is the only time www.clubpremier.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	65.117.228.68 65.117.228.68	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
32	2606:4700::68... 2606:4700::6812:9e71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2 7	52.30.14.23 52.30.14.23	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2 4	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	37.157.5.72 37.157.5.72	198622 (ADFORM) (ADFORM)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:9d71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	185.167.164.39 185.167.164.39	198622 (ADFORM) (ADFORM)
2	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
3	18.66.97.88 18.66.97.88	16509 (AMAZON-02) (AMAZON-02)
9	2600:9000:218... 2600:9000:218c:9000:7:ea02:ad80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2 16	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
1	37.157.6.252 37.157.6.252	198622 (ADFORM) (ADFORM)
1 2	99.80.191.196 99.80.191.196	16509 (AMAZON-02) (AMAZON-02)
1	104.89.29.143 104.89.29.143	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	18.196.233.14 18.196.233.14	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.132 185.86.137.132	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	54.93.153.188 54.93.153.188	16509 (AMAZON-02) (AMAZON-02)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	104.76.201.117 104.76.201.117	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.198.182.119 18.198.182.119	16509 (AMAZON-02) (AMAZON-02)
1 2	35.210.91.196 35.210.91.196	15169 (GOOGLE) (GOOGLE)
1 2	72.247.225.98 72.247.225.98	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	50.57.31.206 50.57.31.206	19994 (RACKSPACE) (RACKSPACE)
4 4	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
4 6	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
2 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3	104.90.192.27 104.90.192.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	52.211.146.69 52.211.146.69	16509 (AMAZON-02) (AMAZON-02)
1	52.218.56.195 52.218.56.195	16509 (AMAZON-02) (AMAZON-02)
3 3	51.79.83.225 51.79.83.225	16276 (OVH) (OVH)
1 2	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	85.90.246.38 85.90.246.38	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	139.162.141.41 139.162.141.41	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	91.210.226.74 91.210.226.74	48314 (IP-PROJECTS) (IP-PROJECTS)
1	52.31.15.140 52.31.15.140	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.66.248.63 18.66.248.63	16509 (AMAZON-02) (AMAZON-02)
2 2	3.213.248.174 3.213.248.174	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.19.204.92 52.19.204.92	16509 (AMAZON-02) (AMAZON-02)
1 2	18.193.91.79 18.193.91.79	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	35.156.243.46 35.156.243.46	16509 (AMAZON-02) (AMAZON-02)
1	141.95.3.9 141.95.3.9	16276 (OVH) (OVH)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	88.99.149.88 88.99.149.88	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:223... 2600:9000:223f:ca00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	52.10.115.164 52.10.115.164	16509 (AMAZON-02) (AMAZON-02)
1	3.127.253.208 3.127.253.208	16509 (AMAZON-02) (AMAZON-02)
1	34.247.104.176 34.247.104.176	16509 (AMAZON-02) (AMAZON-02)
144	54

1 65.117.228.68 (United States) 1 redirects

ASN53316 (ASN-CHEETA-MAIL, US)

email.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700::6812:9e71 (United States)

ASN13335 (CLOUDFLARENET, US)

www.clubpremier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s3media.clubpremier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.30.14.23 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.14 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:9d71 (United States)

ASN13335 (CLOUDFLARENET, US)

s3media.clubpremier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.39 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.97.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-88.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:218c:9000:7:ea02:ad80:93a1 (United States)

ASN16509 (AMAZON-02, US)

execution-ci360.clubpremier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 37.157.2.236 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.191.196 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-191-196.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.29.143 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-29-143.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.233.14 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-233-14.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.153.188 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-153-188.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.76.201.117 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-201-117.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.182.119 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-182-119.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.91.196 (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 196.91.210.35.bc.googleusercontent.com

t.visx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.247.225.98 (Berlin, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-98.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.57.31.206 (United States) 3 redirects

ASN19994 (RACKSPACE, US)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.60.138 (Viby, Denmark) 4 redirects

ASN42697 (NETIC-AS, DK)

uip.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.66 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.90.192.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.146.69 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-146-69.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.56.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.79.83.225 (Beauharnois, Canada) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-us-2.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:db6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 85.90.246.38 (Frankfurt am Main, Germany) 4 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1429-38.members.linode.com

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.141.41 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: tags1.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.210.226.74 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.15.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-15-140.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-63.dus51.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.213.248.174 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-248-174.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.204.92 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-204-92.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.91.79 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-91-79.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.243.46 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-243-46.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.3.9 (France)

ASN16276 (OVH, FR)
PTR: p32.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.149.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: dmc-test-dn3

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:ca00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.10.115.164 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-115-164.us-west-2.compute.amazonaws.com

tngciplzusp-ads.aimatch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.253.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-253-208.eu-central-1.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.104.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	clubpremier.com www.clubpremier.com s3media.clubpremier.com execution-ci360.clubpremier.com — Cisco Umbrella Rank: 876112	2 MB
19	adform.net 3 redirects s2.adform.net — Cisco Umbrella Rank: 4863 a2.adform.net — Cisco Umbrella Rank: 6075 c1.adform.net — Cisco Umbrella Rank: 529 dmp.adform.net — Cisco Umbrella Rank: 2002	39 KB
10	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	5 KB
10	crwdcntrl.net 2 redirects ad.crwdcntrl.net — Cisco Umbrella Rank: 6570 tags.crwdcntrl.net — Cisco Umbrella Rank: 2036 sync.crwdcntrl.net — Cisco Umbrella Rank: 662 bcp.crwdcntrl.net — Cisco Umbrella Rank: 629	20 KB
7	semasio.net 7 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1051 uip.semasio.net — Cisco Umbrella Rank: 19088	3 KB
6	adsafety.net 5 redirects cm.adsafety.net — Cisco Umbrella Rank: 4508 tags.adsafety.net — Cisco Umbrella Rank: 86032	10 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	357 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 295	2 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6342	870 B
4	google.com www.google.com — Cisco Umbrella Rank: 2	870 B
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	416 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
4	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 350	4 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 1400	1 KB
3	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 425	1 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 891 load77.exelator.com — Cisco Umbrella Rank: 2952	2 KB
3	gstatic.com fonts.gstatic.com	47 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	201 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 356	717 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 357	905 B
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 10149	805 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 8499	520 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 704	1 KB
2	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 388	774 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 187	2 KB
2	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2683	7 KB
2	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 1178 mwzeom.zeotap.com — Cisco Umbrella Rank: 1486	897 B
2	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 845	688 B
2	mathtag.com 2 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1050	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	2 KB
2	visx.net 1 redirects t.visx.net — Cisco Umbrella Rank: 8073	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 265	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 269	605 B
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 307	679 B
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 4945	693 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 621	828 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
1	ml314.com ml314.com — Cisco Umbrella Rank: 1357	422 B
1	sharethis.com sync.sharethis.com — Cisco Umbrella Rank: 2516	232 B
1	aimatch.com tngciplzusp-ads.aimatch.com	2 KB
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 16797	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 659	241 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 792	172 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 493	1009 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1393	456 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 13074	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 552	543 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 371	337 B
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 36302	849 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 16481	406 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 1733	274 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 283
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 614	715 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 535	163 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 593	214 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3482	522 B
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 13866	343 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1464	37 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 800	11 KB
1	americanexpress.com 1 redirects email.americanexpress.com — Cisco Umbrella Rank: 260255	557 B
0	ib-ibi.com Failed global.ib-ibi.com Failed
144	63

	Domain	Requested by
30	s3media.clubpremier.com	www.clubpremier.com s3media.clubpremier.com
12	c1.adform.net	2 redirects a2.adform.net c1.adform.net
9	execution-ci360.clubpremier.com	www.clubpremier.com execution-ci360.clubpremier.com
6	cm.g.doubleclick.net	4 redirects c1.adform.net bcp.crwdcntrl.net
6	www.googletagmanager.com	www.clubpremier.com www.googletagmanager.com
5	cm.adsafety.net	4 redirects c1.adform.net
5	www.clubpremier.com	www.clubpremier.com
4	dmp.adform.net	c1.adform.net
4	sync.crwdcntrl.net	2 redirects c1.adform.net bcp.crwdcntrl.net
4	match.adsrvr.org	4 redirects
4	uip.semasio.net	4 redirects
4	www.google.de	www.clubpremier.com
4	www.google.com	www.clubpremier.com
4	www.facebook.com	www.clubpremier.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	secure.adnxs.com	2 redirects www.clubpremier.com c1.adform.net
3	pixel.onaudience.com	3 redirects
3	tags.bluekai.com	c1.adform.net bcp.crwdcntrl.net
3	uipglob.semasio.net	3 redirects
3	tags.crwdcntrl.net	www.googletagmanager.com tags.crwdcntrl.net
3	fonts.gstatic.com	fonts.googleapis.com
3	connect.facebook.net	www.clubpremier.com connect.facebook.net
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	eb2.3lift.com	1 redirects c1.adform.net
2	pixel.tapad.com	2 redirects
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	aa.agkn.com	1 redirects bcp.crwdcntrl.net
2	dpm.demdex.net	2 redirects
2	a.audrte.com	2 redirects
2	loadm.exelator.com	2 redirects
2	ps.eyeota.net	c1.adform.net
2	pixel.mathtag.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	t.visx.net	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects c1.adform.net
2	pixel.advertising.com	2 redirects
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	googleads.g.doubleclick.net	www.googleadservices.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	a2.adform.net	1 redirects www.clubpremier.com
2	fonts.googleapis.com	s3media.clubpremier.com
1	ml314.com	bcp.crwdcntrl.net
1	sync.sharethis.com	bcp.crwdcntrl.net
1	tngciplzusp-ads.aimatch.com	execution-ci360.clubpremier.com
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	dsp.adfarm1.adition.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	mwzeom.zeotap.com	c1.adform.net
1	spl.zeotap.com	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	a1.seadform.net	www.clubpremier.com
1	www.googleadservices.com	www.googletagmanager.com
1	s2.adform.net	www.clubpremier.com
1	www.googleoptimize.com	www.googletagmanager.com
1	use.fontawesome.com	s3media.clubpremier.com
1	ad.crwdcntrl.net	www.googletagmanager.com
1	email.americanexpress.com	1 redirects
0	global.ib-ibi.com Failed	c1.adform.net bcp.crwdcntrl.net
144	77

This site contains links to these domains. Also see Links.

Domain
member.clubpremier.com
viajeropremier.clubpremier.com
crucerosenlinea.clubpremier.com
hotelesenlinea.clubpremier.com
www.americanexpressaeromexico.clubpremier.com
santander.clubpremier.com
vuelaconpuntos.clubpremier.com
tienda.clubpremier.com
subastas.clubpremier.com
experiencias.clubpremier.com
corporativo.clubpremier.com
aeromexico.com
transferencias.clubpremier.com
play.google.com
itunes.apple.com
amfacturacion.aeromexico.com
www.facebook.com
twitter.com
www.instagram.com
api.whatsapp.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-01` - `2022-03-01`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
execution-ci360.clubpremier.com Amazon	`2021-07-20` - `2022-08-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-11-04`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.eyeota.net R3	`2022-01-04` - `2022-04-04`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-11-24` - `2022-04-26`	5 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.userreport.com Amazon	`2022-01-19` - `2023-02-17`	a year	crt.sh
*.id5-sync.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
teads.tv R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-06-04`	a year	crt.sh
*.aimatch.com Amazon	`2021-04-17` - `2022-05-16`	a year	crt.sh
sharethis.com Amazon	`2021-09-01` - `2022-09-30`	a year	crt.sh
*.ml314.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh

This page contains 6 frames:

Primary Page: https://www.clubpremier.com/mx/bienvenido/
Frame ID: F462C7D3A3BFEA66FE451BD763336263
Requests: 89 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Frame ID: 73356E1EB63826BD7F1FBC758C128F0A
Requests: 45 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 524A2ABB1D62D6F40C0F942C8958F9D8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B4455191C831D60EF13AADFE96A2FC55
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=11784
Frame ID: 280DB8D6581412584620BC94072EB1C8
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=22%2C81%2C61%2C12%2C78%2C8&c=11784
Frame ID: D2BC3A52F752A5891D9A0DA5B13F2691
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bienvenido | Programa de Recompensas | Club Premierauction#shape-menu-subastas-30x30bancos#shape-raffle-curves-30x27.88#shape-menu-compra-puntos-30x27.88#shape-menu-caculadora-21.83x30#shape-menu-transporte-30x23.43card#shape-menu-asistencias-22.15x30chains-hotel#shape-menu-entretenimiento-30x27.2entertainment#shape-menu-experiencias-23.76x30faqservicios financieros#shape-menu-productos-vuelo-30x25.91#shape-menu-aerolineas-30x14.8#shape-menu-regalo-30x20.23#shape-menu-hoteles-30x16.72#shape-menu-seguro-27.57x30locatemall#shape-menu-cruise-30x30#shape-menu-otros-30x29.44playerpoints-suitcase#shape-promotions-30x29.09#shape-menu-gasolineras-26.33x30raffle-curvesraffle-facesraffle#shape-menu-recupera-puntos-30x27.88#shape-menu-salon-premier-30x27.88#shape-menu-comparte-30x24.95#shape-menu-tienda-linea-30x24.13#shape-menu-tiendas-21.38x30#shape-special-premier-30x27.88#shape-menu-taxi-30x25.34#shape-menu-tickets-30x25.81#shape-menu-transferencia-30x30#shape-menu-servicios-viaje-30x24.06#shape-menu-vacaciones-30x21.73winners

Page URL History Show full URLs

https://email.americanexpress.com/a/hBiE$g6AQB6DpB96T8TNzJR9-mD/amex9] HTTP 307
https://www.clubpremier.com/mx/bienvenido/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

144
Requests

81 %
HTTPS

25 %
IPv6

63
Domains

77
Subdomains

54
IPs

10
Countries

2615 kB
Transfer

5466 kB
Size

110
Cookies

45 Outgoing links

These are links going to different origins than the main page.

URL: https://member.clubpremier.com/individual/recuperacuenta
Title: Recupera tu No. de Cuenta

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/recuperar-nip
Title: Olvidé mi contraseña

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/login/auth
Title: Inicia sesión

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/registro
Title: Inscríbete

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/
Title: Inicia sesión

Search URL Search Domain Scan URL

URL: https://viajeropremier.clubpremier.com/
Title: Viajero Premier

Search URL Search Domain Scan URL

URL: https://crucerosenlinea.clubpremier.com/
Title: Cruceros en línea

Search URL Search Domain Scan URL

URL: https://hotelesenlinea.clubpremier.com/?language=es&mode=earn
Title: Hoteles en Línea

Search URL Search Domain Scan URL

URL: https://www.americanexpressaeromexico.clubpremier.com/clubpremier
Title: Las Tarjetas American Express® Aeroméxico

Search URL Search Domain Scan URL

URL: https://santander.clubpremier.com/
Title: Las Tarjetas Santander Aeroméxico

Search URL Search Domain Scan URL

URL: https://vuelaconpuntos.clubpremier.com/
Title: Vuelos

Search URL Search Domain Scan URL

URL: https://hotelesenlinea.clubpremier.com/
Title: Hoteles en Línea

Search URL Search Domain Scan URL

URL: http://tienda.clubpremier.com/
Title: Tienda en Línea

Search URL Search Domain Scan URL

URL: https://subastas.clubpremier.com/
Title: Subastas Premier

Search URL Search Domain Scan URL

URL: https://experiencias.clubpremier.com/?es
Title: Experiencias Premier

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/individual/movimientos-por-fecha
Title: Estado de Cuenta

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/individual/mis-datos
Title: Mi Perfil

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/individual/mi-tarjeta
Title: Mi tarjeta

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/individual/acreditacion-retroactiva-aeromexico
Title: Aeroméxico

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/individual/acreditacion-retroactiva-otras-aerolineas
Title: SkyTeam y Otras Aerolíneas

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/htlArrRegister/register
Title: Hoteles y Arrendadoras

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/individual/programa-familiar
Title: Mi Grupo

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/individual/transferir
Title: Transfiere Puntos Premier

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/invita-a-un-amigo
Title: Invita a un Amigo

Search URL Search Domain Scan URL

URL: https://corporativo.clubpremier.com/?enviroment=mx&lang=es
Title: EMPRESAS

Search URL Search Domain Scan URL

URL: https://corporativo.clubpremier.com/mx/corporativo/descubre?corpCategory=descubre&lang=es
Title: Descubre Club Premier Corporativo

Search URL Search Domain Scan URL

URL: https://corporativo.clubpremier.com/login/auth?lang=es
Title: Mi Cuenta Corporativa

Search URL Search Domain Scan URL

URL: https://aeromexico.com/es/mx
Title: AEROMÉXICO

Search URL Search Domain Scan URL

URL: https://subastas.clubpremier.com/subastas/pangea-con-el-chef-guillermo-gonzalez-beristain-en-cdmx1/?utm_source=clubpremier&utm_medium=banners_home&utm_campaign=muifeb&utm_content=home_cp

Search URL Search Domain Scan URL

URL: https://santander.clubpremier.com/compara-las-tarjetas/?utm_source=clubpremier&utm_medium=banners_home&utm_campaign=santander_playbook&utm_content=home_cp

Search URL Search Domain Scan URL

URL: https://hotelesenlinea.clubpremier.com/?language=es
Title: Hoteles en Línea

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/individual/acreditacion-retroactiva-aeromexico/?utm_source=clubpremier&utm_medium=banners_home&utm_campaign=acumretro&utm_content=home_cp
Title: AEROMÉXICO¿Olvidaste acumular tus Puntos Premier?Si ya volaste, tienes hasta 6 meses después para hacerlo.

Search URL Search Domain Scan URL

URL: https://transferencias.clubpremier.com/citibanamex/?utm_source=clubpremier&utm_medium=banners_home&utm_campaign=citibanamexgen&utm_content=home_cp
Title: CITIBANAMEXGrandes beneficios al transferir tus puntos ThankYou a Club Premier

Search URL Search Domain Scan URL

URL: https://tienda.clubpremier.com/
Title: Tienda en línea

Search URL Search Domain Scan URL

URL: https://experiencias.clubpremier.com/
Title: Experiencias

Search URL Search Domain Scan URL

URL: https://tienda.clubpremier.com/?utm_source=clubpremier&utm_medium=banners_home&utm_campaign=telfitness&utm_content=home_cp
Title: ¡Logra tus metas con hasta 40% de descuento y 20% adicional en toda la Tienda en Línea! Adquiere aquí

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.clubpremier.loyalty.android

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/mx/app/club-premier/id592240448?mt=8

Search URL Search Domain Scan URL

URL: https://amfacturacion.aeromexico.com/
Title: Facturación Electrónica

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/invita-a-un-amigo?inscripcion=true
Title: Invita a un amigo

Search URL Search Domain Scan URL

URL: https://www.facebook.com/clubpremiermexico

Search URL Search Domain Scan URL

URL: https://twitter.com/clubpremier_mx

Search URL Search Domain Scan URL

URL: https://www.instagram.com/clubpremier/

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=5215515194040&text=Hola&source=&data=

Search URL Search Domain Scan URL

URL: https://member.clubpremier.com/login/auth?url=http%3A%2F%2Fclubpremier.com&lang=es&targetURL=http%3A%2F%2Fclubpremier.com&isAdmin=false
Title: aquí

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.americanexpress.com/a/hBiE$g6AQB6DpB96T8TNzJR9-mD/amex9] HTTP 307
https://www.clubpremier.com/mx/bienvenido/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://secure.adnxs.com/seg?add=23287336&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23287336%26t%3D2

Request Chain 60

https://a2.adform.net/Serving/TrackPoint/?pm=2358553&ADFPageName=www.clubpremier.com%7C%2Fmx%2Fbienvenido%2F&ADFdivider=%7C&ord=744858245965&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Fbienvenido%2F HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2358553&ADFPageName=www.clubpremier.com%7C%2Fmx%2Fbienvenido%2F&ADFdivider=%7C&ord=744858245965&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Fbienvenido%2F

Request Chain 82

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=2457621227375275241&Expiration=1646683638 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2457621227375275241&Expiration=1646683638

Request Chain 85

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2457621227375275241&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2457621227375275241&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=4c253fb73a30441b9c3fd8574db74e6f HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=b8ade743701ac652e5c428e7328605298ab2974be1092d6154923751a31897e7

Request Chain 87

https://pixel.advertising.com/ups/55944/sync?uid=2457621227375275241&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55944/sync?uid=2457621227375275241&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=2457621227375275241&_origin=1&apid=UPdeeb2837-9351-11ec-b489-065d7cf319f8 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=2457621227375275241&_origin=1&apid=UPdeeb2837-9351-11ec-b489-065d7cf319f8&verify=true

Request Chain 89

https://x.bidswitch.net/sync?dsp_id=70&user_id=2457621227375275241 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=2457621227375275241 HTTP 302
https://t.visx.net/sync?tp_id=1&tp_uid=2964e481-609f-4672-9aae-95221c7b97bd&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd= HTTP 302
https://t.visx.net/ul_cb/sync?tp_id=1&tp_uid=2964e481-609f-4672-9aae-95221c7b97bd&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd=

Request Chain 90

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2457621227375275241&expiration=1646683638 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2457621227375275241&expiration=1646683638&C=1

Request Chain 91

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2457621227375275241&sInitiator=external HTTP 302
https://uip.semasio.net/adform/1/info?sType=sync&sExtCookieId=2457621227375275241&sInitiator=external HTTP 302
https://uip.semasio.net/adform/1/info2?sType=sync&sExtCookieId=2457621227375275241&sInitiator=external HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal HTTP 302
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=b9396213-f0f6-4d00-bf9f-a78ca59a772e&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
https://uip.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=b9396213-f0f6-4d00-bf9f-a78ca59a772e&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=bb4d6a9b-ab13-4873-9fd5-458674f0ab56 HTTP 302
https://uip.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=bb4d6a9b-ab13-4873-9fd5-458674f0ab56 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=M0M3QkI1QzlGMjE5NzY4RQ&gdpr=1&gdpr_consent=

Request Chain 93

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2457621227375275241 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2457621227375275241&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 95

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2457621227375275241 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2457621227375275241

Request Chain 98

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 99

https://pixel.onaudience.com/?mapped=2457621227375275241&partner=68 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b9983d2a7f929ead25b21096d280f7b5 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=bb4d6a9b-ab13-4873-9fd5-458674f0ab56&icm HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=50b4a0662cddc5e1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=65432c21-695c-4429-74dd-fa0e967f9260&reqId=43734b6b-2182-49a1-6ed9-654c9c43c0fc&zcluid=50b4a0662cddc5e1&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEGPKOyPIZYkqM3pf-rlFdAE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=65432c21-695c-4429-74dd-fa0e967f9260&reqId=43734b6b-2182-49a1-6ed9-654c9c43c0fc&zcluid=50b4a0662cddc5e1&zdid=1332

Request Chain 100

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=2457621227375275241 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM12022022120979650f9221a7280ca9&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=7cbccef71120f110cbf0fd02a0a07112 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12022022120979650f9221a7280ca9&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=7cbccef71120f110cbf0fd02a0a07112&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMjAyMjEyMDk3OTY1MGY5MjIxYTcyODBjYTk HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEBWaMY8U-fhSp_0b0FkmRdk&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12022022120979650f9221a7280ca9 HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2457621227375275241

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MjQ1NzYyMTIyNzM3NTI3NTI0MQ HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL3xp51aJs5aESjQWGkQefs&google_cver=1&google_ula=1641347,0

Request Chain 104

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=6478686581827762797&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=2457621227375275241

Request Chain 107

https://a.audrte.com/a?adform_uid=2457621227375275241 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEGCIWHr50WGWS72Q8mEiBXE&google_cver=1 HTTP 302
https://ps.eyeota.net/match?bid=kh51m51&uid=g8l03EWTZZGR9y4ZdHUE8ckEA&gdpr=0&gdpr_consent=

Request Chain 108

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2457621227375275241&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=2457621227375275241&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=24565685788381852460645829537220671178&noredirect=1

Request Chain 109

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2457621227375275241 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165000804069000498106

Request Chain 110

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7067257179643836558

Request Chain 112

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=b9396213-f0f6-4d00-bf9f-a78ca59a772e

Request Chain 113

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=KW8WdK7q1NmeXQ5

Request Chain 114

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=bb4d6a9b-ab13-4873-9fd5-458674f0ab56

Request Chain 117

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3316266259 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=sSDDFMtP79eUOQPxDZ19LO

Request Chain 119

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2457621227375275241 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2457621227375275241&cs=1

Request Chain 121

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=2457621227375275241&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=2457621227375275241&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=6e8ee2df-b9c9-441e-83e4-fcd91f1ed2e8

Request Chain 123

https://eb2.3lift.com/xuid?mid=7354&xuid=2457621227375275241&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=2457621227375275241&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

144 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.clubpremier.com/mx/bienvenido/
Redirect Chain

https://email.americanexpress.com/a/hBiE$g6AQB6DpB96T8TNzJR9-mD/amex9]
https://www.clubpremier.com/mx/bienvenido/

141 KB
35 KB

1867ms
1820ms

Document
text/html

2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.22

Resource Hash

69b3e94373c2a3e40954a4cc29d23fc34bafa40afabb1ae7dbfc59ea86f1be94

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.22
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
link: <https://www.clubpremier.com/mx/wp-json/>; rel="https://api.w.org/" <https://www.clubpremier.com/mx/wp-json/wp/v2/pages/924>; rel="alternate"; type="application/json" <https://www.clubpremier.com/mx/?p=924>; rel=shortlink
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e12999099749241-FRA
content-encoding: gzip

Redirect headers

Date: Mon, 21 Feb 2022 20:07:15 GMT
Server: Apache
Connection: close
Cache-Control: no-cache="set-cookie", private, no-cache
P3P: policyref="/w3c/p3p.xml",CP="NON DSP COR CURo ADMo DEVo TAIo IVAo IVDo OUR DELo IND UNI NAV"
Expires: Sun, 06 Nov 1994 08:49:37 GMT
Location: https://www.clubpremier.com/mx/bienvenido/
Content-Length: 252
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 style.min.css
www.clubpremier.com/wp-includes/css/dist/block-library/ 57 KB
9 KB 89ms
88ms Stylesheet
text/css 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clubpremier.com/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 421991
vary: Accept-Encoding
content-length: 8685
x-xss-protection: 1;mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Apr 2021 23:50:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "e33b-5bf567a917900-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/css
cache-control: public, max-age=31114008
content-security-policy: default-src 'self' *.fontawesome.com *.hotjar.com *.adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com *.cybba.solutions *.cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net *.yimg.com *.crwdcntrl.net *.amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info *.clubpremier.info *.clubpremier.com *.ve.vom *.ve.com *.veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com *.cloudflare.com *.bootstrapcdn.com *.ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net *.amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com *.poder.io *.krxd.net *.facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem *.datatables.net *.angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
accept-ranges: bytes
cf-ray: 6e12999c1c359241-FRA
expires: Thu, 16 Feb 2023 22:54:05 GMT

GET
H2 200 validationEngine.jquery.min.css
s3media.clubpremier.com/club_premier/clubpremier-components/css/ 2 KB
1 KB 68ms
41ms Stylesheet
text/css 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3media.clubpremier.com/club_premier/clubpremier-components/css/validationEngine.jquery.min.css

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a76b2edefa2f52f77dedea80f415b659c2d18f3350f6006b6bc1dc99d013259

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 422404
content-type: text/css
vary: Accept-Encoding
x-amz-request-id: VP86Z8QG3S3YN0GQ
x-amz-id-2: LlW9cKKkHnt7KLEjHgDDDVbBp6xnQdAFqE4ofm4GDzFq50nJO3twfWCusyNWG8Om2b/IeyjB178=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Jan 2018 00:47:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "43dcb343761bf698ad1a0850631c8278"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: null
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
content-security-policy: default-src 'self' *.fontawesome.com *.hotjar.com *.adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com *.cybba.solutions *.cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net *.yimg.com *.crwdcntrl.net *.amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info *.clubpremier.info *.clubpremier.com *.ve.vom *.ve.com *.veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com *.cloudflare.com *.bootstrapcdn.com *.ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net *.amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com *.poder.io *.krxd.net *.facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem *.datatables.net *.angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
cf-ray: 6e12999c4cac9241-FRA
access-control-allow-headers: cache-control, content-type
expires: Thu, 24 Mar 2022 20:07:17 GMT

GET
H2 200 vendor.css
s3media.clubpremier.com/club_premier/clubpremier-components/css/ 33 KB
10 KB 193ms
166ms Stylesheet
text/css 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3media.clubpremier.com/club_premier/clubpremier-components/css/vendor.css

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46f81ab1e4afab7598d03d9372674c917d61a177d68ac86e95fb63463a50e622

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: 15RHT9KT6YQ71PJF
content-type: text/css
vary: Accept-Encoding
x-amz-id-2: YBbvHI7hKGEgW6shswPHc0aZEify9bv8dgiYQjoOww06w1L+HCwg9Z/YtAPgRfh3rstdamV+9R8=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Jun 2021 21:54:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "f7c82c70ec11f1b7350ff156a0dfe21e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: MYpzx1zc6Xcw8_QFRJPUvypjT9qnKaSM
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
cf-ray: 6e12999c4caf9241-FRA
access-control-allow-headers: cache-control, content-type
expires: Thu, 24 Mar 2022 20:07:17 GMT

GET
H2 200 main.css
s3media.clubpremier.com/club_premier/clubpremier-components/css/ 367 KB
84 KB 226ms
200ms Stylesheet
text/css 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3media.clubpremier.com/club_premier/clubpremier-components/css/main.css

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ebafd1582ad822faf3425f5f5b0a2f2264965338c007149f72cbb027621e9df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: 15RWR7J9W2E6V4MT
content-type: text/css
vary: Accept-Encoding
x-amz-id-2: 3YsZX7hM9x5bVtvW3Wwf+jrJIANsmj4hn6oa7pFimTsyZBhijFy61G6G8n6n46olir30gjdgSsU=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Jun 2021 21:54:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "a218aefdd7e3ac03019f3fd21d5bd3da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: .0NgoQP6zSyqQZE6HgOLCgDycLoIYTd9
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
cf-ray: 6e12999c4ca29241-FRA
access-control-allow-headers: cache-control, content-type
expires: Thu, 24 Mar 2022 20:07:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 316 KB
74 KB 236ms
151ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W56R6Q

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2051e7e392261c8ccd16ea5183855e3b2b50ab8c4310619ef6d0ff6aad10dc54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75429
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Feb 2022 20:07:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 327 KB
65 KB 274ms
189ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5GRGL9T

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c429faa42d6d12d250945a057e3dd73ba3640ddc97dd8520cd5d320db827b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66888
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Feb 2022 20:07:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 304 KB
67 KB 206ms
121ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TS973S

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63a9fa5aafbb20a1b32c210ee7114a6825669be7908fd9bb9bb49233eb88787e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68924
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Feb 2022 20:07:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 162 KB
47 KB 153ms
67ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KN68QHM

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4672dba4badb05dc38ee5db8e9c1263e8588928cc6fc0e930941fa5e51bbd0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48102
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Feb 2022 20:07:17 GMT

GET
H2 200 logo-cp.svg
s3media.clubpremier.com/club_premier/clubpremier-components/images/ 6 KB
4 KB 78ms
54ms Image
image/svg+xml 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/club_premier/clubpremier-components/images/logo-cp.svg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e029a201d8fb650079023726b6644a7a6eccb791abeeb2634774e063ef286221

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 368670
content-type: image/svg+xml
vary: Accept-Encoding
x-amz-request-id: 9ZBRRZ98M6SKD1JR
x-amz-id-2: A8zpY2KuJ+dYwDwFoMZdXHkLpSRsmXk33ZRMtkPADkDlXpbRhdkYVjf6i58UCNUoR3SJHMkcETQ=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Jun 2021 21:54:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"29a1ea51787baabb5e50eea1d4ca9b77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: u0Q0H2BzelINSNo0Y.8CWGE3UemOces6
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
content-security-policy: default-src 'self' *.fontawesome.com *.hotjar.com *.adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com *.cybba.solutions *.cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net *.yimg.com *.crwdcntrl.net *.amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info *.clubpremier.info *.clubpremier.com *.ve.vom *.ve.com *.veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com *.cloudflare.com *.bootstrapcdn.com *.ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net *.amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com *.poder.io *.krxd.net *.facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem *.datatables.net *.angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
cf-ray: 6e12999c4cb39241-FRA
access-control-allow-headers: cache-control, content-type
expires: Thu, 24 Mar 2022 20:07:17 GMT

GET
H2 200 venta-azul-feb.jpg
s3media.clubpremier.com/CPcms/22/hm/ 228 KB
229 KB 70ms
47ms Image
image/jpeg 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/22/hm/venta-azul-feb.jpg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

683b4c573ecee26426e3b9123c9aca60f5087a9fae84c1942ec707870bf32ad2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 422404
cf-polished: degrade=85, origSize=475450
vary: Accept-Encoding
x-amz-request-id: VP810BY6W5HC8XJA
x-amz-id-2: CILJx43NThDos8nrbtqDMlU/+IyS/aYFrhq2E2gR3OeowV5XGpfUi12B0qkz9Z0u2vreUtOxT50=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 24 Mar 2022 20:07:17 GMT
last-modified: Thu, 10 Feb 2022 18:43:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d6d244dc6decb46c7582870a86545577"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: RgVMEC7jWMlZyBX2KMSDs3OcN0ydosZ_
content-length: 233672
cf-ray: 6e12999c4cb49241-FRA
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 hm-cr-subasta-casa-mui-feb22-a.jpg
s3media.clubpremier.com/CPcms/22/hm/ 173 KB
173 KB 77ms
54ms Image
image/jpeg 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/22/hm/hm-cr-subasta-casa-mui-feb22-a.jpg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ab3c8cf87964ea45482d817abe64ce943a7b839259a503a32a0ffda06f22670

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86665
cf-polished: origSize=191613
vary: Accept-Encoding
x-amz-request-id: Z0QCWR5B5B05RV16
x-amz-id-2: 8y7KzgAuP4ER2rsWpyqocp8ucKR+ywO5EwY1mKp42YZKTFYvMQ++52weDYhQObdaXKvZ6RtaNwk=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 24 Mar 2022 20:07:17 GMT
last-modified: Tue, 15 Feb 2022 16:28:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "41c03941ffcfd26c8e0a44cb00d5de0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: Pk7Eb5ttczW75CIj2eUtzgH2bbHsg0Qf
content-length: 177100
cf-ray: 6e12999c4cb59241-FRA
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 bbva-feb.jpg
s3media.clubpremier.com/CPcms/22/hm/ 172 KB
173 KB 28ms
27ms Image
image/jpeg 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/22/hm/bbva-feb.jpg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

986a3460d78768645cdd30bfbf37581cdec272e4dd4431d90072edb6814f9c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86664
cf-polished: degrade=85, origSize=360440
vary: Accept-Encoding
x-amz-request-id: Z0Q99TYSKYY2CYME
x-amz-id-2: G/AcThk/PLUWXGgGY05taRb8RUa8Zj0kPp3Gc4BUqXK9L1vRBo08bBwrQlHklVZa70/3DFZsq98=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 24 Mar 2022 20:07:17 GMT
last-modified: Thu, 27 Jan 2022 18:57:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "c64d3d3e07b0f373a87e04c9bc63a3e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: 9fW.2NZHuV.B8G.Jbk9K5ykzfy0O2zX4
content-length: 176400
cf-ray: 6e12999d1efd9241-FRA
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 hm-cr-estee-lauder-en21-ab.jpg
s3media.clubpremier.com/CPcms/22/hm/ 90 KB
90 KB 50ms
49ms Image
image/jpeg 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/22/hm/hm-cr-estee-lauder-en21-ab.jpg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50f8fd9ddf01373edac1a2c704ac885fca34347ab77fbf3541e3cd338e87efc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 319897
cf-polished: degrade=85, origSize=94389
vary: Accept-Encoding
x-amz-request-id: AAAC1JS8TAQDKVE5
x-amz-id-2: nnQ4pcICRVQ/58ml++uEqVsSQ225aPiPkd2zO5OZSx9Da4K32Y0tP9MnI8KB9b6jqVgrPX7Nhiw=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 24 Mar 2022 20:07:17 GMT
last-modified: Fri, 21 Jan 2022 20:29:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "107a244cdfd3d4f7180a7056380b49d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: XXBlvQRT66JumhPjOujNDng2bQSpWk9Y
content-length: 92144
cf-ray: 6e12999d5f7b9241-FRA
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 hm-cr-beneficios-am-en22-aa.jpeg
s3media.clubpremier.com/CPcms/22/hm/ 101 KB
102 KB 42ms
42ms Image
image/jpeg 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/22/hm/hm-cr-beneficios-am-en22-aa.jpeg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96dcc5e5848d1b4c243457746547d4ff87360931c4c9754bcdeb7fd6305c5228

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86664
cf-polished: degrade=85, origSize=104687
vary: Accept-Encoding
x-amz-request-id: Z0QF3N3S5AF6DTH3
x-amz-id-2: iJzkLlNKiXQwVv15+F82OSSM5dZt1awDMfye9rh9NN7u2t/tM2OGZy42uFQs3bpxQBraIepD2qU=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 24 Mar 2022 20:07:17 GMT
last-modified: Mon, 27 Dec 2021 23:35:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "9c0db01b8902ee2c1fe75df04828652b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: iPlBHCIB1vMjhesUtIuKaIsesQvrJgcY
content-length: 103865
cf-ray: 6e12999d5f7c9241-FRA
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 hm-playbook-se-jl.jpg
s3media.clubpremier.com/CPcms/21/hm/ 110 KB
110 KB 56ms
56ms Image
image/jpeg 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/21/hm/hm-playbook-se-jl.jpg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06a1a66be89920a276d6b603a60cd025b1af7edaaff2ebb49b4f6891fc9e843a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86664
cf-polished: degrade=85, origSize=246165
vary: Accept-Encoding
x-amz-request-id: Z0QF5QDRE84Z2XPM
x-amz-id-2: Z6gB/vYOEvECTOtgw9d9C6pnlhCQH7l+rtt5CvoAfAPw8cOW3hewPtBIaKNN9t5u0JIvLVyu83g=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 24 Mar 2022 20:07:17 GMT
last-modified: Thu, 15 Jul 2021 22:59:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "cdc84a16c04ee0f12ab6f9b2aca010aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: nzivTaVXgwB3eEnDa0HdTCb.TnFrpmGH
content-length: 112528
cf-ray: 6e12999d98339241-FRA
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 google-play-badge.svg
s3media.clubpremier.com/club_premier/img/footer/ 18 KB
7 KB 33ms
32ms Image
image/svg+xml 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/club_premier/img/footer/google-play-badge.svg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d8b61c6408c4958ee4e6b3cc18292b1c400c0fd73b8a410b9312350c61ebf69

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 368669
content-type: image/svg+xml
vary: Accept-Encoding
x-amz-request-id: 9B120RASBA629WN9
x-amz-id-2: qIP1AElQhQpo2fiIys9vIE6G1MyQZ95MReITSzewCqKSOqPntmS+XtVjLzXoLtQB/70ln1VODQ8=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 17 Oct 2018 15:14:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"72b3aecd40f50986abeca799f0f58cbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: null
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
cf-ray: 6e12999da8409241-FRA
access-control-allow-headers: cache-control, content-type
expires: Thu, 24 Mar 2022 20:07:17 GMT

GET
H2 200 app-store-badge.svg
s3media.clubpremier.com/club_premier/img/footer/ 24 KB
9 KB 41ms
41ms Image
image/svg+xml 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/club_premier/img/footer/app-store-badge.svg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3a7a908c325e84fb1b4fffa2b996f3f3ec813e08d969c382569ec075cc20aff

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 368669
content-type: image/svg+xml
vary: Accept-Encoding
x-amz-request-id: 9B1CQM7MNDQ9QXP3
x-amz-id-2: YCxTzsAhyL3qVpEgm+UoDciNDTSZyJj3gMIq4z+a5h0Tv/YEDa75GrgGjoN2417uuopwU1S1p7A=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 17 Oct 2018 15:14:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3291ce858cee0ac5f2edc4a1c254765d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: null
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
cf-ray: 6e12999da8449241-FRA
access-control-allow-headers: cache-control, content-type
expires: Thu, 24 Mar 2022 20:07:17 GMT

GET
H2 200 help_menu_skype.png
s3media.clubpremier.com/club_premier/img/ 18 KB
18 KB 30ms
29ms Image
image/png 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/club_premier/img/help_menu_skype.png

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

016980f05d138d5ffba313dc6a6d9837e288342a039366be7d960ad38ca1d48a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 368669
cf-polished: degrade=85, origSize=25832
vary: Accept-Encoding
x-amz-request-id: 9B123XMD8939PZ58
x-amz-id-2: 2ITD/L9qqHpUuPggP+U4vNyoclfew4o7u00ynALbwsUuFfAPPBrMKszjEpR0SqVt8qzCeqAMgTs=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 24 Mar 2022 20:07:17 GMT
last-modified: Thu, 10 Mar 2016 22:14:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "a11c2f331d58a41c0812d95841a7375e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: null
content-length: 18052
cf-ray: 6e12999dd8a69241-FRA
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 email-decode.min.js Show response
www.clubpremier.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
815 B 14ms
14ms Script
application/javascript 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clubpremier.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Feb 2022 13:46:32 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"620d0038-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800, public
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6e12999c2c499241-FRA
expires: Wed, 23 Feb 2022 20:07:17 GMT

GET
H2 200 vendor.js Show response
s3media.clubpremier.com/club_premier/clubpremier-components/js/ 437 KB
155 KB 42ms
42ms Script
application/javascript 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3media.clubpremier.com/club_premier/clubpremier-components/js/vendor.js

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c24e778da7acc55ff66d055cde4b7aa20ec11046739f9d9f1396a36f71553040

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 165393
content-type: application/javascript
vary: Accept-Encoding
x-amz-request-id: W3D5Q0J64XA8ZRMQ
x-amz-id-2: ETW8pqJx+gipQiZ4jwZhZzQgfFls+q8Rj03AdkQJ4uzxNq5ljS8vwWEW7qM/No8GnTDI0lJv9b4=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Jun 2021 21:54:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "ef7bbc12a8e213e679ac8749d530e099"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: kNHNSR9MwddC1dxqTTiZ.QvjjvZeMNmO
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
cf-ray: 6e12999c8d3b9241-FRA
access-control-allow-headers: cache-control, content-type
expires: Thu, 24 Mar 2022 20:07:17 GMT

GET
H2 200 clear_cache.js Show response
www.clubpremier.com/wp-content/plugins/cp-settings/js/ 664 B
1 KB 39ms
38ms Script
application/x-javascript 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clubpremier.com/wp-content/plugins/cp-settings/js/clear_cache.js

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daf6c4ff2592cba88d5e4ef8efd1f6c2d27840af0101195dd4aea7bdec3a8213

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 368670
vary: Accept-Encoding
content-length: 313
x-xss-protection: 1;mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Jan 2022 02:17:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "298-5d5fa1ac8ede6-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/x-javascript
cache-control: public, max-age=31167330
content-security-policy: default-src 'self' *.fontawesome.com *.hotjar.com *.adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com *.cybba.solutions *.cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net *.yimg.com *.crwdcntrl.net *.amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info *.clubpremier.info *.clubpremier.com *.ve.vom *.ve.com *.veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com *.cloudflare.com *.bootstrapcdn.com *.ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net *.amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com *.poder.io *.krxd.net *.facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem *.datatables.net *.angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
accept-ranges: bytes
cf-ray: 6e12999c2c4f9241-FRA
expires: Fri, 17 Feb 2023 13:42:47 GMT

GET
H2 200 modernizr.js Show response
s3media.clubpremier.com/club_premier/clubpremier-components/js/vendor/ 11 KB
6 KB 191ms
191ms Script
application/javascript 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3media.clubpremier.com/club_premier/clubpremier-components/js/vendor/modernizr.js

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fe6bda33882a6e67e3cc4e5811dffeccc46961d6e0bdd93061db7e8d646ff01

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: 15RYK1Z83X8BXSJ3
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: HakgDnBx5oJGGzmnpKinJQo56LVfRaIC1qK/gC58uhmJvrMbCHoUkI+z0wJzKnywRFLgYoId5bg=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Jun 2021 21:54:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "272916a0773365045cea31ad7f278f1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: kd8CEYmT9.LaUW5.gnkb3y1OqxCoav1T
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
content-security-policy: default-src 'self' *.fontawesome.com *.hotjar.com *.adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com *.cybba.solutions *.cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net *.yimg.com *.crwdcntrl.net *.amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info *.clubpremier.info *.clubpremier.com *.ve.vom *.ve.com *.veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com *.cloudflare.com *.bootstrapcdn.com *.ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net *.amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com *.poder.io *.krxd.net *.facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem *.datatables.net *.angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
cf-ray: 6e12999c9d9a9241-FRA
access-control-allow-headers: cache-control, content-type
expires: Thu, 24 Mar 2022 20:07:17 GMT

GET
H2 200 plugins.js Show response
s3media.clubpremier.com/club_premier/clubpremier-components/js/ 27 KB
9 KB 180ms
179ms Script
application/javascript 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3media.clubpremier.com/club_premier/clubpremier-components/js/plugins.js

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

763a67e0400355481183dbed7badb95180dc8f8719e33bab8ca1672341f6dc4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: 15RQVWYVW869R933
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: Upooyx5b48Q2T5guqsX9xH3tyLHIghLvUi0KEuNFlwJ4RMTNm2Gnry/fxkIMXbLeCAQgauND/xk=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Jun 2021 21:54:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2196ebfb2c7586252e8596a52b931d0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: _PAnUsfI2TEXvhP8emOEdcyE63F9YrlD
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
cf-ray: 6e12999cadcc9241-FRA
access-control-allow-headers: cache-control, content-type
expires: Thu, 24 Mar 2022 20:07:17 GMT

GET
H2 200 jquery.validationEngine.min.js Show response
s3media.clubpremier.com/club_premier/clubpremier-components/js/ 27 KB
9 KB 26ms
26ms Script
application/javascript 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3media.clubpremier.com/club_premier/clubpremier-components/js/jquery.validationEngine.min.js

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b56a1f2c24747e169c0732fc8aedf00a1932e70318cca6c2351c7255627eee

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 422404
content-type: application/javascript
vary: Accept-Encoding
x-amz-request-id: VP8596MWGEKQKBY0
x-amz-id-2: GkOf7zjzQGXJIFLAfLAL1iy363iqm+xRwNXwN6I0X5RW8GjAr4SaowHqrknIobPJ4eK3tPSpnio=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Dec 2017 01:40:53 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "4ee92ce297ba6d78696c3ee14f168694"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: null
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
cf-ray: 6e12999cadcf9241-FRA
access-control-allow-headers: cache-control, content-type
expires: Thu, 24 Mar 2022 20:07:17 GMT

GET
H2 200 jquery.validationEngine-es.min.js Show response
s3media.clubpremier.com/club_premier/clubpremier-components/js/ 5 KB
3 KB 529ms
529ms Script
application/javascript 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3media.clubpremier.com/club_premier/clubpremier-components/js/jquery.validationEngine-es.min.js

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e28b98d1d5af579dd0fed586ab53af1df49850fc83fb769cbc06b875b3073e8a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: 15RSBD2E6041R1ZC
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-id-2: 8SABTCsDKIx0PSj6JstDoqtG95Jt/SPfiCQZjvBKmbGoQj+tCd0JbcWF+xbzYTk2jf2WabBR+nc=
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Sep 2021 20:20:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "20aa37433471ffc490f90cef512501d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: vhdu6sagJTJkRkJQk3eVS7lknLfi28Yv
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
content-security-policy: default-src 'self' *.fontawesome.com *.hotjar.com *.adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com *.cybba.solutions *.cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net *.yimg.com *.crwdcntrl.net *.amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info *.clubpremier.info *.clubpremier.com *.ve.vom *.ve.com *.veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com *.cloudflare.com *.bootstrapcdn.com *.ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net *.amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com *.poder.io *.krxd.net *.facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem *.datatables.net *.angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
cf-ray: 6e12999cde219241-FRA
access-control-allow-headers: cache-control, content-type
expires: Thu, 24 Mar 2022 20:07:17 GMT

GET
H2 200 main.js Show response
s3media.clubpremier.com/club_premier/clubpremier-components/js/ 61 KB
20 KB 42ms
42ms Script
application/javascript 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3media.clubpremier.com/club_premier/clubpremier-components/js/main.js

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a81e34680b8e7fa9dcad337c9264f7d795f4657d2dec25bb955463ce13e282d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 165392
content-type: application/javascript
vary: Accept-Encoding
x-amz-request-id: 6H5TREXN2AGM35DM
x-amz-id-2: MEOZSBQYvcVZlXCp0vBnjipsuB3QRfCc/BHu0XJqavwQeukbob40fIl0dBXbPvGHhnuUW8ZE9hA=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Jun 2021 21:54:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0a0048c42b12741b8ca35af2936ce0e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: zdWOdglRVfU5ZsNlBuT9NJFjMWDuD9kP
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
cf-ray: 6e12999cde389241-FRA
access-control-allow-headers: cache-control, content-type
expires: Thu, 24 Mar 2022 20:07:17 GMT

GET
H2 200 wp-embed.min.js Show response
www.clubpremier.com/wp-includes/js/ 1 KB
949 B 39ms
39ms Script
application/x-javascript 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clubpremier.com/wp-includes/js/wp-embed.min.js

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .fontawesome.com .hotjar.com .adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com .cybba.solutions .cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net .yimg.com .crwdcntrl.net .amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info .clubpremier.info .clubpremier.com .ve.vom .ve.com .veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com .cloudflare.com .bootstrapcdn.com .ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net .amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com .poder.io .krxd.net .facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem .datatables.net .angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 368671
vary: Accept-Encoding
content-length: 765
x-xss-protection: 1;mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "592-5b83cfce57d00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/x-javascript
cache-control: public, max-age=31167329
content-security-policy: default-src 'self' *.fontawesome.com *.hotjar.com *.adform.net www.google-analytics.com stats.g.doubleclick.net pixel.efike.co beacon.sojern.com d3u0jcwe5p7qrc.cloudfront.net d2rp1k1dldbai6.cloudfront.net cybba-bucket.s3.amazonaws.com *.cybba.solutions *.cybba.us storage.googleapis.com sp.analytics.yahoo.com afiliacion.net *.yimg.com *.crwdcntrl.net *.amazonaws.com ve1storasstst.blob.core.windows.net clubpremier.info *.clubpremier.info *.clubpremier.com *.ve.vom *.ve.com *.veinteractive.com clubpremierstyleguide.s3.amazonaws.com etrust-sandbox.electronicid.eu s3.amazonaws.com *.cloudflare.com *.bootstrapcdn.com *.ci360.sas.com s3media.clubpremier.com www.google.com 'unsafe-inline' 'unsafe-eval' font-src fonts.googleapis.com ajax.googleapis.com fonts.gstatic.com use.fontawesome.com script-src h.online-metrix.net *.amcharts.com tagmanager.google.com www.googletagmanager.com www.gstatic.com survey.feedbackly.com code.jquery.com *.poder.io *.krxd.net *.facebook.com connect.facebook.net www.google-analytics.com frame-src www.youtube.com d2bxdooso8958o.cloudfront.net americanexpresstarjetas.com style-src-elem *.datatables.net *.angularjs.org gitcdn.github.io img-src worldoftravel.clubpremieir.com *.gravatar.com cdn.jsdelivr.net data: connect-src apibot.agentbot.net adapter.aivo.co apiscp.vincoorbisdev.com placehold.it via.placeholder.com tags.crwdcntrl.net i-us.ci360.sas.com
accept-ranges: bytes
cf-ray: 6e12999c2c539241-FRA
expires: Fri, 17 Feb 2023 13:42:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 71ms
71ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-641009633

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN68QHM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

616113056d65716127ad22af9727cd180e2e719b1258487065a12bdce4841a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40721
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Feb 2022 20:07:17 GMT

GET
H2 200 var=ccauds Show response
ad.crwdcntrl.net/5/c=11783/pe=y/ 70 B
306 B 96ms
28ms Script
application/javascript 52.30.14.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=11783/pe=y/var=ccauds
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN68QHM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8c3b4dc6462c11e820587fef21d3425d418b380ef8654185b31e61ac840bca21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:17 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.26.221
content-type: application/javascript;charset=utf-8
content-length: 70
expires: 0

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 134ms
49ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700|Roboto:300,400,700

Requested by

Host: s3media.clubpremier.com
URL: https://s3media.clubpremier.com/club_premier/clubpremier-components/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cbf08e35d944ef2a130213e66ca9df10edbdedce1ee6613b8e6b789ab544d580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3media.clubpremier.com/club_premier/clubpremier-components/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 20:07:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 21 Feb 2022 20:07:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Feb 2022 20:07:17 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.4.1/css/ 49 KB
11 KB 68ms
50ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.4.1/css/all.css
Requested by: Host: s3media.clubpremier.com
URL: https://s3media.clubpremier.com/club_premier/clubpremier-components/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d3b4d5d99f92dcc1f1c169db00f76aa1dc65d5d82192afcff04cf8a018a7ba1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3media.clubpremier.com/club_premier/clubpremier-components/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2379759
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DAYJ1Q4GY974R2W1
x-amz-id-2: XAZx3sC09hTjQxWrhW9xQaz8xzRe+JDRWAjQaVBsP/A489cXZ8vq4yO4EVL9Rgomc1dJzYuJRMg=
last-modified: Wed, 30 Jun 2021 15:42:54 GMT
server: cloudflare
etag: W/"beb60a9475685e87a9738a7306591e69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSUSXRd7Nu3GP8fcC4sbZZIL%2FqLpw8ESut7%2F3wPpi1EXBn%2BBuqtYx0vC82t2TpB0rqbRNQ%2BasW9C%2FGbP%2FOcCpFiWbVf3amXoB6%2FdCbEXKblbGgqbF12nEcGuJJnqJRGK%2BWXXBO3eghZUpYTXYvJy81pV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6e12999dcd749125-FRA

GET
H2 200 css
fonts.googleapis.com/ 2 KB
610 B 140ms
55ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500

Requested by

Host: s3media.clubpremier.com
URL: https://s3media.clubpremier.com/club_premier/clubpremier-components/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b0781653bb9b578dfc505423b73703ec6910033f129d72654e922930e30219c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3media.clubpremier.com/club_premier/clubpremier-components/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 18:49:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 21 Feb 2022 20:07:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Feb 2022 20:07:17 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 95 KB
37 KB 149ms
54ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-KFMZFLX

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS973S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8553c8ea658c06ee16c71b201519d009edb557a9cd9e593374d8cf5733447d67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37013
x-xss-protection: 0
expires: Mon, 21 Feb 2022 20:07:17 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=23287336&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23287336%26t%3D2

43 B
1 KB

61ms
61ms

Image
image/gif

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23287336%26t%3D2

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

HTTP/1.1

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Feb 2022 20:07:17 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3cd4354f-af68-4d37-969c-3e55b748555a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 21 Feb 2022 20:07:17 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: cf9ffd26-20ef-4b52-8499-e745e6e1b1c8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23287336%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 172 KB
63 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B7583M6EK7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W56R6Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2625f173d3bd723f29e27716afcb23c6c2627884ed783cc47eca38107fc4d9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64897
x-xss-protection: 0
expires: Mon, 21 Feb 2022 20:07:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W56R6Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 145
date: Mon, 21 Feb 2022 20:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 21 Feb 2022 22:04:52 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: 2n6KLiQQvryc1owYcE1gW54Ipeh2CeREecnNnyeNdCToXXy+p4HG/ZFBTyvXEsWJ7IqY1VkauPBts/2VA0iO7Q==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 21 Feb 2022 20:07:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
29 KB 248ms
50ms Script
application/x-javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 14:10:54 GMT
server: nginx
etag: W/"61f1566e-14282"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H3 200 906484853467925 Show response
connect.facebook.net/signals/config/ 308 KB
87 KB 83ms
74ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/906484853467925?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

736ebe583ef70b26951e1dfcace22939c5d3e0b1f547d074ed9eb151f517b455

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: GMeI2J6+KRx+xBusHgzKkF4se3xuVnXt/BiemMOj5kWGZpdDarVlJqefsqDbLMWjrCNM27qxh1q4Doy3pfxCdw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 21 Feb 2022 20:07:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 374 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04a8622622058fbd3430e352bf4a9e4c53f28a973b7e2553032fe28674e388ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 hm-cr-acumulacion-a22-a.jpg
s3media.clubpremier.com/CPcms/22/st/ 15 KB
16 KB 76ms
74ms Image
image/jpeg 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/22/st/hm-cr-acumulacion-a22-a.jpg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0494a1e1088087af95351fa56f75f66cc82d7dc3e21cf5905f86e2710bc065c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17674
cf-polished: degrade=85, origSize=19244
vary: Accept-Encoding
x-amz-request-id: TB2B1TT9JGR5GBEK
x-amz-id-2: 4qXN0B4nf9xplacDdVMNA5ET+2whkki6urTpMKm+fTATagTLfIwcjJTq+4i233ACashMWX1hVVA=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 24 Mar 2022 20:07:17 GMT
last-modified: Fri, 18 Feb 2022 07:47:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "4f294aff9602db528607b6bac52c3549"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: axzGe.7F_kfmLybtoztFVU.CtA8XO_eb
content-length: 15796
cf-ray: 6e12999eaac79241-FRA
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 hm-st-app-c.jpg
s3media.clubpremier.com/CPcms/awp/bg/19/ 14 KB
14 KB 79ms
78ms Image
image/jpeg 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/awp/bg/19/hm-st-app-c.jpg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcc52623b722d28f22b11f02a5e2d46ce68c5ba2ef5c824eb25517b10c66c741

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17674
cf-polished: degrade=85, origSize=19535
vary: Accept-Encoding
x-amz-request-id: TB21G36XWJQYE63Z
x-amz-id-2: fIHiNzcV6JEXmO0s2N9XbJ6mts3uglPKWV1s3rRPysA4eQEJy4oSrY1VyCoWUgYJQ8h+5KXIOlI=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 24 Mar 2022 20:07:17 GMT
last-modified: Tue, 19 Feb 2019 17:04:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "76a2b7e36bc04fc603a3cb6c54d5cde9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: null
content-length: 14332
cf-ray: 6e12999eaacc9241-FRA
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 hm-citibanamex-170-aa.jpg
s3media.clubpremier.com/CPcms/21/st/ 9 KB
10 KB 57ms
55ms Image
image/jpeg 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/21/st/hm-citibanamex-170-aa.jpg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34dc33ab78081621de04def2a3294d1d392a1a891a65a1fb83de2a50d709d545

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86687
cf-polished: degrade=85, origSize=52457
vary: Accept-Encoding
x-amz-request-id: 7W6CZW05J1M7KTR1
x-amz-id-2: u2iYbl/UgLOCIBTKBP46bq965NyyY4wh3Aef7+G0p/b1InLYMoHTDso0RQb+OJjD4qQY8c225CU=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 24 Mar 2022 20:07:17 GMT
last-modified: Thu, 25 Feb 2021 01:39:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "35d901b4ccf688a73db0fe992408012b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: z_oAustaY0PVglGvFuhzzRfaKt0mc3qR
content-length: 9500
cf-ray: 6e12999eaacd9241-FRA
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 descuento-gaia.jpg
s3media.clubpremier.com/CPcms/22/st/ 11 KB
11 KB 56ms
55ms Image
image/jpeg 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/22/st/descuento-gaia.jpg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed96f0e25b21fccae5050a65b1f8dc8b9bb0dd6e6b114f5b4f62d191f9e99e09

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17674
cf-polished: degrade=85, origSize=44780
vary: Accept-Encoding
x-amz-request-id: TB28DQ8DWDY51NPR
x-amz-id-2: vJkQXN+J1U44t140PTaESY0La99Zp1yCpdIrOuVe7Pxe44zqrnc/H/27vD4KgK2/wcP78OgXH5k=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 24 Mar 2022 20:07:17 GMT
last-modified: Wed, 26 Jan 2022 17:39:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "80b074646dd131451d7f37ce818abff0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: R8POv1UHGi_P3.CijUOpbdQH41fYORBr
content-length: 11110
cf-ray: 6e12999eaacf9241-FRA
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 st-170-lino-na.jpg
s3media.clubpremier.com/CPcms/21/st/ 11 KB
12 KB 78ms
77ms Image
image/jpeg 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/21/st/st-170-lino-na.jpg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d81865f684671462683d428d6ea76817068361388c4d7403da27d62c71c16a14

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17674
cf-polished: degrade=85, origSize=49695
vary: Accept-Encoding
x-amz-request-id: TB2B45R1J5N8GQRV
x-amz-id-2: oU6xgpjkRYatHKLfmEeUwFnINUlzUyS5SMyb8rNp6om8Y5vWeJkhCDL2maPLM4dwcVXqidKwKUo=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 24 Mar 2022 20:07:17 GMT
last-modified: Tue, 27 Apr 2021 18:30:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "327a20012c8e0ccc47e551920c81141a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: KnnsOGY8AD6V4psh0iRtTwKKKIkg96ts
content-length: 11711
cf-ray: 6e12999eaad09241-FRA
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 hm-360-tienda-en-linea-fitnessfeb22-a.jpg
s3media.clubpremier.com/CPcms/22/st/ 22 KB
22 KB 41ms
41ms Image
image/jpeg 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/22/st/hm-360-tienda-en-linea-fitnessfeb22-a.jpg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd2864bd41d5df188ce00d9b3e006e2cb940f6d8a832e6eea636fa82d7a41c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17674
cf-polished: degrade=85, origSize=27852
vary: Accept-Encoding
x-amz-request-id: TB21X89SDXYH77NH
x-amz-id-2: zG/2T+FNci1vKqmXA2MgYA2H3qOjoL8/4OUsJAAIc/kQ/L+uSavGoSMNTEsmIqZZIkuoxR1pPjk=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 24 Mar 2022 20:07:17 GMT
last-modified: Mon, 21 Feb 2022 07:50:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "aec58e260b16023367ea8277bc33f2ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: 2_1t3bR_o6642_OeAC9yFb5BtMmPFJrL
content-length: 22255
cf-ray: 6e12999edb209241-FRA
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 st-360-estadodecuenta.jpg
s3media.clubpremier.com/CPcms/21/st/ 28 KB
28 KB 36ms
35ms Image
image/jpeg 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/21/st/st-360-estadodecuenta.jpg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6dcbbea9808b12185da5b69d5b203dcdddd6c7d11f98cc12774c44737fdbb9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 165393
cf-polished: degrade=85, origSize=122221
vary: Accept-Encoding
x-amz-request-id: NFH5S9SYGFMRPEGX
x-amz-id-2: L1u231WzpjMOrp6HKiVXXtNOmXHZ9hnrrLueyVTxPoEr+mHh0vPqWHjYYnrmFdbpd10+Q1CEs+8=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 24 Mar 2022 20:07:17 GMT
last-modified: Tue, 06 Jul 2021 16:22:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d1e435f221491e493bd3840c78159aa7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: MPdZtYd0Vingi9Qib6j0SZ_4e.G4GCZC
content-length: 28502
cf-ray: 6e12999edb219241-FRA
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 hm-bg-uber-utiliza360-b.jpg
s3media.clubpremier.com/CPcms/22/st/ 25 KB
25 KB 53ms
52ms Image
image/jpeg 2606:4700::6812:9e71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3media.clubpremier.com/CPcms/22/st/hm-bg-uber-utiliza360-b.jpg

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

318019898736266f648f606f238087c2a8044be7daf3b0631ec3a62f7ab5c8c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86687
cf-polished: degrade=85, origSize=30972
vary: Accept-Encoding
x-amz-request-id: 7W67T5X8MK570HRH
x-amz-id-2: hJeYneQH/d0R7Iy+kjZ9KIQd2WLrNxzo9nKHVseHhM3KveybyUm12Hf3gCVtRxjFE9BFdUQ4dso=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
expires: Thu, 24 Mar 2022 20:07:17 GMT
last-modified: Tue, 15 Feb 2022 16:33:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "834b4bff4392c786bf1215c66d443eaa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
x-amz-version-id: MBTmcIL8YbXgrjBhHf6XRSt4xoSXnVy.
content-length: 25530
cf-ray: 6e12999edb239241-FRA
access-control-allow-headers: cache-control, content-type
cf-bgj: imgq:85,h2pri

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 124ms
39ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.clubpremier.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:33:18 GMT
x-content-type-options: nosniff
age: 484439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 05:33:18 GMT

GET
H2 200 fa-solid-900.woff2
s3media.clubpremier.com/club_premier/clubpremier-components/fonts/ 120 KB
121 KB 54ms
31ms Font
binary/octet-stream 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3media.clubpremier.com/club_premier/clubpremier-components/fonts/fa-solid-900.woff2

Requested by

Host: s3media.clubpremier.com
URL: https://s3media.clubpremier.com/club_premier/clubpremier-components/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

550f1ae5d566afed493ab8b5f1dd1b4d5a777ef19d1b3c57bf7b01025fefd38c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://s3media.clubpremier.com/club_premier/clubpremier-components/css/main.css
Origin: https://www.clubpremier.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22420
cf-ray: 6e12999ecaf65c1a-FRA
content-length: 123132
strict-transport-security: max-age=0; includeSubDomains
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: ZYVRC7DE0APVA96K
x-amz-id-2: zmk6J5eLxAi1R3+rn4w7ONfspz5NscQCmPaf6pPJ30CbFUef1g62EliNIJko6OqZGraHtO/6ISo=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Jun 2021 21:54:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "ed0564f6ac76fa57df8a5a1f142f4157"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: WAu5fWtg46TEcfSVxyZLrNVA6DSYZdsw
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
accept-ranges: bytes
content-type: binary/octet-stream
access-control-allow-headers: cache-control, content-type
expires: Thu, 24 Mar 2022 20:07:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 135ms
50ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700|Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.clubpremier.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 522448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 18:59:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 165ms
81ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700|Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.clubpremier.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 11:22:37 GMT
x-content-type-options: nosniff
age: 463480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 11:22:37 GMT

GET
H2 200 fa-light-300.woff2
s3media.clubpremier.com/club_premier/clubpremier-components/fonts/ 161 KB
162 KB 46ms
24ms Font
binary/octet-stream 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3media.clubpremier.com/club_premier/clubpremier-components/fonts/fa-light-300.woff2

Requested by

Host: s3media.clubpremier.com
URL: https://s3media.clubpremier.com/club_premier/clubpremier-components/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8cdfe0414eac9a2380c093c8f3de44e1298e2ef2f9fcdf3a999f86c357ab5e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://s3media.clubpremier.com/club_premier/clubpremier-components/css/main.css
Origin: https://www.clubpremier.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12312
cf-ray: 6e12999ecaf85c1a-FRA
content-length: 164724
strict-transport-security: max-age=0; includeSubDomains
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 0RV9TMGV58JJH6MT
x-amz-id-2: jWrpYI4rgFFzL6WlExFWcdwzo+JtA7xLgTKfhl2j3Gv83epNtQ7q5f943sppVcU0Ke4c8Ua+C9g=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Jun 2021 21:54:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "50ef43c2ffd372ce035948a55ffcea13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: .a.uBkWRRhRSdLFMoDv2_Cs2tCN9FUTt
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
accept-ranges: bytes
content-type: binary/octet-stream
access-control-allow-headers: cache-control, content-type
expires: Thu, 24 Mar 2022 20:07:17 GMT

GET
H2 200 fa-brands-400.woff2
s3media.clubpremier.com/club_premier/clubpremier-components/fonts/ 73 KB
73 KB 72ms
50ms Font
binary/octet-stream 2606:4700::6812:9d71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3media.clubpremier.com/club_premier/clubpremier-components/fonts/fa-brands-400.woff2

Requested by

Host: s3media.clubpremier.com
URL: https://s3media.clubpremier.com/club_premier/clubpremier-components/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9d71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

835914c1ccc20d0d7eeef572c3652004d87400aa1221f3a0c3455135b8cf629d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://s3media.clubpremier.com/club_premier/clubpremier-components/css/main.css
Origin: https://www.clubpremier.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22419
cf-ray: 6e12999ecaf75c1a-FRA
content-length: 74652
strict-transport-security: max-age=0; includeSubDomains
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 8FWAKRCB1FPMNRWV
x-amz-id-2: ffGK3UxWgEr0uzPUk5SjrQcWCUMTVPmcrP5BDBACsfdruGNKo6qoXpEduidQx2xIeOSGJQS5w40=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Jun 2021 21:54:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8cce9d0aa5cffeee10f5aafcdf6723be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: kGW_CGC.pQj46MA0Bqe6.DHtVzt.JDI3
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=2678400
accept-ranges: bytes
content-type: binary/octet-stream
access-control-allow-headers: cache-control, content-type
expires: Thu, 24 Mar 2022 20:07:17 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 93ms
46ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-B7583M6EK7&gtm=2oe2g0&_p=94812939&sr=1600x1200&ul=en-us&cid=1412045493.1645474038&_s=1&dl=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Fbienvenido%2F&dt=Bienvenido%20%7C%20Programa%20de%20Recompensas%20%7C%20Club%20Premier&sid=1645474037&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B7583M6EK7&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.clubpremier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 137ms
53ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-641009633

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 20:07:17 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 47ms
46ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=94812939&t=pageview&_s=1&dl=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Fbienvenido%2F&ul=en-us&de=UTF-8&dt=Bienvenido%20%7C%20Programa%20de%20Recompensas%20%7C%20Club%20Premier&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=130500893&gjid=1052220523&cid=1412045493.1645474038&tid=UA-42285521-1&_gid=115448998.1645474038&_r=1&gtm=2wg2g0W56R6Q&z=1356315793

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clubpremier.com/mx/bienvenido/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.clubpremier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 46ms
46ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=94812939&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Fbienvenido%2F&ul=en-us&de=UTF-8&dt=Bienvenido%20%7C%20Programa%20de%20Recompensas%20%7C%20Club%20Premier&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=SAS%20360&ea=Set%20dimension%2020&el=segmentacion_ci360&_u=YADAAAABAAAAAC~&jid=200584809&gjid=1474931633&cid=1412045493.1645474038&tid=UA-42285521-1&_gid=246263412.1645474038&_r=1&gtm=2wg2g0W56R6Q&cd20=segmentacion_ci360&z=278172525

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clubpremier.com/mx/bienvenido/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.clubpremier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 114029469923923 Show response
connect.facebook.net/signals/config/ 309 KB
88 KB 67ms
67ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/114029469923923?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

29adea32d7b1898b91e75304ee37518d4ca53114b4efcd15f5265910a9ef4577

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: g7oVuWXzGcji5r8Spp432X3lvHuTobUtg3sARLPdTRhtrOK1wcCVYixm7uAYiG1loOhdJVKzP/dxr9pXUDGnoA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 21 Feb 2022 20:07:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 23ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=906484853467925&ev=PageView&dl=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Fbienvenido%2F&rl=&if=false&ts=1645474037726&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22500089607718465%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22vehicle%22%2C%22offers%22%3A%7B%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22387960195992653%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1645474037726.138947240&it=1645474037499&coo=false&exp=p1&rqm=GET

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 21 Feb 2022 20:07:17 GMT

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2358553&ADFPageName=www.clubpremier.com%7C%2Fmx%2Fbienvenido%2F&ADFdivider=%7C&ord=744858245965&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=http...
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2358553&ADFPageName=www.clubpremier.com%7C%2Fmx%2Fbienvenido%2F&ADFdivider=%7C&ord=744858245965&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc...

858 B
1 KB

87ms
87ms

Script
text/javascript

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2358553&ADFPageName=www.clubpremier.com%7C%2Fmx%2Fbienvenido%2F&ADFdivider=%7C&ord=744858245965&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Fbienvenido%2F

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f4a602f943eea87afe97e5410aa7d3d425feb98bd04b829305dfe5140c9739b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 699
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
server: nginx
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2358553&ADFPageName=www.clubpremier.com%7C%2Fmx%2Fbienvenido%2F&ADFdivider=%7C&ord=744858245965&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Fbienvenido%2F
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 60ms
18ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-42285521-1&cid=1412045493.1645474038&jid=130500893&gjid=1052220523&_gid=115448998.1645474038&_u=YADAAAAAAAAAAC~&z=184577125

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clubpremier.com/mx/bienvenido/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 21 Feb 2022 20:07:17 GMT
content-type: text/plain
access-control-allow-origin: https://www.clubpremier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-42285521-1&cid=1412045493.1645474038&jid=200584809&gjid=1474931633&_gid=246263412.1645474038&_u=YADAAAABAAAAAC~&z=991835086

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clubpremier.com/mx/bienvenido/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 21 Feb 2022 20:07:17 GMT
content-type: text/plain
access-control-allow-origin: https://www.clubpremier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/11784/ 44 KB
14 KB 37ms
9ms Script
text/javascript 18.66.97.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/11784/lt.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN68QHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 778a25df4bf3f56b246b91649c40d3783b7c1fe0486a99ea4b5f10981053b79d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 06:44:22 GMT
content-encoding: gzip
etag: W/"11d1b872e64301d78e8255a4c4e69ebc"
last-modified: Tue, 23 Nov 2021 19:37:02 GMT
server: AmazonS3
age: 48176
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: moekUh-ZSrIg7k4DULBW9DMuJ3Q_6OcLgVGINpKEcanG5iPn3vVyPA==

GET
H2 200 ot-all.min.js Show response
execution-ci360.clubpremier.com/js/ 21 KB
8 KB 331ms
20ms Script
application/javascript 2600:9000:218c:9000:7:ea02:ad80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-ci360.clubpremier.com/js/ot-all.min.js
Requested by: Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:9000:7:ea02:ad80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1c6134f289a9898178c2a0d4869b96fb572af95b3668c2008e575f7ce9aaa47f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 19:50:57 GMT
content-encoding: gzip
age: 981
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
via: 1.1 19d683585ba961e1ecbb57668eec0a62.cloudfront.net (CloudFront)
cache-control: max-age=1800
content-disposition: inline;filename=f.txt
x-amz-cf-pop: CDG50-P1
sas-service-response-flag: true
x-amz-cf-id: t_sIBrDbsiVzFM7RckJYdArydcPNkM8J9epyGCGhUk__ur_x5sHeXA==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/641009633/ 2 KB
2 KB 135ms
50ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/641009633/?random=1645474037807&cv=9&fst=1645474037807&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Fbienvenido%2F&tiba=Bienvenido%20%7C%20Programa%20de%20Recompensas%20%7C%20Club%20Premier&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8a85a122534ced843bfec57e9a53d2373cb50ffae1329df9a93a3cbaddedd1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1061
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/641009633/ 2 KB
1 KB 136ms
51ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/641009633/?random=1645474037809&cv=9&fst=1645474037809&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Fbienvenido%2F&tiba=Bienvenido%20%7C%20Programa%20de%20Recompensas%20%7C%20Club%20Premier&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46fcf6b886d0771dbb47e6bf8349eded8d6e5940067ba29d7d2a22bacbb6aeb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1056
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=114029469923923&ev=PageView&dl=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Fbienvenido%2F&rl=&if=false&ts=1645474037819&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22330206698479246%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22538168760874317%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22MXN%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22506204897169702%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22vehicle%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22317796106556991%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22price%22%3A%22%22%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%22404185380807896%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%222812627125665478%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1645474037726.138947240&it=1645474037499&coo=false&exp=p1&rqm=GET

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 21 Feb 2022 20:07:17 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 145ms
61ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42285521-1&cid=1412045493.1645474038&jid=130500893&_u=YADAAAAAAAAAAC~&z=1004736028

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 151ms
66ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42285521-1&cid=1412045493.1645474038&jid=130500893&_u=YADAAAAAAAAAAC~&z=1004736028

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 144ms
61ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42285521-1&cid=1412045493.1645474038&jid=200584809&_u=YADAAAABAAAAAC~&z=303393790

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 149ms
65ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42285521-1&cid=1412045493.1645474038&jid=200584809&_u=YADAAAABAAAAAC~&z=303393790

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/641009633/ 42 B
154 B 48ms
47ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/641009633/?random=1645474037807&cv=9&fst=1645473600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Fbienvenido%2F&tiba=Bienvenido%20%7C%20Programa%20de%20Recompensas%20%7C%20Club%20Premier&async=1&fmt=3&is_vtc=1&random=2944872358&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/641009633/ 42 B
154 B 52ms
52ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/641009633/?random=1645474037807&cv=9&fst=1645473600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Fbienvenido%2F&tiba=Bienvenido%20%7C%20Programa%20de%20Recompensas%20%7C%20Club%20Premier&async=1&fmt=3&is_vtc=1&random=2944872358&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/641009633/ 42 B
108 B 51ms
51ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/641009633/?random=1645474037809&cv=9&fst=1645473600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Fbienvenido%2F&tiba=Bienvenido%20%7C%20Programa%20de%20Recompensas%20%7C%20Club%20Premier&async=1&fmt=3&is_vtc=1&random=1051081921&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/641009633/ 42 B
108 B 52ms
52ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/641009633/?random=1645474037809&cv=9&fst=1645473600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Fbienvenido%2F&tiba=Bienvenido%20%7C%20Programa%20de%20Recompensas%20%7C%20Club%20Premier&async=1&fmt=3&is_vtc=1&random=1051081921&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ot-min.js Show response
execution-ci360.clubpremier.com/js/ 172 KB
41 KB 22ms
22ms Script
application/javascript 2600:9000:218c:9000:7:ea02:ad80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-ci360.clubpremier.com/js/ot-min.js
Requested by: Host: execution-ci360.clubpremier.com
URL: https://execution-ci360.clubpremier.com/js/ot-all.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:9000:7:ea02:ad80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 014752d6726385251808c831b4f036922cff2d0e03b9fc870e977ca728c1739e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 19:50:57 GMT
content-encoding: gzip
age: 981
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
via: 1.1 19d683585ba961e1ecbb57668eec0a62.cloudfront.net (CloudFront)
cache-control: max-age=1800
content-disposition: inline;filename=f.txt
x-amz-cf-pop: CDG50-P1
sas-service-response-flag: true
x-amz-cf-id: 5HOjHAEUOMi3zKwcoQ_tgvjAstjciIRq1NtaYvTYTRk9vK9fm3AKmw==

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 7335 5 KB
2 KB 81ms
26ms Document
text/html 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=2358553&ADFPageName=www.clubpremier.com%7C%2Fmx%2Fbienvenido%2F&ADFdivider=%7C&ord=744858245965&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Fbienvenido%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4fc95b903c1c985b758e1939161edb787ef4b14aa9cf18381cba3adc628b916f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/

Response headers

server: nginx
date: Mon, 21 Feb 2022 20:07:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
343 B 227ms
20ms Image
image/gif 37.157.6.252
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=2457621227375275241&stamp=CeS0LxXNJ2cDvP-67D9Y4w2

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 21 Feb 2022 20:07:18 GMT
cache-control: private
server: nginx
content-type: image/gif
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H2 200 1645474038139 Show response
execution-ci360.clubpremier.com/t/s/c/cc4298b0a100010453d287a0/ 69 KB
16 KB 332ms
332ms Script
application/javascript 2600:9000:218c:9000:7:ea02:ad80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-ci360.clubpremier.com/t/s/c/cc4298b0a100010453d287a0/1645474038139?version=1.1.0&domain=www.clubpremier.com&p=%2Fmx%2Fbienvenido%2F&params=&page_title=Bienvenido%20%7C%20Programa%20de%20Recompensas%20%7C%20Club%20Premier&referrer=&uri=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Fbienvenido%2F&requestedfile=%2Fmx%2Fbienvenido%2F&cts=1645474038139&tzo=0&platform=Linux%20x86_64&port=&protocol=https&flash_enabled=false&flash_version=&java_enabled=false&java_version=&screen_info=1600x1200@24&browser_language=en-US&character_set=UTF-8&csz=151627&bsz=1600x1200&tab_id=48778207586
Requested by: Host: execution-ci360.clubpremier.com
URL: https://execution-ci360.clubpremier.com/js/ot-all.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:9000:7:ea02:ad80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e8cd22f656b219a450c539d6e7c3ea202e21271c63bc9ed2f0efea0a776dc8e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:18 GMT
content-encoding: gzip
sas-service-response-flag: true
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-amz-cf-pop: CDG50-P1
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
x-amz-cf-id: isKZrc3HdgmYslkJ_LC4DCyuVFqcdvSO9ywZZ51cd8-fxi1oNKR__A==
via: 1.1 19d683585ba961e1ecbb57668eec0a62.cloudfront.net (CloudFront)

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 524A 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.clubpremier.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.clubpremier.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Mon, 21 Feb 2022 20:07:18 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 7335 0
261 B 26ms
26ms Image
text/plain 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:18 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 7335
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=2457621227375275241&Expiration=1646683638
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2457621227375275241&Expiration=1646683638

43 B
424 B

29ms
29ms

Image
image/gif

99.80.191.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2457621227375275241&Expiration=1646683638
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: H2
Server: 99.80.191.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-191-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 21 Feb 2022 20:07:18 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=2457621227375275241&Expiration=1646683638
date: Mon, 21 Feb 2022 20:07:18 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 7335 0
522 B 51ms
27ms Image
text/plain 104.89.29.143
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=2457621227375275241

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.89.29.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-29-143.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Feb 2022 20:07:18 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 20 Feb 2022 20:07:18 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 7335 0
214 B 37ms
8ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5253&puid=2457621227375275241
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 7335
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2457621227375275241&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2457621227375275241&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=4c253fb73a30441b9...
https://c1.adform.net/serving/cookie/match?party=9&uid=b8ade743701ac652e5c428e7328605298ab2974be1092d6154923751a31897e7

35 B
476 B

26ms
26ms

Image
image/gif

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=b8ade743701ac652e5c428e7328605298ab2974be1092d6154923751a31897e7

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662

Protocol

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=b8ade743701ac652e5c428e7328605298ab2974be1092d6154923751a31897e7
date: Mon, 21 Feb 2022 20:07:18 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 7335 43 B
163 B 53ms
16ms Image
image/gif 185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=2457621227375275241&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:17 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame 7335
Redirect Chain

https://pixel.advertising.com/ups/55944/sync?uid=2457621227375275241&_origin=1
https://pixel.advertising.com/ups/55944/sync?uid=2457621227375275241&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55944/sync?uid=2457621227375275241&_origin=1&apid=UPdeeb2837-9351-11ec-b489-065d7cf319f8
https://ups.analytics.yahoo.com/ups/55944/sync?uid=2457621227375275241&_origin=1&apid=UPdeeb2837-9351-11ec-b489-065d7cf319f8&verify=true

0
122 B

11ms
10ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=2457621227375275241&_origin=1&apid=UPdeeb2837-9351-11ec-b489-065d7cf319f8&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:18 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=2457621227375275241&_origin=1&apid=UPdeeb2837-9351-11ec-b489-065d7cf319f8&verify=true
date: Mon, 21 Feb 2022 20:07:18 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 7335 43 B
715 B 297ms
21ms Image
image/gif 104.76.201.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=2457621227375275241
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.76.201.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-201-117.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Feb 2022 20:07:18 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1645474038557013-377
Expires: Mon, 21 Feb 2022 20:07:18 GMT

GET
H/1.1

200
OK

sync
t.visx.net/ul_cb/ Frame 7335
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=2457621227375275241
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=2457621227375275241
https://t.visx.net/sync?tp_id=1&tp_uid=2964e481-609f-4672-9aae-95221c7b97bd&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd=
https://t.visx.net/ul_cb/sync?tp_id=1&tp_uid=2964e481-609f-4672-9aae-95221c7b97bd&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd=

43 B
601 B

17ms
17ms

Image
image/gif

35.210.91.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.visx.net/ul_cb/sync?tp_id=1&tp_uid=2964e481-609f-4672-9aae-95221c7b97bd&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: HTTP/1.1
Server: 35.210.91.196 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS: 196.91.210.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 21 Feb 2022 20:07:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://t.visx.net/ul_cb/sync?tp_id=1&tp_uid=2964e481-609f-4672-9aae-95221c7b97bd&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd=
Date: Mon, 21 Feb 2022 20:07:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7335
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2457621227375275241&expiration=1646683638
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2457621227375275241&expiration=1646683638&C=1

43 B
1006 B

54ms
54ms

Image
image/gif

72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2457621227375275241&expiration=1646683638&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: HTTP/1.1
Server: 72.247.225.98 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Feb 2022 20:07:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 21 Feb 2022 20:07:18 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 21 Feb 2022 20:07:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2457621227375275241&expiration=1646683638&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 309
Expires: Mon, 21 Feb 2022 20:07:18 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7335
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2457621227375275241&sInitiator=external
https://uip.semasio.net/adform/1/info?sType=sync&sExtCookieId=2457621227375275241&sInitiator=external
https://uip.semasio.net/adform/1/info2?sType=sync&sExtCookieId=2457621227375275241&sInitiator=external
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=b9396213-f0f6-4d00-bf9f-a78ca59a772e&sInitiator=internal&gdpr=&gdpr_consent=
https://uip.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=b9396213-f0f6-4d00-bf9f-a78ca59a772e&sInitiator=internal&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=bb4d6a9b-ab13-4873-9fd5-458674f0ab56
https://uip.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=bb4d6a9b-ab13-4873-9fd5-458674f0ab56
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=M0M3QkI1QzlGMjE5NzY4RQ&gdpr=1&gdpr_consent=

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=M0M3QkI1QzlGMjE5NzY4RQ&gdpr=1&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:16 GMT
frontend-id: 3
location: https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=M0M3QkI1QzlGMjE5NzY4RQ&gdpr=1&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 7335 0
344 B 34ms
8ms Image
text/plain 3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=2457621227375275241&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 21 Feb 2022 20:07:18 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 7335
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2457621227375275241
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2457621227375275241&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
331 B

64ms
8ms

Image
image/gif

2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: H2
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-nzt: AcO1rgVaQ/7/VeQOAA
x-accel-expires: @1645534881
date: Mon, 21 Feb 2022 20:07:18 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: K5x0AU7ctOs
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 975957
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Mon, 21 Feb 2022 20:07:18 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 400 398366.gif
idsync.rlcdn.com/ Frame 7335 0
0 51ms
20ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=2457621227375275241
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2

200

tpid=2457621227375275241
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/ Frame 7335
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2457621227375275241
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2457621227375275241

49 B
543 B

38ms
38ms

Image
image/gif

52.30.14.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2457621227375275241
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: H2
Server: 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.23.49
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2457621227375275241
cache-control: no-cache
x-server: 10.45.0.138
content-length: 0
expires: 0

GET
H/1.1 200
OK 29729
tags.bluekai.com/site/ Frame 7335 62 B
304 B 184ms
152ms Image
image/gif 104.90.192.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=2457621227375275241
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.192.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-192-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 21 Feb 2022 20:07:18 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 7335 43 B
274 B 57ms
21ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2457621227375275241
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
via: 1.1 google
server: OXGW/17.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 7335
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

129ms
36ms

Image
image/gif

52.218.56.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: HTTP/1.1
Server: 52.218.56.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 21 Feb 2022 20:07:19 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: VC0WN1ZN8SSF19BH
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: vXFG7Dffw6Mv1/v/xkjlw7mPDa7z0U5ysGI2OCsUirYNXAO6TrIxD9UQMEmC2JrHKpWj0yw01zE=

Redirect headers

X-Error-Reason: Missing UserId
Date: Mon, 21 Feb 2022 20:07:17 GMT
Server: akka-http/10.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 137

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 7335
Redirect Chain

https://pixel.onaudience.com/?mapped=2457621227375275241&partner=68
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b9983d2a7f929ead25b21096d280f7b5
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=bb4d6a9b-ab13-4873-9fd5-458674f0ab56&icm
https://spl.zeotap.com/?zdid=1332&zcluid=50b4a0662cddc5e1
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=65432c21-695c-4429-74dd-fa0e967f9260&reqId=43734b6b-2182-49a1-6ed9-654c9c43c0fc&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEGPKOyPIZYkqM3pf-rlFdAE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=65432c21-695c-4429-74dd-fa0e967f9260&reqId=43734b6b-2182-49a1-6ed9-654...

95 B
164 B

62ms
40ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEGPKOyPIZYkqM3pf-rlFdAE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=65432c21-695c-4429-74dd-fa0e967f9260&reqId=43734b6b-2182-49a1-6ed9-654c9c43c0fc&zcluid=50b4a0662cddc5e1&zdid=1332
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://c1.adform.net
access-control-allow-credentials: true
cf-ray: 6e1299a91e089058-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEGPKOyPIZYkqM3pf-rlFdAE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=65432c21-695c-4429-74dd-fa0e967f9260&reqId=43734b6b-2182-49a1-6ed9-654c9c43c0fc&zcluid=50b4a0662cddc5e1&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame 7335
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=2457621227375275241
https://tags.adsafety.net/v1/cm?cm_uid=CM12022022120979650f9221a7280ca9&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=7cbccef71120f110cbf0fd02a0a07112
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12022022120979650f9221a7280ca9&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=7cbccef71120f110cbf0fd02a0a07112&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMjAyMjEyMDk3OTY1MGY5MjIxYTcyODBjYTk
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEBWaMY8U-fhSp_0b0FkmRdk&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12022022120979650f9221a7280ca9
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2457621227375275241

43 B
2 KB

14ms
14ms

Image
image/gif

85.90.246.38
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2457621227375275241
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: HTTP/1.1
Server: 85.90.246.38 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1429-38.members.linode.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Feb 2022 20:07:18 GMT
Last-Modified: Mon, 21 Feb 2022 20:07:18 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
server: nginx
location: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2457621227375275241
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 7335 0
337 B 89ms
27ms Image
text/plain 52.31.15.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=2457621227375275241
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.15.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-15-140.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:18 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1645474038
x-served-by: beacon-n017-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 7335
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MjQ1NzYyMTIyNzM3NTI3NTI0MQ
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL3xp51aJs5aESjQWGkQefs&google_cver=1&google_ula=1641347,0

35 B
467 B

26ms
26ms

Image
image/gif

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL3xp51aJs5aESjQWGkQefs&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662

Protocol

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL3xp51aJs5aESjQWGkQefs&google_cver=1&google_ula=1641347,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 7335 0
261 B 27ms
25ms Image
text/plain 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:18 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame 7335
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://c1.adform.net/serving/cookie/match?party=3&id=6478686581827762797&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=2457621227375275241

43 B
998 B

14ms
14ms

Image
image/gif

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=2457621227375275241

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662

Protocol

HTTP/1.1

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Feb 2022 20:07:18 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2bc5e0dc-c185-477a-adf8-c5710d739d49
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
server: nginx
location: https://secure.adnxs.com/setuid?entity=91&code=2457621227375275241
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 7335 42 B
543 B 75ms
16ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2457621227375275241
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:18 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug029:0:470
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 7335 43 B
444 B 63ms
14ms Image
image/gif 18.66.248.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-63.dus51.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 21 Feb 2022 10:59:44 GMT
Via: 1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.18.0
Age: 32854
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-P1
Content-Length: 43
X-Amz-Cf-Id: botYZJ-emUIFFk8iA4qORYG7Y1__eePnFDHoMPyk4TrT7wT4x39kfA==

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 7335
Redirect Chain

https://a.audrte.com/a?adform_uid=2457621227375275241
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEGCIWHr50WGWS72Q8mEiBXE&google_cver=1
https://ps.eyeota.net/match?bid=kh51m51&uid=g8l03EWTZZGR9y4ZdHUE8ckEA&gdpr=0&gdpr_consent=

0
344 B

33ms
33ms

Image
text/plain

3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=kh51m51&uid=g8l03EWTZZGR9y4ZdHUE8ckEA&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: HTTP/1.1
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 21 Feb 2022 20:07:19 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Mon, 21 Feb 2022 20:07:19 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://ps.eyeota.net/match?bid=kh51m51&uid=g8l03EWTZZGR9y4ZdHUE8ckEA&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 7335
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2457621227375275241&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=2457621227375275241&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=24565685788381852460645829537220671178&noredirect=1

35 B
467 B

37ms
37ms

Image
image/gif

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=24565685788381852460645829537220671178&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662

Protocol

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-2-v028-0cd7a732c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: vip6QUlAR48=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=24565685788381852460645829537220671178&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 7335
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2457621227375275241
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165000804069000498106

35 B
467 B

26ms
26ms

Image
image/gif

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165000804069000498106

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662

Protocol

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165000804069000498106
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 7335
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7067257179643836558

35 B
467 B

31ms
31ms

Image
image/gif

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7067257179643836558

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662

Protocol

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7067257179643836558
Date: Mon, 21 Feb 2022 20:07:18 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK 33302
tags.bluekai.com/site/ Frame 7335 62 B
587 B 156ms
155ms Image
image/gif 104.90.192.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=2457621227375275241
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.192.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-192-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 21 Feb 2022 20:07:18 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 7335
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=b9396213-f0f6-4d00-bf9f-a78ca59a772e

35 B
467 B

26ms
26ms

Image
image/gif

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=b9396213-f0f6-4d00-bf9f-a78ca59a772e

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662

Protocol

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Mon, 21 Feb 2022 20:07:18 GMT
Server: MT3 4133 baa842e master zrh-pixel-x12 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=b9396213-f0f6-4d00-bf9f-a78ca59a772e
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Mon, 21 Feb 2022 20:07:17 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 7335
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=KW8WdK7q1NmeXQ5

35 B
467 B

26ms
26ms

Image
image/gif

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=KW8WdK7q1NmeXQ5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662

Protocol

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Mon, 21 Feb 2022 20:07:18 GMT
Server: PingMatch/v2.0.30-706-g7d26040#rel-ec2-master i-0159e44e8bb67c5f4@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=KW8WdK7q1NmeXQ5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 7335
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=bb4d6a9b-ab13-4873-9fd5-458674f0ab56

35 B
467 B

27ms
26ms

Image
image/gif

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=bb4d6a9b-ab13-4873-9fd5-458674f0ab56

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662

Protocol

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=bb4d6a9b-ab13-4873-9fd5-458674f0ab56
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 225

GET image.sbmx
global.ib-ibi.com/ Frame 7335 0
0

GET
H/1.1 200 0.gif
id5-sync.com/s/10/ Frame 7335 43 B
1009 B 43ms
9ms Image
image/gif 141.95.3.9
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=2457621227375275241

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.95.3.9 , France, ASN16276 (OVH, FR),

Reverse DNS

p32.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 21 Feb 2022 20:07:18 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 7335
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3316266259
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=sSDDFMtP79eUOQPxDZ19LO

35 B
467 B

26ms
25ms

Image
image/gif

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=sSDDFMtP79eUOQPxDZ19LO

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662

Protocol

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
via: 1.1 google
last-modified: Mon, 21 Feb 2022 20:07:18 GMT
server: nginx/1.18.0
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=sSDDFMtP79eUOQPxDZ19LO
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 7335 23 B
172 B 86ms
41ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=2457621227375275241
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 21 Feb 2022 20:07:18 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 7335
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2457621227375275241
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2457621227375275241&cs=1

35 B
376 B

13ms
13ms

Image
image/gif

88.99.149.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2457621227375275241&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: H2
Server: 88.99.149.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dmc-test-dn3
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:18 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=2457621227375275241&cs=1
date: Mon, 21 Feb 2022 20:07:18 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 7335 0
241 B 40ms
11ms Image
text/plain 2600:9000:223f:ca00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=2457621227375275241
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ca00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:18 GMT
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: LwduYGwOdgs-g-N6QJdXYoaFMNl9VA8UOTUdXFpDNYLV69N8og9Mtw==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 7335
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=2457621227375275241&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=2457621227375275241&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=6e8ee2df-b9c9-441e-83e4-fcd91f1ed2e8

35 B
467 B

26ms
26ms

Image
image/gif

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=6e8ee2df-b9c9-441e-83e4-fcd91f1ed2e8

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662

Protocol

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=2007&cid=6e8ee2df-b9c9-441e-83e4-fcd91f1ed2e8
date: Mon, 21 Feb 2022 20:07:18 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 2457621227375275241
match.contentexchange.me/adform/ Frame 7335 0
49 B 103ms
25ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/2457621227375275241?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:18 GMT
content-length: 0
server: nginx/1.16.1

GET
H2

200

xuid
eb2.3lift.com/ Frame 7335
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=2457621227375275241&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=2457621227375275241&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

11ms
11ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=2457621227375275241&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=2457621227375275241&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
date: Mon, 21 Feb 2022 20:07:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 7335 0
261 B 28ms
28ms Image
text/plain 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=2457621227375275241&agencyId=6285&advertiserId=2094403&src=tp&rnd=129662
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:18 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

POST
H3 200 / Show response
www.facebook.com/tr/ Frame B445 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.clubpremier.com
URL: https://www.clubpremier.com/mx/bienvenido/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.clubpremier.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.clubpremier.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Mon, 21 Feb 2022 20:07:18 GMT

GET
H2 200 cc4298b0a100010453d287a0 Show response
execution-ci360.clubpremier.com/t/s/p/ 9 KB
2 KB 170ms
169ms Script
application/javascript 2600:9000:218c:9000:7:ea02:ad80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-ci360.clubpremier.com/t/s/p/cc4298b0a100010453d287a0?version=1.1.0&domain=www.clubpremier.com&p=%2Fmx%2Fbienvenido%2F&params=&page_title=Bienvenido%20%7C%20Programa%20de%20Recompensas%20%7C%20Club%20Premier&referrer=&uri=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Fbienvenido%2F&requestedfile=%2Fmx%2Fbienvenido%2F&platform=Linux%20x86_64&port=&protocol=https&browser_language=en-US&character_set=UTF-8
Requested by: Host: execution-ci360.clubpremier.com
URL: https://execution-ci360.clubpremier.com/js/ot-all.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:9000:7:ea02:ad80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a1971f53e9c6d8c4e5de83dcf5bb13010f11e9453787d6f2703ad89bae9b8241

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:18 GMT
content-encoding: gzip
sas-service-response-flag: true
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
x-amz-cf-pop: CDG50-P1
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
x-amz-cf-id: 62ZpA9_uZIbo3H0IlMMrKuECKRLlW8feE3JLLXu4C5va71v_fMd2_Q==
via: 1.1 19d683585ba961e1ecbb57668eec0a62.cloudfront.net (CloudFront)

POST
H2 200 cc4298b0a100010453d287a0 Show response
execution-ci360.clubpremier.com/t/e/ 2 B
1 KB 269ms
268ms XHR
text/plain 2600:9000:218c:9000:7:ea02:ad80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-ci360.clubpremier.com/t/e/cc4298b0a100010453d287a0
Requested by: Host: execution-ci360.clubpremier.com
URL: https://execution-ci360.clubpremier.com/js/ot-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:9000:7:ea02:ad80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.clubpremier.com/mx/bienvenido/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 21 Feb 2022 20:07:18 GMT
via: 1.1 19d683585ba961e1ecbb57668eec0a62.cloudfront.net (CloudFront)
sas-service-response-flag: true
x-cache: Miss from cloudfront
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.clubpremier.com
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-pop: CDG50-P1
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
content-length: 2
x-amz-cf-id: iolDKddD3wN69Zq_e962IeyMgwUHM6m3-Tz9xB7YbaTj_Q3P2nEDlw==

GET
H2 200 ot-api.min.js Show response
execution-ci360.clubpremier.com/js/ 61 KB
19 KB 39ms
38ms Script
application/javascript 2600:9000:218c:9000:7:ea02:ad80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-ci360.clubpremier.com/js/ot-api.min.js
Requested by: Host: execution-ci360.clubpremier.com
URL: https://execution-ci360.clubpremier.com/js/ot-all.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:9000:7:ea02:ad80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5f8308b0efb2b804cc124a72fb3749b95122f366b708dc7fd5218b6d35cd41b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 19:53:09 GMT
content-encoding: gzip
age: 849
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
via: 1.1 19d683585ba961e1ecbb57668eec0a62.cloudfront.net (CloudFront)
cache-control: max-age=1800
content-disposition: inline;filename=f.txt
x-amz-cf-pop: CDG50-P1
sas-service-response-flag: true
x-amz-cf-id: gkNETpXK-CPsHp5AHMGMvijdPk_kQ_wlTGLSnNbNRnHvUojS8XHYvA==

GET
H2 200 cc4298b0a100010453d287a0 Show response
execution-ci360.clubpremier.com/t/s/c/ 336 B
1 KB 125ms
124ms XHR
application/json 2600:9000:218c:9000:7:ea02:ad80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-ci360.clubpremier.com/t/s/c/cc4298b0a100010453d287a0?domain=www.clubpremier.com&vid=46b18e2b4041304f55b1d1ef&sid=e2bf175b7dee1120283116fe&hb=10&loadId=1f96551edfb04c531f171230&p=%2Fmx%2Fbienvenido%2F&params=&page_title=Bienvenido%20%7C%20Programa%20de%20Recompensas%20%7C%20Club%20Premier&referrer=&uri=https%3A%2F%2Fwww.clubpremier.com%2Fmx%2Fbienvenido%2F&cts=1645474038844&tzo=0&platform=Linux%20x86_64&port=&protocol=https&screen_info=1600x1200@24&browser_language=en-US&character_set=UTF-8&csz=153662&bsz=1600x1200&tab_id=48778207586&java_enabled=false&flash_enabled=false
Requested by: Host: execution-ci360.clubpremier.com
URL: https://execution-ci360.clubpremier.com/js/ot-api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:9000:7:ea02:ad80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b95df93d19673d7f7e9cb6fa2ec2a15d1a8d0b75d515f76e2a81b7aa24fbba7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:07:18 GMT
via: 1.1 19d683585ba961e1ecbb57668eec0a62.cloudfront.net (CloudFront)
sas-service-response-flag: true
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.clubpremier.com
cache-control: no-cache
access-control-allow-credentials: true
x-amz-cf-pop: CDG50-P1
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
content-length: 336
x-amz-cf-id: VBbrkhNJLO7YygI7xApG8pNyAMr7VsIh-p7E8cBtI71vwhgs8HIDQw==

GET
H2 200 viewid=594782474503 Show response
tngciplzusp-ads.aimatch.com/tngciplzusp/bserverj/ball/domain=www.clubpremier.com/customerid=79046ff0-a21f-329a-b83e-d09415951fca/sessionid=e2bf175b7dee1120283116fe/hint=x/b1/spot_id=68114a3e-7066-4... 2 KB
2 KB 566ms
182ms XHR
application/json 52.10.115.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tngciplzusp-ads.aimatch.com/tngciplzusp/bserverj/ball/domain=www.clubpremier.com/customerid=79046ff0-a21f-329a-b83e-d09415951fca/sessionid=e2bf175b7dee1120283116fe/hint=x/b1/spot_id=68114a3e-7066-4e48-bf30-d7e360259729/page_url=L214L2JpZW52ZW5pZG8v/viewid=594782474503/b2/spot_id=7f54d170-6cbc-4c6d-bdc3-08d4d9b9141c/viewid=594782474503/b3/spot_id=81f93267-47b0-423e-9610-d325e906a0f7/viewid=594782474503/b4/spot_id=be36503e-27b0-4576-84a7-1dea5cbdd551/viewid=594782474503/b5/spot_id=ebdef725-97b9-4df2-8dc9-8b7a8c4ffd8a/viewid=594782474503
Requested by: Host: execution-ci360.clubpremier.com
URL: https://execution-ci360.clubpremier.com/js/ot-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.115.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-115-164.us-west-2.compute.amazonaws.com
Software: Match/6774.8f8123b6c7be148ad088a0df057cfeac34c1f947 (i-0d03f0b34458465cb) /
Resource Hash: 1c16dc70854d68621c007d9ea9c17596a4bd6a61f6a9980106a8b295a18bbdea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:19 GMT
server: Match/6774.8f8123b6c7be148ad088a0df057cfeac34c1f947 (i-0d03f0b34458465cb)
access-control-max-age: 600
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
access-control-allow-origin: https://www.clubpremier.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: X-Requested-With, origin, content-type, accept, accept-encoding, accept-language, cache-control, dnt
content-length: 1949
expires: -1

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/11784/ 465 B
951 B 25ms
9ms XHR
application/json 18.66.97.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/11784/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/11784/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 310d932bfa1b18ddd48c8fcb11cf6db2258c032c38f635bd0219e613b165ced1

Request headers

Referer: https://www.clubpremier.com/mx/bienvenido/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 21 Feb 2022 07:04:59 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
age: 46941
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 465
last-modified: Tue, 23 Nov 2021 19:37:02 GMT
server: AmazonS3
etag: "f1733bf89cf54944857a55b3b459df08"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: dmYAASHHa3xYe981vqKHZVKPOP3DqEVwBZmE5rAd_Vq95unufpdzVQ==

POST
H2 200 cc4298b0a100010453d287a0 Show response
execution-ci360.clubpremier.com/t/e/ 2 B
1 KB 263ms
262ms XHR
text/plain 2600:9000:218c:9000:7:ea02:ad80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-ci360.clubpremier.com/t/e/cc4298b0a100010453d287a0
Requested by: Host: execution-ci360.clubpremier.com
URL: https://execution-ci360.clubpremier.com/js/ot-api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:9000:7:ea02:ad80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.clubpremier.com/mx/bienvenido/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 21 Feb 2022 20:07:19 GMT
via: 1.1 19d683585ba961e1ecbb57668eec0a62.cloudfront.net (CloudFront)
sas-service-response-flag: true
x-cache: Miss from cloudfront
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.clubpremier.com
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-pop: CDG50-P1
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
content-length: 2
x-amz-cf-id: BA4Hy-i1gvYAvhk7O6Gx8HUahXLp6SYl8xvd8NEV9HR71L9zr0TOKQ==

POST
H2 200 cc4298b0a100010453d287a0 Show response
execution-ci360.clubpremier.com/t/e/ 2 B
1 KB 266ms
265ms XHR
text/plain 2600:9000:218c:9000:7:ea02:ad80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://execution-ci360.clubpremier.com/t/e/cc4298b0a100010453d287a0
Requested by: Host: execution-ci360.clubpremier.com
URL: https://execution-ci360.clubpremier.com/js/ot-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:9000:7:ea02:ad80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.clubpremier.com/mx/bienvenido/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 21 Feb 2022 20:07:19 GMT
via: 1.1 19d683585ba961e1ecbb57668eec0a62.cloudfront.net (CloudFront)
sas-service-response-flag: true
x-cache: Miss from cloudfront
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.clubpremier.com
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-pop: CDG50-P1
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
content-length: 2
x-amz-cf-id: 58eVaUrwA6rupGhVHw_DKsfCgHb5YlOlyHDO_uuLrPDnuXKH6VNLPw==

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 140 B
961 B 69ms
54ms XHR
application/json 52.30.14.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/11784/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8130bca850170982d2281ba897d522efe28630af05fad57b82337f7dc3ba059e

Request headers

Referer: https://www.clubpremier.com/mx/bienvenido/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:19 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.clubpremier.com
cache-control: no-cache
x-server: 10.45.26.4
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 140
expires: 0

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 280D 2 KB
1 KB 8ms
8ms Document
text/html 18.66.97.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=11784
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/11784/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.clubpremier.com/mx/bienvenido/

Response headers

content-type: text/html
last-modified: Mon, 01 Feb 2021 20:35:17 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Mon, 21 Feb 2022 05:20:15 GMT
cache-control: max-age: 86400
etag: W/"6fcf4f5197ab24c92d090f6ac8d87e01"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 3lVOx14iLyJVDNgmF4AwtYnFGXObO0aqBjYyu3bPAptUI5eYsheFwQ==
age: 53225

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame D2BC 1 KB
1 KB 29ms
29ms Document
text/html 52.30.14.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?s=22%2C81%2C61%2C12%2C78%2C8&c=11784
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=11784
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: d081c609ac072b86ea31a7da8faceefd21cf78c29e334b37b250cb8305639cf4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tags.crwdcntrl.net/

Response headers

date: Mon, 21 Feb 2022 20:07:19 GMT
content-type: text/html
content-length: 1198
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.9.5
server: Jetty(9.4.38.v20210224)

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame D2BC 170 B
188 B 50ms
50ms Image
image/png 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C81%2C61%2C12%2C78%2C8&c=11784

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK lotame
sync.sharethis.com/ Frame D2BC 42 B
232 B 46ms
8ms Image
image/gif 3.127.253.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/lotame?uid=b9983d2a7f929ead25b21096d280f7b5&gdpr=1

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C81%2C61%2C12%2C78%2C8&c=11784

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.127.253.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-127-253-208.eu-central-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 21 Feb 2022 20:07:19 GMT
Connection: keep-alive
Content-Length: 42
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: image/gif

GET
H/1.1 200
OK utsync.ashx
ml314.com/ Frame D2BC 43 B
422 B 127ms
30ms Image
image/gif 34.247.104.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50146&et=0&fp=b9983d2a7f929ead25b21096d280f7b5&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C81%2C61%2C12%2C78%2C8&c=11784
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.104.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Feb 2022 20:07:19 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Tue, 22 Feb 2022 15:07:19 GMT

GET
H/1.1 200
OK 5907
tags.bluekai.com/site/ Frame D2BC 62 B
304 B 152ms
151ms Image
image/gif 104.90.192.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=4b3b4bdd100db5d9d7e790d472ab17e6
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C81%2C61%2C12%2C78%2C8&c=11784
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.192.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-192-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 21 Feb 2022 20:07:19 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET image.sbxx
global.ib-ibi.com/ Frame D2BC 0
0

GET
H2 200 g.json Show response
aa.agkn.com/adscores/ Frame D2BC 124 B
433 B 8ms
7ms Script
application/json 18.193.91.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C81%2C61%2C12%2C78%2C8&c=11784
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.91.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-91-79.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 3c7a55aaaa7772db607dadd33553d1bfca5cd22a7750ccc9f96ef0542f14bacf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:19 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: application/json
content-length: 124
expires: 0

GET
H2 200 tpid=165000804069000498106
sync.crwdcntrl.net/map/c=368/tp=TARG/ Frame D2BC 49 B
264 B 32ms
31ms Image
image/gif 52.30.14.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=368/tp=TARG/tpid=165000804069000498106
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C81%2C61%2C12%2C78%2C8&c=11784
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 20:07:19 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.15.85
content-type: image/gif
content-length: 49
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=2457621227375275241

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=b9983d2a7f929ead25b21096d280f7b5

Verdicts & Comments Add Verdict or Comment

283 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

110 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.americanexpress.com/	1970-01-20 01:47:46	Name: cm.BiE$g6AQB6DpB96T8TNzJR9-mDhamex9 Value: 1645474035
www.clubpremier.com/	1970-01-20 09:50:10	Name: qtrans_front_language Value: mx
www.clubpremier.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: h208oaerp7voek4rl4jopahqcc
.clubpremier.com/	1970-01-20 03:14:10	Name: _gcl_au Value: 1.1.58126999.1645474037
.adnxs.com/	1970-01-20 03:14:10	Name: uuid2 Value: 6478686581827762797
.clubpremier.com/	1970-01-20 18:35:46	Name: _ga_B7583M6EK7 Value: GS1.1.1645474037.1.0.1645474037.0
.clubpremier.com/	1970-01-20 18:35:46	Name: _ga Value: GA1.1.1412045493.1645474038
.clubpremier.com/	1970-01-20 03:14:10	Name: _fbp Value: fb.1.1645474037726.138947240
.clubpremier.com/	1970-01-20 01:04:47	Name: ta_club_premier Value: /mx/bienvenido/_%_\|
.clubpremier.com/	1970-01-20 01:04:34	Name: lotame_domain_check Value: clubpremier.com
.adform.net/	1970-01-20 01:44:53	Name: C Value: 1
.adform.net/	1970-01-20 02:30:58	Name: uid Value: 2457621227375275241
.adform.net/	1970-01-20 01:06:00	Name: CM Value: 1\|1
.adform.net/	1970-01-20 01:24:43	Name: CM14 Value: 1645560438_1645474038_1_Hu7u4e4e4e7u7u4REREeERERERHhEA
.adscale.de/	1970-01-20 09:46:50	Name: uu Value: 4c253fb73a30441b9c3fd8574db74e6f
.adscale.de/	1970-01-20 09:46:50	Name: cct Value: 1645474038312
.bidswitch.net/	1970-01-20 09:50:10	Name: tuuid Value: 2964e481-609f-4672-9aae-95221c7b97bd
.bidswitch.net/	1970-01-20 09:50:10	Name: c Value: 1645474038
.bidswitch.net/	1970-01-20 09:50:10	Name: tuuid_lu Value: 1645474038
.ih.adscale.de/	1970-01-20 09:46:50	Name: tu Value: 4#1524273557#42~2457621227375275241~457076~0~0
.advertising.com/	1970-01-20 09:51:36	Name: APID Value: UPdeeb2837-9351-11ec-b489-065d7cf319f8
.yieldlab.net/	1970-01-20 09:50:10	Name: id Value: 93701fd4-b0bc-4d62-849d-1047e8334851
.eyeota.net/	1970-01-20 01:04:34	Name: SERVERID Value: 17903~DM
.casalemedia.com/	1970-01-20 09:50:10	Name: CMID Value: YhPw9jiA3jiNbBZ.U61tFQAA
.casalemedia.com/	1970-01-20 03:14:10	Name: CMPS Value: 3267
.yahoo.com/	1970-01-20 09:50:31	Name: A3 Value: d=AQABBPbwE2ICEIQpHjC9fEaxdKT6mhnqJ00FEgEBAQFCFWIdYgAAAAAA_eMAAA&S=AQAAAgq0VDF2XWlT1agJv_TCCmE
.seadform.net/	1970-01-20 02:30:54	Name: uid Value: 2457621227375275241
.analytics.yahoo.com/	1970-01-20 09:50:10	Name: IDSYNC Value: 1760~23d8
.360yield.com/	1970-01-20 03:14:10	Name: tuuid Value: ea291064-e572-48a9-8379-400a611bd398
.360yield.com/	1970-01-20 03:14:10	Name: tuuid_lu Value: 1645474038
.crwdcntrl.net/	1970-01-20 07:33:22	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 07:33:22	Name: _cc_id Value: b9983d2a7f929ead25b21096d280f7b5
.360yield.com/	1970-01-20 03:14:10	Name: um Value: !42,SO3.DdujUhsFNlBWYL1kNoFUk45P-nUvzxoTbNMen9WT,1646683638
.360yield.com/	1970-01-20 03:14:10	Name: umeh Value: !42,0,1707682038,-1
.casalemedia.com/	1970-01-20 03:14:10	Name: CMPRO Value: 1196
.casalemedia.com/	1970-01-20 09:50:10	Name: CMRUM3 Value: 6f6213f0f627602457621227375275241
.casalemedia.com/	1970-01-20 01:06:00	Name: CMST Value: YhPw9mIT8PYA
.exelator.com/	1970-01-20 03:57:22	Name: EE Value: "7184c398bcc102e78b3cea610fd664f7"
cm.adsafety.net/	1970-01-20 09:50:10	Name: UID Value: CM12022022120979650f9221a7280ca9
.adsafety.net/	1970-01-20 09:50:10	Name: cm_uid Value: CM12022022120979650f9221a7280ca9
.exelator.com/	1970-01-20 03:57:22	Name: ud Value: "eJxrXxzq6XKLQcHc0MIk2djSIik52dDAKNXcIsk4OTXRzNAgLcXMzCTNfHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJiSX5RZvoiF9fFRSlpDItKik8F7%252B%252F7DAB9YSqz"
t.visx.net/	1970-01-20 09:50:10	Name: tuuid Value: 5098e875-730a-47b5-972c-6024e7776acc
t.visx.net/	1970-01-20 09:50:10	Name: c Value: 1645474038
t.visx.net/	1970-01-20 09:50:10	Name: tuuid_lu Value: 1645474038
execution-ci360.clubpremier.com/	1969-12-31 23:59:59	Name: _SI_VS_3.cc4298b0a100010453d287a0 Value: e2bf175b7dee1120283116fe
execution-ci360.clubpremier.com/	1970-01-20 18:35:46	Name: _SI_VID_3.cc4298b0a100010453d287a0 Value: 46b18e2b4041304f55b1d1ef
execution-ci360.clubpremier.com/	1969-12-31 23:59:59	Name: _SI_DID_3.cc4298b0a100010453d287a0 Value: 79046ff0-a21f-329a-b83e-d09415951fca
tags.adsafety.net/	1970-01-20 09:50:10	Name: UID Value: 7cbccef71120f110cbf0fd02a0a07112
tags.adsafety.net/	1970-01-20 09:50:10	Name: DID Value: 7cbccef71120f110cbf0fd02a0a07112
tags.adsafety.net/	1970-01-20 09:50:10	Name: IDT Value: 100
tags.adsafety.net/	1970-01-20 09:50:10	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 01:47:46	Name: block_reset Value: 1
.adsafety.net/	1970-01-20 09:50:10	Name: ct_uid Value: 7cbccef71120f110cbf0fd02a0a07112
.adsafety.net/	1970-01-20 09:50:10	Name: ct_did Value: 7cbccef71120f110cbf0fd02a0a07112
.adsafety.net/	1970-01-20 09:50:10	Name: ct_idt Value: 100
t.visx.net/	1970-01-20 09:50:10	Name: um2 Value: !1,2964e481-609f-4672-9aae-95221c7b97bd,414724038
.krxd.net/	1970-01-20 05:23:46	Name: _kuid_ Value: OrSdE-i_
cm.adsafety.net/	1970-01-20 09:50:10	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 09:50:10	Name: DID Value: 7cbccef71120f110cbf0fd02a0a07112
ads.smartstream.tv/	1970-01-20 09:50:10	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 09:50:10	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 01:47:46	Name: cm_uid Value: CM12022022120979650f9221a7280ca9
ads.stickyadstv.com/	1970-01-20 02:30:58	Name: uid-bp-617 Value: 2457621227375275241
ads.stickyadstv.com/	1970-01-20 01:47:46	Name: UID Value: 62cb571eeb78ee8426367cbe1c1bea34
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: e88320db4db730b47761938ff16daf77
.doubleclick.net/	1970-01-20 10:26:10	Name: IDE Value: AHWqTUkkpoko9OacbFmgSsVx9hlqIAwuzGVrVnAB7HACiQUk3lynVAJOzMqmyQGygLc
.adnxs.com/	1970-01-20 03:14:10	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2In<sKMz(!]tb`8i_imf$9G=A^A/0)5wx1/A@a$J*=<n/=Wew)dvGpvzjsfP(hw9P-HC_#tv^B(Xs)V
.pubmatic.com/	1970-01-20 01:47:46	Name: KRTBCOOKIE_391 Value: 22924-2457621227375275241&KRTB&23263-2457621227375275241
.pubmatic.com/	1970-01-20 01:47:46	Name: PugT Value: 1645474038
.pubmatic.com/	1970-01-20 03:14:10	Name: PUBMDCID Value: 3
.clubpremier.com/	1970-01-20 18:35:46	Name: _SI_VID_1.cc4298b0a100010453d287a0 Value: 46b18e2b4041304f55b1d1ef
.clubpremier.com/	1969-12-31 23:59:59	Name: _SI_DID_1.cc4298b0a100010453d287a0 Value: 79046ff0-a21f-329a-b83e-d09415951fca
.agkn.com/	1970-01-20 09:50:10	Name: ab Value: 0001%3ANpWVop65kTxDLEG5m2kGVc1jRkJyGqwJ
.adfarm1.adition.com/	1970-01-20 03:14:10	Name: UserID1 Value: 7067257179643836558
.mathtag.com/	1970-01-20 10:30:29	Name: uuid Value: b9396213-f0f6-4d00-bf9f-a78ca59a772e
.demdex.net/	1970-01-20 05:23:46	Name: demdex Value: 24565685788381852460645829537220671178
.onaudience.com/	1970-01-20 09:50:10	Name: cookie Value: 50b4a0662cddc5e1
.onaudience.com/	1970-01-20 01:06:00	Name: done_redirects104 Value: 1
.dpm.demdex.net/	1970-01-20 05:23:46	Name: dpm Value: 24565685788381852460645829537220671178
.id5-sync.com/	1970-01-20 01:04:34	Name: cf Value:
.id5-sync.com/	1970-01-20 01:04:34	Name: cip Value:
.id5-sync.com/	1970-01-20 01:04:34	Name: cnac Value:
.id5-sync.com/	1970-01-20 01:04:34	Name: car Value:
.id5-sync.com/	1970-01-20 01:04:34	Name: gdpr Value:
.id5-sync.com/	1970-01-20 01:04:34	Name: callback Value:
cm.adsafety.net/	1970-01-20 09:50:10	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaNmkwc0tTYXFuR3JVallaV3BtSU5xV1dZVVppZUJEYStlU21lU0gyU3Q5bDFBUGhLOVhUVTFBdXBTMVI5cHYrSzJmRjl4OWd6MllGbzFnY0hqTVVBYm9XMzdMMW9xL245SEUxeGNOQkQ5bXJQVVF2aUQzWGV1YSsva0Z2WjRQckZoTktqckp0TVpGKzFTZmx4eFFma0VGdGlnUDYrbGs4Mzgydm1ZaVhVUzZnSUZxUG9DQWFNNUJjbHk3OCtxSGZROXUzTS9oRUNOOGdrR3FlVytXb09NZmtYcTAwK0FQUGV1V2s0VlRHTkxlMGhJbnJncnYzaHBENVRNVzdmdm51Nk92LzFScVdDaURtUlovOC9XUXJxTFdnOXZRNzF5aEhyaUlkNHFyRmlMU0h0QWJyZjczVWpGMFlxdW5HQTRtcXY5dGxVRkpjRHRVOUkzb3dYb0Q2b2V1TEwrbStzTXZmZkRWUHVUdnpaZ2h4M3M5TDBFYllOYXdEbTdQeDA2dVlLTCtJTUwwZzI3aEM3dy9YQk5TUjRjcy9GRUk3aG11UXdBWnFxSjgycGZwK1MvYnU0OHBDTUZBUGorRWFvaGVmSGJuRk5FdXBkcVBSSzZuMzFiMTZ3bTlhSGJQU0J4QTM1aUE4ci90Q0RLL0ZzdDcvS2pEajZOKzRSVVJ0aGZxQS9uN0EwYXhjV3U1cnE4MEpBYW9wM0RTZEV1TEZhVjFDamNjTWFzMVNqVlhuRkZxZFhkZU9IOFhqNDNSYVFIZXY2dUFvQXhxS25wM0M3ZWdSTnMyTzJQaDNKRXZxL3g2UkNxaThQOXpGZkkrT21SRzdmbTlJSkdXc1hoeGtPem9IMWRQR1RYTENJd0YxZUR5QzVQbTUvcnFPVGh4UE5yY1krOHgyZTRMMHdGcDJlWDZVOUdvMjBHSy93ZzZrWjVCYmxXUUlMRGR1UGlXbysydm9MRm1kMmVZRk15MzBZenhNVTNyRk5ZV1ZkdW04dkpYTFBjZU1hdVVCTlA5c3JsSkd2RTR1dHBMYkZDcTVsRjhHdWV3NWJ1SitTTWR4K1ZzNk1lOUw0ODV5TE5aV3V5RXlxZ3JBZzFTS25oSVcyWFJiNGc9PQ%3D%3D
.w55c.net/	1970-01-20 10:30:29	Name: wfivefivec Value: KW8WdK7q1NmeXQ5
.w55c.net/	1970-01-20 01:47:46	Name: matchadform Value: 5
.adsrvr.org/	1970-01-20 09:50:10	Name: TDID Value: bb4d6a9b-ab13-4873-9fd5-458674f0ab56
.1dmp.io/	1970-01-20 09:50:10	Name: uid Value: df337bd0-9351-11ec-a15e-901b0e8d6a9d
.weborama.fr/	1970-01-20 10:36:14	Name: AFFICHE_W Value: f7Q@VOZgNO5-11
.tapad.com/	1970-01-20 02:30:58	Name: TapAd_TS Value: 1645474038833
.tapad.com/	1970-01-20 02:30:58	Name: TapAd_DID Value: 6e8ee2df-b9c9-441e-83e4-fcd91f1ed2e8
.onaudience.com/	1970-01-20 01:06:00	Name: done_redirects147 Value: 1
.3lift.com/	1970-01-20 03:14:10	Name: tluid Value: 936921881892960891869
.tapad.com/	1970-01-20 02:30:58	Name: TapAd_3WAY_SYNCS Value:
.semasio.net/	1970-01-20 09:50:10	Name: SEUNCY Value: 3C7BB5C9F219768E
.audrte.com/	1970-01-20 01:26:10	Name: arcki2 Value: g8l03EWTZZGR9y4ZdHUE8ckEA!20210804!1645474038925
.audrte.com/	1970-01-20 01:08:53	Name: arcki2_TTT Value: 1645474038926!g8l03EWTZZGR9y4ZdHUE8ckEA!H4sIAAAAAAAAACWXOa5YNwxFF/NqARpIkSpTpAiCpAi8AU3c/xJ89NPY/8N6Enl5B9pzjbq3Jd+uSfbOaQ0tqd+itRQpW9uX+63tzJ1OvSO1WDONWiYn2z7aTo2yPt8xW+WS26okab2neRs3+Yi7yyrX8iemHmPe1G1ySLunGXkn7XW67RW3yGe+5h1SUm7zpNaivEOafEW4hNk49ukwqcolM/tKEruncUpL2Wqcdb1X7V8WKSZN0xmqqR1+8jFuGio6Yi45Y3zbtNSskfhup3ZtJu8rUzhPh6yy+vjq1e1j17RvH0nW1bQKD2cfy4/GXaFfv/dUqZbUx6G75WnsA7at5btuPnntT/0U8JJk3m6SOygcdFKvmff3lPD+VR6b5VD4OnQnh5r7WmmZ7D4kS+E5KX69nZ36sEvhOdLIwgCj7yKrlib1a16O12Kp+AaCMKfwLum06JaHjTXKJ2fJ5OakthmLtACnyrzvnTuKnRn+zajU+SZyc0lSKWx05dCWnmNuDWoyihZaSWPxh8whb3YlAVijCtdz2jepsGZYkNs7ZDvStDrTjRqT0YdcbrJrbU4gmEAkMirdzcxsyimzgxmHZqGXcOM5r6ltnWn6ZoA5j1b4HLJ+t549jYm13qi+15VmN32Fxa7b2jnzszOi8nLiVyDIC/quJumW7nedPiLOF1vr7NKSMmhYUGHB1pzuyEsYbJWlDFhlF5e0WnNI5w3EuROlnc4nubVF4bXmEjQWAZ9qP3SHeEJL7jrX6nl+U2zt3EbqbTeeE7rrulLdugWyBxV/9p4xBZ3ZAJM5oksg0H7GFke4EZ+WjTgLVLsB6dZEweYBC+4Z61hvot9xkesVqq1meAGI+6Imrpl2omu+CCF8wHOBdBtmViTjsS98kWX0mhHQZ/nEEkg5z8mQ7hpgW6XwwnhXHS7+uXYp+d5ku0eCNE+cFckcbMX6znndbxWNeg5qCkgp90nKR36jzljAyrW2DznbvftgPZNDMDBRtyLDXDMCnMX02335rAaOfW8OVRCzNSDdkSveIlMTLD100lNtwZsX11ldAONuy8WgVM1fbX7xEtp5kmwCrHMakjrzmM0KPffXcECN3NOGYu+5Ax8W2I9e/Y4ZrcRXaKg0bYmPeMSfzLXDp7lRQe9Wdv9OtNP11lQmGmm5nDQRVlqzjI5+JZidZFWMN4DgkSpT0/IC5e/st/mExPurigc/qmHO9iSFzE8GrJ67L5Bs1ih8VIgHenCP53hpAEq61waCWRZWvtbLjsiY5FpPLflZU2bKTXO+Gme6fNN97kpNfTgQrFXBKT/xRT5T5Hnn11uRHY5h8Ak49QWfdCBzvYEWzMv+uNKgoKQYRuFYOoihizX4a5Xa27xfRTUGRXFSOCzxyrlYqKqWoWZiw74NUJsvUjMQby8bRj3cRNwJGcfMzkdiwWlIt8mRRIQgBJIEJ9qP5NygqCXvW5Wxl1Oxw0z1P+KaYwPNWVPozmLAUHBuLsgc001zl5tKVVwZ4tHjx4nl5C8QYsGyGuIU6NXLK3kprci392rDoW+82MCCGcsbQKk+wXJtwuPzG2svNFQBhpuIKpyS57AbvkVxzaAKlJxlIf6KGhQtE1fA3gggLZ2gkE92w9SRpN7p+DgsQDwlabQ1+EFzncSGzIt46BmcRTCUKZ3c9oYJUqje+4WApKOmvqynpofZ9UyQqmIqpw6m/51Nj4UoOxnP/D8ROohcLZdMLBaBpPTCOuSB574NA44jRExoYs9Ywch4JkVQIovAyfGyhZpWhl74g+6Q3oH3O3KIEVhCXYWanMQQQnGd2waxzfjZVbC6Psgui5cI9UfBBGkjyl1IaC75ENLFckva5hQe2OXSoQnTuOrM73nBnaPgbwc7NVzFX4o9T/QOA2IMSjnfFa13D0+7EVWS8QIX/MOHR6dwSK4sWbcWL1BtMuU23v5jRNXCB8z69c2hv/7954///v7zV6JaSxUPZGLfbbZ8Ywm+X542hLJ2WEL6h9v66VW+H8eMglpxaDSyWb2gV3r7zSJwRwkWJmfqSg5hG6yDL8UIRX71WncbtVm0D+XgUoVLYAqei1MOi/eTEe8Xku785WP7Cp6+NHOyCBtMY/Z9tlOqIBXp3yAy2fH8hdEbu/7UdBnr8IoDskvljyJgXUSy8kYEspDyznRID0Fr+Yz87bhU8wJ0wCJqgtSDHFjMvfhseOATf+W0aMr4xAs4XmrGcYZuTMv9BIcss8Vgt+eFyRvmeLux8w/j7jcs/8L3mZbZSfdbBMbz5I5Q4FQ7+QntYNwE/Q2WF1aOl6eHjGYhZ++YXjdUxL8/EpHlijyeWCakflNcdEdDRH90Acev51uCRvCy9boTICgMWJ+ZnCY/KXibCpuKp4wnvJ4g5cwXpxOi65HIMMlDHTdYywvxjqKhKkEBmATEYEVstX/OeCsLT9pcTh5DhRX27JQdBOtaB09mUHsM+G5VXwpO3P8QZRmDlEBqR8q3NJTQJkLaW5ttIVnhvxd76pMRrIFP9cd7YSYuRgSclziLZK3V8GMP1g75DTIdErDNDAAA
.onaudience.com/	1970-01-20 01:06:00	Name: done_redirects219 Value: 1
.adsrvr.org/	1970-01-20 09:50:10	Name: TDCPM Value: CAESFgoHc2VtYXNpbxILCPyk-r3537o6EAUYASABKAIyCwj8nP3qj-C6OhAFOAFaB3NlbWFzaW9gAg..
.zeotap.com/	1970-01-20 09:50:10	Name: zc Value: 65432c21-695c-4429-74dd-fa0e967f9260
.zeotap.com/	1970-01-20 01:06:00	Name: zsc Value: 1%BD+%05%00%83%CDM%F6%E7%DA%EE%94%3C%B0%A3%26P1%F3%AE%F6%D6%15%0B%AE%84%23r%0Fb%84%CFO%EFF%88%1A%3Atjs%A8%A1etLX%8Bg%7F%18%FC%D5%85%1F%EB%F7%EDE%F2%CCC%8Am%E3%FB%85%8B%BA%EF%D9g%E4%DB%2A%DE%3E%2C%83%8C%BB%85
.clubpremier.com/	1969-12-31 23:59:59	Name: _SI_SID_1.cc4298b0a100010453d287a0 Value: e2bf175b7dee1120283116fe.1645474039433.455
.crwdcntrl.net/	1970-01-20 07:33:22	Name: _cc_cc Value: "ACZ4XmNQSLK0tDBOMUo0T7M0skxNTDEyTTIyNLA0SzGyMEgzTzJlAIIk4Q%2Ff%2FwMBP4gDBqKTL35TZuyIYfjPyMjwpX2eGoy96m6fCoy9ekIvXLyh4aAuTHwjkvhaJPaf%2F01wvT8fbIbrvb38gCJM75L1CPbxTVNYYOIfP1vCmM8Wz4ELHz96iBkmvnvfZQEY%2BzCSmg8T54jDxKefUIcx3y1BGPN%2F6wu46wFZEmV3"
.crwdcntrl.net/	1970-01-20 07:33:22	Name: _cc_aud Value: "ABR4XmNgYGBIEv7wHUhBABMDq0obiMmq0gIkAUgLA7s%3D"
.www.clubpremier.com/	1970-01-20 07:33:22	Name: _cc_id Value: b9983d2a7f929ead25b21096d280f7b5
execution-ci360.clubpremier.com/	1970-01-20 01:14:38	Name: AWSALB Value: /oryIZ9IB7Lkcp6FGccm4YuoTAEL7o92jKpcK6rJfZi/I+hfNmdbwSGWmIFT7fD2RWXvanZLPMVmNW81SANXSO7bRm3sgGWl+EtAdE6iaQRdwkdxUxEMQp16oAbAFvbZ3dZUL0wwpL1g16RVcSijEUML8qi4xYSwh3YTUN4CeJGOll9wWVU3+2FEM1HexQ==
execution-ci360.clubpremier.com/	1970-01-20 01:14:38	Name: AWSALBCORS Value: /oryIZ9IB7Lkcp6FGccm4YuoTAEL7o92jKpcK6rJfZi/I+hfNmdbwSGWmIFT7fD2RWXvanZLPMVmNW81SANXSO7bRm3sgGWl+EtAdE6iaQRdwkdxUxEMQp16oAbAFvbZ3dZUL0wwpL1g16RVcSijEUML8qi4xYSwh3YTUN4CeJGOll9wWVU3+2FEM1HexQ==
execution-ci360.clubpremier.com/	1969-12-31 23:59:59	Name: _SI_SID_3.cc4298b0a100010453d287a0 Value: e2bf175b7dee1120283116fe.1645474039661.748

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=2457621227375275241 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=2457621227375275241 Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=b9983d2a7f929ead25b21096d280f7b5 Message: Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.crwdcntrl.net
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
api.adrtx.net
bcp.crwdcntrl.net
beacon.krxd.net
c1.adform.net
cm.adsafety.net
cm.g.doubleclick.net
connect.facebook.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
email.americanexpress.com
eu-u.openx.net
execution-ci360.clubpremier.com
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
googleads.g.doubleclick.net
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
ml314.com
mwzeom.zeotap.com
pdw-adf.userreport.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
s3media.clubpremier.com
secure.adnxs.com
simage2.pubmatic.com
spl.zeotap.com
stats.g.doubleclick.net
sync.1dmp.io
sync.crwdcntrl.net
sync.sharethis.com
sync.teads.tv
t.visx.net
tags.adsafety.net
tags.bluekai.com
tags.crwdcntrl.net
tngciplzusp-ads.aimatch.com
token.rubiconproject.com
uip.semasio.net
uipglob.semasio.net
ups.analytics.yahoo.com
use.fontawesome.com
www.clubpremier.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
x.bidswitch.net
global.ib-ibi.com
104.111.242.245
104.76.201.117
104.89.29.143
104.90.192.27
13.248.245.213
139.162.141.41
141.95.3.9
142.250.186.66
142.250.186.98
18.193.91.79
18.196.233.14
18.198.182.119
18.66.248.63
18.66.97.88
185.167.164.39
185.33.221.14
185.64.190.80
185.86.137.132
2.18.233.201
2600:9000:218c:9000:7:ea02:ad80:93a1
2600:9000:223f:ca00:1b:5138:8a40:93a1
2606:4700:10::ac43:db6
2606:4700::6812:9d71
2606:4700::6812:9e71
2a00:1450:4001:803::200e
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200a
2a00:1450:400c:c1b::9c
2a02:6ea0:c700::11
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3121::7
3.125.70.222
3.126.56.137
3.127.253.208
3.213.248.174
34.247.104.176
34.254.143.3
35.156.243.46
35.190.16.14
35.210.91.196
35.227.248.159
35.244.159.8
35.244.174.68
37.157.2.236
37.157.5.72
37.157.6.252
46.19.11.36
50.57.31.206
51.79.83.225
52.10.115.164
52.19.204.92
52.211.146.69
52.218.56.195
52.223.40.198
52.30.14.23
52.31.15.140
54.93.153.188
65.117.228.68
69.173.144.138
72.247.225.98
77.243.60.138
85.114.159.93
85.90.246.38
88.99.149.88
91.210.226.74
99.80.191.196
014752d6726385251808c831b4f036922cff2d0e03b9fc870e977ca728c1739e
016980f05d138d5ffba313dc6a6d9837e288342a039366be7d960ad38ca1d48a
0494a1e1088087af95351fa56f75f66cc82d7dc3e21cf5905f86e2710bc065c9
04a8622622058fbd3430e352bf4a9e4c53f28a973b7e2553032fe28674e388ce
06a1a66be89920a276d6b603a60cd025b1af7edaaff2ebb49b4f6891fc9e843a
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1a76b2edefa2f52f77dedea80f415b659c2d18f3350f6006b6bc1dc99d013259
1c16dc70854d68621c007d9ea9c17596a4bd6a61f6a9980106a8b295a18bbdea
1c6134f289a9898178c2a0d4869b96fb572af95b3668c2008e575f7ce9aaa47f
1d8b61c6408c4958ee4e6b3cc18292b1c400c0fd73b8a410b9312350c61ebf69
2051e7e392261c8ccd16ea5183855e3b2b50ab8c4310619ef6d0ff6aad10dc54
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
29adea32d7b1898b91e75304ee37518d4ca53114b4efcd15f5265910a9ef4577
2a81e34680b8e7fa9dcad337c9264f7d795f4657d2dec25bb955463ce13e282d
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
310d932bfa1b18ddd48c8fcb11cf6db2258c032c38f635bd0219e613b165ced1
318019898736266f648f606f238087c2a8044be7daf3b0631ec3a62f7ab5c8c7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
34dc33ab78081621de04def2a3294d1d392a1a891a65a1fb83de2a50d709d545
3c7a55aaaa7772db607dadd33553d1bfca5cd22a7750ccc9f96ef0542f14bacf
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fe6bda33882a6e67e3cc4e5811dffeccc46961d6e0bdd93061db7e8d646ff01
46f81ab1e4afab7598d03d9372674c917d61a177d68ac86e95fb63463a50e622
46fcf6b886d0771dbb47e6bf8349eded8d6e5940067ba29d7d2a22bacbb6aeb8
4ab3c8cf87964ea45482d817abe64ce943a7b839259a503a32a0ffda06f22670
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d3b4d5d99f92dcc1f1c169db00f76aa1dc65d5d82192afcff04cf8a018a7ba1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fc95b903c1c985b758e1939161edb787ef4b14aa9cf18381cba3adc628b916f
50f8fd9ddf01373edac1a2c704ac885fca34347ab77fbf3541e3cd338e87efc7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550f1ae5d566afed493ab8b5f1dd1b4d5a777ef19d1b3c57bf7b01025fefd38c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5f8308b0efb2b804cc124a72fb3749b95122f366b708dc7fd5218b6d35cd41b3
616113056d65716127ad22af9727cd180e2e719b1258487065a12bdce4841a65
63a9fa5aafbb20a1b32c210ee7114a6825669be7908fd9bb9bb49233eb88787e
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
683b4c573ecee26426e3b9123c9aca60f5087a9fae84c1942ec707870bf32ad2
69b3e94373c2a3e40954a4cc29d23fc34bafa40afabb1ae7dbfc59ea86f1be94
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c429faa42d6d12d250945a057e3dd73ba3640ddc97dd8520cd5d320db827b97
736ebe583ef70b26951e1dfcace22939c5d3e0b1f547d074ed9eb151f517b455
763a67e0400355481183dbed7badb95180dc8f8719e33bab8ca1672341f6dc4f
778a25df4bf3f56b246b91649c40d3783b7c1fe0486a99ea4b5f10981053b79d
79b56a1f2c24747e169c0732fc8aedf00a1932e70318cca6c2351c7255627eee
7ebafd1582ad822faf3425f5f5b0a2f2264965338c007149f72cbb027621e9df
8130bca850170982d2281ba897d522efe28630af05fad57b82337f7dc3ba059e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835914c1ccc20d0d7eeef572c3652004d87400aa1221f3a0c3455135b8cf629d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8553c8ea658c06ee16c71b201519d009edb557a9cd9e593374d8cf5733447d67
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c3b4dc6462c11e820587fef21d3425d418b380ef8654185b31e61ac840bca21
96dcc5e5848d1b4c243457746547d4ff87360931c4c9754bcdeb7fd6305c5228
986a3460d78768645cdd30bfbf37581cdec272e4dd4431d90072edb6814f9c42
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1971f53e9c6d8c4e5de83dcf5bb13010f11e9453787d6f2703ad89bae9b8241
b0781653bb9b578dfc505423b73703ec6910033f129d72654e922930e30219c5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4672dba4badb05dc38ee5db8e9c1263e8588928cc6fc0e930941fa5e51bbd0e
b95df93d19673d7f7e9cb6fa2ec2a15d1a8d0b75d515f76e2a81b7aa24fbba7e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c24e778da7acc55ff66d055cde4b7aa20ec11046739f9d9f1396a36f71553040
cbf08e35d944ef2a130213e66ca9df10edbdedce1ee6613b8e6b789ab544d580
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd2864bd41d5df188ce00d9b3e006e2cb940f6d8a832e6eea636fa82d7a41c52
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d081c609ac072b86ea31a7da8faceefd21cf78c29e334b37b250cb8305639cf4
d2625f173d3bd723f29e27716afcb23c6c2627884ed783cc47eca38107fc4d9e
d81865f684671462683d428d6ea76817068361388c4d7403da27d62c71c16a14
daf6c4ff2592cba88d5e4ef8efd1f6c2d27840af0101195dd4aea7bdec3a8213
dcc52623b722d28f22b11f02a5e2d46ce68c5ba2ef5c824eb25517b10c66c741
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e029a201d8fb650079023726b6644a7a6eccb791abeeb2634774e063ef286221
e28b98d1d5af579dd0fed586ab53af1df49850fc83fb769cbc06b875b3073e8a
e3a7a908c325e84fb1b4fffa2b996f3f3ec813e08d969c382569ec075cc20aff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8cd22f656b219a450c539d6e7c3ea202e21271c63bc9ed2f0efea0a776dc8e7
ed96f0e25b21fccae5050a65b1f8dc8b9bb0dd6e6b114f5b4f62d191f9e99e09
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4a602f943eea87afe97e5410aa7d3d425feb98bd04b829305dfe5140c9739b0
f6dcbbea9808b12185da5b69d5b203dcdddd6c7d11f98cc12774c44737fdbb9e
f8a85a122534ced843bfec57e9a53d2373cb50ffae1329df9a93a3cbaddedd1d
f8cdfe0414eac9a2380c093c8f3de44e1298e2ef2f9fcdf3a999f86c357ab5e2

www.clubpremier.com Open in urlscan Pro 2606:4700::6812:9e71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

144 Requests

81 %HTTPS

25 %IPv6

63 Domains

77 Subdomains

54 IPs

10 Countries

2615 kBTransfer

5466 kBSize

110 Cookies

45 Outgoing links

Page URL History

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.clubpremier.com Open in urlscan Pro
2606:4700::6812:9e71 Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

81 %
HTTPS

25 %
IPv6

63
Domains

77
Subdomains

54
IPs

10
Countries

2615 kB
Transfer

5466 kB
Size

110
Cookies

144 HTTP transactions
1 data transactions