www.ictiva.com Open in urlscan Pro
46.183.117.49  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

• https://sb.scorecardresearch.com/b?c1=2&c2=8731705&ns__t=1621245683844&ns_c=UTF-8&cv=3.5&c8=Inicia%20sesi%C3%B3n%20-%20ictiva&c7=https%3A%2F%2Fwww.ictiva.com%2Fusuarios%2Flogin%2F&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=2&c2=8731705&ns__t=1621245683844&ns_c=UTF-8&cv=3.5&c8=Inicia%20sesi%C3%B3n%20-%20ictiva&c7=https%3A%2F%2Fwww.ictiva.com%2Fusuarios%2Flogin%2F&c9=

Request Chain 33

• https://hal9000.redintelligence.net/retarget?a=25611&version=1 HTTP 302
• https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1

Request Chain 46

• https://8622247.fls.doubleclick.net/activityi;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4156350663383.0596 HTTP 302
• https://8622247.fls.doubleclick.net/activityi;dc_pre=CNSe7-i60PACFZfIuwgdwyIASQ;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4156350663383.0596

Request Chain 47

• https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8598814605556.319 HTTP 302
• https://5994599.fls.doubleclick.net/activityi;dc_pre=CJmb8Oi60PACFTfmuwgdu9wPcA;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8598814605556.319

Request Chain 48

• https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
• https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 49

• https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4460779151200.793 HTTP 302
• https://5994599.fls.doubleclick.net/activityi;dc_pre=CPGZ8Oi60PACFU3uuwgdByoL2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4460779151200.793

Request Chain 58

• https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=514132044069&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ictiva.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D25611%26version%3D1%26redirected%3D1 HTTP 302
• https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=514132044069&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ictiva.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D25611%26version%3D1%26redirected%3D1

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.ictiva.com/usuarios/login/	18 KB 6 KB	165ms 58ms	Document text/html	46.183.117.49 CLOUDING
General Check archive.org Show headers Download Go to Full URL https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES), Reverse DNS f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host Software nginx / Resource Hash d2d21b4328d662908f90b3f15dfaa9cb5b0bae39c77c71fcf382e3d930ad1db2 Request headers :method GET :authority www.ictiva.com :scheme https :path /usuarios/login/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers server nginx date Mon, 17 May 2021 10:01:23 GMT content-type text/html; charset=UTF-8 content-length 5923 cache-control private, must-revalidate pragma no-cache expires -1 set-cookie PHPSESSID=c49bee7ad821c19b78f1ae832e94ec4a; expires=Mon, 17-May-2021 12:48:03 GMT; Max-Age=10000; path=/ vary Accept-Encoding content-encoding gzip
GET H2	200	screen.css www.ictiva.com/css/	157 KB 20 KB	54ms 53ms	Stylesheet text/css	46.183.117.49 CLOUDING
General Check archive.org Show headers Download Go to Full URL https://www.ictiva.com/css/screen.css Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES), Reverse DNS f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host Software nginx / Resource Hash f7152bb587e00561d78dd73a68a79d62f71cfbf986001f6d7dba0e752ac2071f Request headers :path /css/screen.css pragma no-cache cookie PHPSESSID=c49bee7ad821c19b78f1ae832e94ec4a accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.ictiva.com referer https://www.ictiva.com/usuarios/login/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.ictiva.com/usuarios/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:23 GMT content-encoding gzip last-modified Wed, 16 Dec 2020 09:41:55 GMT server nginx etag "274b3-5b691af88bfd0-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 20576
GET H2	200	auxiliar.css www.ictiva.com/css/	18 B 149 B	47ms 46ms	Stylesheet text/css	46.183.117.49 CLOUDING
General Check archive.org Show headers Download Go to Full URL https://www.ictiva.com/css/auxiliar.css Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES), Reverse DNS f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host Software nginx / Resource Hash 1adeb028e615a654ebf218f188ad6bc841ad3851da01b28dc4af82ea77179108 Request headers :path /css/auxiliar.css pragma no-cache cookie PHPSESSID=c49bee7ad821c19b78f1ae832e94ec4a accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.ictiva.com referer https://www.ictiva.com/usuarios/login/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.ictiva.com/usuarios/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:23 GMT last-modified Wed, 14 Oct 2020 06:15:11 GMT server nginx accept-ranges bytes etag "12-5b19b74391e70" content-length 18 content-type text/css
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.8.3/	91 KB 33 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 13 May 2021 07:40:25 GMT content-encoding gzip x-content-type-options nosniff age 354058 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33593 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 13 May 2022 07:40:25 GMT
GET H2	200	css2 fonts.googleapis.com/	10 KB 909 B	17ms 17ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@500;700&family=Open+Sans:wght@400;600;800&display=swap Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c1ddb3c890d7501f7aef0764dfe059820391a42c20911cfde0c7d839282702c2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 17 May 2021 10:01:23 GMT server ESF date Mon, 17 May 2021 10:01:23 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 17 May 2021 10:01:23 GMT
GET H2	200	11118.js Show response www.dwin1.com/	31 KB 8 KB	142ms 0ms	Script application/javascript	2600:9000:206f:b400:f:8ce2:fb80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.dwin1.com/11118.js Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:b400:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1a5ee03a6e23c1b86982bc2cd9b0cd716853a4d511eb07e3723ce42fa502fbe7 Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id 4AFZQGuUCyhdfyQk7NRuELz7whvLUOYw content-encoding gzip etag W/"4750054f14ea335034f3da0b25ae899d" age 27 x-cache Hit from cloudfront x-amz-replication-status COMPLETED access-control-allow-origin * last-modified Tue, 04 May 2021 09:43:57 GMT server AmazonS3 date Mon, 17 May 2021 10:01:18 GMT access-control-allow-methods GET, HEAD content-type application/javascript; charset=utf-8 via 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront) cache-control max-age=600, s-maxage=600 x-amz-cf-pop FRA56-C1 x-amz-cf-id BgmRKtgt82ORD1f7mix9VE9HPFLc67VpSuXekXxQblk6h_q79k_aZQ==
GET H2	200	tagtag.min.js Show response www.artfut.com/static/	3 KB 2 KB	153ms 0ms	Script application/javascript	2606:4700:20::681a:16d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.artfut.com/static/tagtag.min.js?campaign_code=7129a02e64 Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash edfc75726cf71265dd903eeb0f37bd74534194e42a0e6db6894beb6987023454 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:23 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 5 cf-request-id 0a1b5eff9900004eb664863000000001 pragma public last-modified Mon, 21 Sep 2020 11:48:27 GMT server cloudflare etag W/"5f68930b-cb0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5i7C7%2BGW5ltLuPOwYS2c8T%2Fc56XWW578bbhWY%2BRL%2FQoFl%2FqzCByUm6gAnhB1QO18neIcSkXjPk%2FhuJe31Hw%2B8Rak20v8Vz%2FBa9c2vCZv37avx03zjfZpO9Lm7A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=1200, public cf-ray 650c0112881a4eb6-FRA expires Mon, 17 May 2021 10:21:18 GMT
GET H2	200	logo_ictiva.svg www.ictiva.com/img/	7 KB 2 KB	59ms 52ms	Image image/svg+xml	46.183.117.49 CLOUDING
General Check archive.org Show headers Download Go to Show image Full URL https://www.ictiva.com/img/logo_ictiva.svg Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES), Reverse DNS f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host Software nginx / Resource Hash e34002a4a90dc95d243621498abd551ad357bd93efbacfb2954038de119bbc36 Request headers :path /img/logo_ictiva.svg pragma no-cache cookie PHPSESSID=c49bee7ad821c19b78f1ae832e94ec4a accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.ictiva.com referer https://www.ictiva.com/usuarios/login/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.ictiva.com/usuarios/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:23 GMT content-encoding br last-modified Thu, 01 Oct 2020 05:12:24 GMT server nginx etag W/"1d9b-5b0950fc041dc" vary Accept-Encoding content-type image/svg+xml
GET H2	200	logo_ictiva_white.svg www.ictiva.com/img/	7 KB 2 KB	59ms 45ms	Image image/svg+xml	46.183.117.49 CLOUDING
General Check archive.org Show headers Download Go to Show image Full URL https://www.ictiva.com/img/logo_ictiva_white.svg Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES), Reverse DNS f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host Software nginx / Resource Hash 9d4908fd57cf83084ce3e3ff24ad40d3e8560ba1ec138dbb2ef822ad5732bc85 Request headers :path /img/logo_ictiva_white.svg pragma no-cache cookie PHPSESSID=c49bee7ad821c19b78f1ae832e94ec4a accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.ictiva.com referer https://www.ictiva.com/usuarios/login/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.ictiva.com/usuarios/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:23 GMT content-encoding br last-modified Thu, 01 Oct 2020 05:12:24 GMT server nginx etag W/"1cda-5b0950fc041dc" vary Accept-Encoding content-type image/svg+xml
GET H2	200	perception-technologies.svg www.ictiva.com/img/	9 KB 3 KB	70ms 56ms	Image image/svg+xml	46.183.117.49 CLOUDING
General Check archive.org Show headers Download Go to Show image Full URL https://www.ictiva.com/img/perception-technologies.svg Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES), Reverse DNS f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host Software nginx / Resource Hash a92bb4258e62097ba682743427e60b4d323cd4b613c01181d58ffb59a546f443 Request headers :path /img/perception-technologies.svg pragma no-cache cookie PHPSESSID=c49bee7ad821c19b78f1ae832e94ec4a accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.ictiva.com referer https://www.ictiva.com/usuarios/login/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.ictiva.com/usuarios/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:23 GMT content-encoding br last-modified Mon, 02 Jan 2017 11:06:09 GMT server nginx etag W/"22fc-5451a89ed002e" vary Accept-Encoding content-type image/svg+xml
GET H2	200	modernizr.js Show response www.ictiva.com/js/	7 KB 3 KB	57ms 55ms	Script application/javascript	46.183.117.49 CLOUDING
General Check archive.org Show headers Download Go to Full URL https://www.ictiva.com/js/modernizr.js Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES), Reverse DNS f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host Software nginx / Resource Hash 885e0937e29c76f4559af0cb767d10c8d705838fcc2a47badb37ebcc9d75decb Request headers :path /js/modernizr.js pragma no-cache cookie PHPSESSID=c49bee7ad821c19b78f1ae832e94ec4a accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.ictiva.com referer https://www.ictiva.com/usuarios/login/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.ictiva.com/usuarios/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:23 GMT content-encoding gzip last-modified Mon, 02 Jan 2017 11:06:09 GMT server nginx etag "1db4-5451a89ed4e4e-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 3069
GET H2	200	fluidvids.js Show response www.ictiva.com/js/	1 KB 771 B	59ms 51ms	Script application/javascript	46.183.117.49 CLOUDING
General Check archive.org Show headers Download Go to Full URL https://www.ictiva.com/js/fluidvids.js Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES), Reverse DNS f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host Software nginx / Resource Hash 3767ff8dcebc558a1109e37dca37e47c4b26cbb3cb5c1d3040e150a0832782d9 Request headers :path /js/fluidvids.js pragma no-cache cookie PHPSESSID=c49bee7ad821c19b78f1ae832e94ec4a accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.ictiva.com referer https://www.ictiva.com/usuarios/login/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.ictiva.com/usuarios/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:23 GMT content-encoding gzip last-modified Mon, 02 Jan 2017 11:06:09 GMT server nginx etag "459-5451a89ed4e4e-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 589
GET H2	200	js.cookie.js Show response www.ictiva.com/js/	3 KB 2 KB	66ms 65ms	Script application/javascript	46.183.117.49 CLOUDING
General Check archive.org Show headers Download Go to Full URL https://www.ictiva.com/js/js.cookie.js Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES), Reverse DNS f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host Software nginx / Resource Hash 9df6e8c4bc8ea670d2f4da40a35a41772cc8857aca288a77acfa891cf1a54c36 Request headers :path /js/js.cookie.js pragma no-cache cookie PHPSESSID=c49bee7ad821c19b78f1ae832e94ec4a accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.ictiva.com referer https://www.ictiva.com/usuarios/login/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.ictiva.com/usuarios/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:23 GMT content-encoding gzip last-modified Mon, 02 Jan 2017 11:06:09 GMT server nginx etag "d60-5451a89ed4e4e-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1387
GET H2	200	jquery.placeholder.min.js Show response www.ictiva.com/js/	3 KB 1 KB	61ms 53ms	Script application/javascript	46.183.117.49 CLOUDING
General Check archive.org Show headers Download Go to Full URL https://www.ictiva.com/js/jquery.placeholder.min.js Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES), Reverse DNS f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host Software nginx / Resource Hash 380fd24db43b138332d8b904d3009051e30fadec1616e3ef2853e0a9dc010ee3 Request headers :path /js/jquery.placeholder.min.js pragma no-cache cookie PHPSESSID=c49bee7ad821c19b78f1ae832e94ec4a accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.ictiva.com referer https://www.ictiva.com/usuarios/login/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.ictiva.com/usuarios/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:23 GMT content-encoding gzip last-modified Mon, 02 Jan 2017 11:06:09 GMT server nginx etag "a9f-5451a89ed4e4e-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1157
GET H/1.1	200 OK	appleid.auth.js Show response appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/	42 KB 17 KB	400ms 32ms	Script application/javascript	104.111.230.79 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.79 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-79.deploy.static.akamaitechnologies.com Software Apple / Resource Hash dc63b766a90c33d4c847743e12e55f2050403bfa26151e261104186aa5a035f7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip Last-Modified Thu, 13 May 2021 21:52:49 GMT Server Apple ETag W/"42671-1620942769639" Vary accept-encoding Content-Type application/javascript;charset=UTF-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400,stale-while-revalidate=86400 Date Mon, 17 May 2021 10:01:23 GMT Connection keep-alive Accept-Ranges bytes Content-Length 17246
GET H2	200	print.css www.ictiva.com/css/	3 KB 753 B	67ms 53ms	Stylesheet text/css	46.183.117.49 CLOUDING
General Check archive.org Show headers Download Go to Full URL https://www.ictiva.com/css/print.css Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES), Reverse DNS f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host Software nginx / Resource Hash 1896e0509fcd440361382e116e018c02a116a5a88e5330352236a47e063d3b63 Request headers :path /css/print.css pragma no-cache cookie PHPSESSID=c49bee7ad821c19b78f1ae832e94ec4a accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.ictiva.com referer https://www.ictiva.com/usuarios/login/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.ictiva.com/usuarios/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:23 GMT content-encoding gzip last-modified Thu, 01 Oct 2020 05:12:24 GMT server nginx etag "af4-5b0950fbff3bc-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 581
GET H2	200	beacon.js Show response sb.scorecardresearch.com/	1 KB 2 KB	210ms 43ms	Script application/javascript	99.86.2.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.2.82 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-2-82.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79 Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 09:36:45 GMT via 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront) etag "1827f116c73f319409b97f10b8a58ade" last-modified Fri, 26 Feb 2021 14:35:05 GMT server AmazonS3 age 1478 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 1469 x-amz-cf-id yy85umRfvBRsOHqxnxEl5pK0B91QyOY1k3ol0pCv2SnpkbLA1WA04Q==
GET H2	200	hotjar-126493.js Show response static.hotjar.com/c/	6 KB 2 KB	183ms 17ms	Script application/javascript	13.32.25.2 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-126493.js?sv=5 Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.25.2 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-25-2.fra56.r.cloudfront.net Software / Resource Hash 55bdbd0a9c40d2baa7b606a91e50e3cd02550a1da3e4a6eb6261e3a06f236fe0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:18 GMT content-encoding br x-content-type-options nosniff cache-control max-age=60 age 5 etag W/1f2aa896f19c0469725c53abbf5ecff9 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 x-amz-cf-pop FRA56-C2 content-length 1806 via 1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront) x-amz-cf-id FhkjBx6ZSuBCXCtnAczNKr2xNIVWItHQZ_JQQGDLJKrwJt-LM_nMGA==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	92 KB 24 KB	53ms 39ms	Script application/x-javascript	2a03:2880:f030:13:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff x-xss-protection 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 23959 x-fb-rlafr 0 pragma public x-fb-debug 0vTiVl4xqeLc9xWz/6e3NoKRakml7HmwAozNJRW+Nr2+eamzAikyeZAPKCh5QtobzsCE9IJ8Ac13Pdw+4jqiAQ== x-fb-trip-id 686109401 x-frame-options DENY date Mon, 17 May 2021 10:01:23 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	128 KB 40 KB	57ms 53ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PRF3HL Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 24bae10a1e6ccc07b10a757111a5c1e5e9016a6ec1c749bf43aa7726b580eb37 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:23 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41089 x-xss-protection 0 last-modified Mon, 17 May 2021 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 17 May 2021 10:01:23 GMT
GET H2	200	icon-cross.svg www.ictiva.com/img/	1 KB 756 B	111ms 46ms	Image image/svg+xml	46.183.117.49 CLOUDING
General Check archive.org Show headers Download Go to Show image Full URL https://www.ictiva.com/img/icon-cross.svg Requested by Host: www.ictiva.com URL: https://www.ictiva.com/css/screen.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES), Reverse DNS f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host Software nginx / Resource Hash a055f096d096c43bf118a01fd406311b32a9fe88b26ecb9a72815eb04fc7e690 Request headers :path /img/icon-cross.svg pragma no-cache cookie PHPSESSID=c49bee7ad821c19b78f1ae832e94ec4a accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.ictiva.com referer https://www.ictiva.com/css/screen.css :scheme https sec-fetch-site same-origin :method GET Referer https://www.ictiva.com/css/screen.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:23 GMT content-encoding br last-modified Thu, 01 Oct 2020 05:12:24 GMT server nginx etag W/"582-5b0950fc0323c" vary Accept-Encoding content-type image/svg+xml
GET H2	200	JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v15/	19 KB 19 KB	51ms 13ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;700&family=Open+Sans:wght@400;600;800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.ictiva.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 10:03:38 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:11:03 GMT server sffe age 86265 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19272 x-xss-protection 0 expires Mon, 16 May 2022 10:03:38 GMT
GET H2	200	icon-access-facebook.svg www.ictiva.com/img/	2 KB 909 B	83ms 45ms	Image image/svg+xml	46.183.117.49 CLOUDING
General Check archive.org Show headers Download Go to Show image Full URL https://www.ictiva.com/img/icon-access-facebook.svg Requested by Host: www.ictiva.com URL: https://www.ictiva.com/css/screen.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES), Reverse DNS f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host Software nginx / Resource Hash 9453ba396933b14c1ac7e64c6c1cc814c1c991e1f5bcf0a00d2c84dd0de87054 Request headers :path /img/icon-access-facebook.svg pragma no-cache cookie PHPSESSID=c49bee7ad821c19b78f1ae832e94ec4a accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.ictiva.com referer https://www.ictiva.com/css/screen.css :scheme https sec-fetch-site same-origin :method GET Referer https://www.ictiva.com/css/screen.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:23 GMT content-encoding br last-modified Thu, 01 Oct 2020 05:12:24 GMT server nginx etag W/"841-5b0950fc0229c" vary Accept-Encoding content-type image/svg+xml
GET H2	200	icon-circle.svg www.ictiva.com/img/	707 B 505 B	85ms 57ms	Image image/svg+xml	46.183.117.49 CLOUDING
General Check archive.org Show headers Download Go to Show image Full URL https://www.ictiva.com/img/icon-circle.svg Requested by Host: www.ictiva.com URL: https://www.ictiva.com/css/screen.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES), Reverse DNS f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host Software nginx / Resource Hash 21fd5ce97157e45922b40c154bed21462ce4f9fb0762fc64005fdcd549c1bafb Request headers :path /img/icon-circle.svg pragma no-cache cookie PHPSESSID=c49bee7ad821c19b78f1ae832e94ec4a accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.ictiva.com referer https://www.ictiva.com/css/screen.css :scheme https sec-fetch-site same-origin :method GET Referer https://www.ictiva.com/css/screen.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:23 GMT content-encoding br last-modified Thu, 01 Oct 2020 05:12:24 GMT server nginx etag W/"2c3-5b0950fc0229c" vary Accept-Encoding content-type image/svg+xml
GET H2	200	JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v15/	19 KB 19 KB	39ms 12ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;700&family=Open+Sans:wght@400;600;800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.ictiva.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 04:11:30 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:10:46 GMT server sffe age 107393 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19480 x-xss-protection 0 expires Mon, 16 May 2022 04:11:30 GMT
GET H2	200	mem5YaGs126MiZpBA-UN8rsOUuhp.woff2 fonts.gstatic.com/s/opensans/v18/	15 KB 15 KB	41ms 13ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;700&family=Open+Sans:wght@400;600;800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 75db69592337280529fdc6448185b1cb88a50dbe9b498718f45ba52907e8aba3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.ictiva.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 13 May 2021 22:00:24 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:09:38 GMT server sffe age 302459 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15088 x-xss-protection 0 expires Fri, 13 May 2022 22:00:24 GMT
GET H3-29	200	1726290627612934 Show response connect.facebook.net/signals/config/	254 KB 72 KB	104ms 73ms	Script application/x-javascript	2a03:2880:f030:13:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1726290627612934?v=2.9.39&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 8ffe9e3c51bf3a2d26fecb5573fdf1f941817428f6d9b036454f74f09c8b8917 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff x-xss-protection 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 x-fb-rlafr 0 pragma public x-fb-debug dhQlbrGRE2REegs/b8z8zVj39XsgyJQJl3JhcGH7jP2ICgMr8vu2q9VEFOEsaIvxfvYen+bKf5m96FgNoG81Bw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Mon, 17 May 2021 10:01:23 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	17 KB 6 KB	33ms 18ms	Script application/javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40f12e335914950b4f2058dbcbbee727f3f7542399ec6b2e98256480ea91aa49 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 17 May 2021 10:01:23 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 pE7xqZRyx6XQkryUB7ni+A== age 2186 vary Accept-Encoding content-length 5801 cf-request-id 0a1b5f006f00004e325a03a000000001 x-ms-lease-status unlocked last-modified Fri, 14 May 2021 01:47:06 GMT server cloudflare etag 0x8D9167A2E5FD52B expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id fa14a1d8-401e-0177-4670-481bf2000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 650c0113ef614e32-FRA
GET H2	200	modules.0fd8b750824023792fba.js Show response script.hotjar.com/	220 KB 58 KB	65ms 21ms	Script application/javascript	13.224.95.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.0fd8b750824023792fba.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-126493.js?sv=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.95.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-41.zrh50.r.cloudfront.net Software / Resource Hash 65cef8a94d8a09cac56b85e15c92c37ea129d38a094fa8e1f3fd812a550b74be Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 12 May 2021 07:37:05 GMT content-encoding br x-content-type-options nosniff age 440658 x-cache Hit from cloudfront content-length 59191 access-control-allow-origin * last-modified Wed, 12 May 2021 07:37:04 GMT etag "cd11ca1a90eced753504203f173db976" vary Accept-Encoding content-type application/javascript via 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop ZRH50-C1 accept-ranges bytes x-robots-tag none x-amz-cf-id 6ECA4HvNIs8wKPzp1WxG6V5-i0oN-6sD3akTMMa_4OyIszCjkSoTSg==
GET H2	200	b2 sb.scorecardresearch.com/ Redirect Chain https://sb.scorecardresearch.com/b?c1=2&c2=8731705&ns__t=1621245683844&ns_c=UTF-8&cv=3.5&c8=Inicia%20sesi%C3%B3n%20-%20ictiva&c7=https%3A%2F%2Fwww.ictiva.com%2Fusuarios%2Flogin%2F&c9= https://sb.scorecardresearch.com/b2?c1=2&c2=8731705&ns__t=1621245683844&ns_c=UTF-8&cv=3.5&c8=Inicia%20sesi%C3%B3n%20-%20ictiva&c7=https%3A%2F%2Fwww.ictiva.com%2Fusuarios%2Flogin%2F&c9=	64 B 330 B	30ms 29ms	Image image/gif	99.86.2.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=2&c2=8731705&ns__t=1621245683844&ns_c=UTF-8&cv=3.5&c8=Inicia%20sesi%C3%B3n%20-%20ictiva&c7=https%3A%2F%2Fwww.ictiva.com%2Fusuarios%2Flogin%2F&c9= Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.2.82 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-2-82.fra6.r.cloudfront.net Software / Resource Hash 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:23 GMT via 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 etag W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg" x-cache Miss from cloudfront content-type image/gif; charset=utf-8 content-length 64 x-amz-cf-id edbS2mkqyMPFKMVFwKfMOsAV0_XdSyxRXV6nSAJSSSUlw1f9ibPwQA== Redirect headers date Mon, 17 May 2021 10:01:23 GMT via 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 vary Accept x-cache Miss from cloudfront content-type text/plain; charset=utf-8 location https://sb.scorecardresearch.com/b2?c1=2&c2=8731705&ns__t=1621245683844&ns_c=UTF-8&cv=3.5&c8=Inicia%20sesi%C3%B3n%20-%20ictiva&c7=https%3A%2F%2Fwww.ictiva.com%2Fusuarios%2Flogin%2F&c9= content-length 206 x-amz-cf-id wEGDAjD0GGdb2RIbsu8DHvQXeQq7uDdlD_zrK-cxI9zGQlqgj-ch7w==
GET H2	200	/ www.facebook.com/tr/	44 B 258 B	17ms 16ms	Image image/gif	2a03:2880:f130:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1726290627612934&ev=PageView&dl=https%3A%2F%2Fwww.ictiva.com%2Fusuarios%2Flogin%2F&rl=&if=false&ts=1621245683894&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1621245683888.1226569246&it=1621245683663&coo=false&exp=l1&rqm=GET Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:23 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Mon, 17 May 2021 10:01:23 GMT
GET H2	200	52585c03-5407-4ad2-a7b9-16896987ff12.json Show response cdn.cookielaw.org/consent/52585c03-5407-4ad2-a7b9-16896987ff12/	3 KB 2 KB	52ms 17ms	XHR application/x-javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/52585c03-5407-4ad2-a7b9-16896987ff12/52585c03-5407-4ad2-a7b9-16896987ff12.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 89726ef1d879db62d7af754c765150dbaaef992f97294032d073a0591897199d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 17 May 2021 10:01:23 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 xgkmZPIWxgkBF5GiaahTCg== age 4791 vary Accept-Encoding content-length 1211 cf-request-id 0a1b5f010b00002be944103000000001 x-ms-lease-status unlocked last-modified Thu, 13 May 2021 10:01:26 GMT server cloudflare etag 0x8D915F61280DD5C expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id 8a4b2b4f-801e-0047-5156-48078d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 650c0114de862be9-FRA
GET H3-29	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	29ms 28ms	Script application/x-javascript	2a03:2880:f030:13:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f28f2a1f1a244ffa21a715265ecc63a7f3123b4c7e1e769fd517c39cd56e10a8 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 t1lfSvWwCwj3BtAAQk98Ww== cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 1781 x-fb-rlafr 0 x-fb-debug ik31ijIGdjuvJVfnY52PeuVt74PwFqFnU51SXNjYkkZjQNjVp0+tKkYIK/cT47H1OaPCIpG64GiDt+Ed51siBQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 46b8492734ed4bf210c059ce78aeb164 cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Mon, 17 May 2021 10:01:23 GMT vary Accept-Encoding report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 etag "636d1674f5d15d71976a80c339147a52" timing-allow-origin * priority u=3,i expires Mon, 17 May 2021 10:01:24 GMT
GET H2	200	ck_tracker.php Show response www.ad4mat.net/ads/js/	408 B 774 B	66ms 37ms	Script text/html	2606:4700:3032::6815:57ae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ad4mat.net/ads/js/ck_tracker.php?adspaceId=15668&mt=1&country=es.ad4mat.net&sprd=false Requested by Host: www.dwin1.com URL: https://www.dwin1.com/11118.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1250793c3aaff385ddfdfcf824e5b40852b21ff0c6ac5d55192e23295bebeac7 Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:24 GMT via 1.1 google cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 650c01150e3ac2d1-FRA x-cache HIT p3p CP="NOI CUR OUR STP", policyref="/w3c/p3p.ad4mat.xml content-type text/html report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D89hZqUjfDEa08AZwx5nVWilEdb44n1EB51eJaJ8CfD%2FjAYGUEXxWIxrJlb74lEmVJ%2FEjNhPDwPrH9vl06QMsqfm%2FeONK5HPzuv1%2B9S%2B93aD%2FSt4ylHyVMzR5Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a1b5f01270000c2d19182a000000001
GET H/1.1	200 OK	Cookie set retarget Show response hal9000.redintelligence.net/ Frame 8A64 Redirect Chain https://hal9000.redintelligence.net/retarget?a=25611&version=1 https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1	3 KB 1 KB	101ms 40ms	Document text/html	94.130.102.164 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1 Requested by Host: www.dwin1.com URL: https://www.dwin1.com/11118.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.164.102.130.94.clients.your-server.de Software Apache / Resource Hash 4e2e22935fa0ec9247f1dfcd656f073821852c4736e70471174f8709533726af Request headers Host hal9000.redintelligence.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.ictiva.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie 8lcfmzhxc8d6_uid=ae7555e11b964383 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.ictiva.com/ Response headers Date Mon, 17 May 2021 10:01:24 GMT Server Apache Cache-Control no-store, no-cache, must-revalidate Expires Mon, 26 Jul 1997 05:00:00 GMT Pragma no-cache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Set-Cookie 8lcfmzhxc8d6_uid=ae7555e11b964383; expires=Sun, 15-Aug-2021 10:01:24 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None Vary Accept-Encoding Content-Encoding gzip Content-Length 831 Connection close Content-Type text/html; charset=UTF-8 Redirect headers Date Mon, 17 May 2021 10:01:24 GMT Server Apache Cache-Control no-store, no-cache, must-revalidate Expires Mon, 26 Jul 1997 05:00:00 GMT Pragma no-cache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Set-Cookie 8lcfmzhxc8d6_uid=ae7555e11b964383; expires=Sun, 15-Aug-2021 10:01:24 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None Location ?a=25611&version=1&redirected=1 Content-Length 0 Connection close Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	data.php Show response r.adserver01.de/znsa/	948 B 1 KB	117ms 45ms	Script application/javascript	212.83.50.108 TTM
General Check archive.org Show headers Download Go to Full URL https://r.adserver01.de/znsa/data.php?url=&page=generic&token=ictiva_es&value= Requested by Host: www.dwin1.com URL: https://www.dwin1.com/11118.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.83.50.108 , Germany, ASN47447 (TTM, DE), Reverse DNS Software nginx / Resource Hash d19a703e7771165be006db017566145856e23a5f0aae0598eab9cff707ff3d56 Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 17 May 2021 10:01:24 GMT Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type application/javascript
GET H/1.1	200 OK	tag.js Show response config1.veinteractive.com/tags/AFDC348F/FCE0/4152/B0F4/9958F7500D4D/	4 KB 2 KB	96ms 25ms	Script application/javascript	104.109.83.200 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://config1.veinteractive.com/tags/AFDC348F/FCE0/4152/B0F4/9958F7500D4D/tag.js Requested by Host: www.dwin1.com URL: https://www.dwin1.com/11118.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.109.83.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-83-200.deploy.static.akamaitechnologies.com Software VeGlobal / Resource Hash d50ce003678da9eb8d428547c5cd299a622a8aab98f82279d9893bdcf8d37d81 Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob Date Mon, 17 May 2021 10:01:24 GMT Content-Encoding gzip Content-MD5 kpoDDABSmjW0jsUL791obA== Connection keep-alive Content-Length 1401 x-ms-lease-status unlocked Last-Modified Tue, 19 Sep 2017 12:08:03 GMT Server VeGlobal ETag 0x8D4FF5714A98D49 Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * x-ms-request-id 7cdbd1fe-301e-00a7-2363-3b5276000000 Access-Control-Expose-Headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Cache-Control max-age=1794, s-maxage=1800 x-ms-version 2009-09-19
GET DATA	200 OK	truncated /	5 KB 5 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0735a748bf70ad519969fbf64f7c8ef3072a1bdda68b420aee14dc43e5e080cd Request headers Origin https://www.ictiva.com Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/x-font-woff;charset=utf-8
GET H2	200	tracking.min.js Show response www.artfut.com/static/	26 KB 7 KB	59ms 38ms	Script application/javascript	2606:4700:20::681a:16d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.artfut.com/static/tracking.min.js Requested by Host: www.artfut.com URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=7129a02e64 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d4e3bd1621e63bb4bfbae3c3275134b26016bb76175fefe9c5998f8ade1009c Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:24 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 998 cf-request-id 0a1b5f016500004eb69504f000000001 pragma public last-modified Mon, 21 Sep 2020 11:48:28 GMT server cloudflare etag W/"5f68930c-686e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jJQjtMnM3JpgMO%2BcGpoIK2iMJQpeL9gm%2BZEH1x3B68pO2%2Fq3bXnJewSnyogzzDeiEXZiU2HEqRHTFEd8shpETz2JI21ZPfnPQsxlw3UmvxWvNEbX%2FmYZ5c%2FiPQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=1200, public cf-ray 650c01156eeb4eb6-FRA expires Mon, 17 May 2021 10:04:46 GMT
GET H2	200	crossdevice.min.js Show response www.artfut.com/static/	25 KB 8 KB	46ms 37ms	Script application/javascript	2606:4700:20::681a:16d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.artfut.com/static/crossdevice.min.js Requested by Host: www.artfut.com URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=7129a02e64 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7cd07e6c64768b866c81e2e1cc61f88f631f377a3afc426d7b0c9de3875e65ae Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:24 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1035 cf-request-id 0a1b5f016500004eb6560d6000000001 pragma public last-modified Mon, 21 Sep 2020 11:48:27 GMT server cloudflare etag W/"5f68930b-655c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U5xz0ATsh7B9tDCL%2FGeznqWc5bGeBLQtwqz8eYI%2B0sDgaJdDX3gpd4FOPHP2Fgvbw3k%2BmE4ArAWegQAmCL%2BuIM38VizKu4vaesF9xhsjPhihjScO5Eq0Azm09w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=1200, public cf-ray 650c01156eee4eb6-FRA expires Mon, 17 May 2021 10:04:09 GMT
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/6.10.0/	356 KB 78 KB	14ms 13ms	Script application/javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 17 May 2021 10:01:24 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 Bh9exWOPGIwRshWljrtlEw== age 4799080 vary Accept-Encoding content-length 79698 cf-request-id 0a1b5f016000004e3284ae7000000001 x-ms-lease-status unlocked last-modified Thu, 03 Dec 2020 02:43:00 GMT server cloudflare etag 0x8D89735260901BC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id d2c8b7b7-501e-00a0-685d-1f1780000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=691200 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 650c01156b764e32-FRA expires Tue, 25 May 2021 10:01:24 GMT
GET H2	200	box-5e3cec51ed8e99df6977c199d27812d7.html Show response vars.hotjar.com/ Frame EAA4	1 KB 1 KB	53ms 16ms	Document text/html	13.224.95.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-126493.js?sv=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.95.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-74.zrh50.r.cloudfront.net Software / Resource Hash 486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33 Request headers :method GET :authority vars.hotjar.com :scheme https :path /box-5e3cec51ed8e99df6977c199d27812d7.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ictiva.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.ictiva.com/ Response headers content-type text/html content-length 684 date Tue, 30 Mar 2021 16:10:32 GMT accept-ranges bytes cache-control max-age=31536000 content-encoding br etag "4e332edbbc3b46800c87f197cc7d3bb6" last-modified Tue, 30 Mar 2021 14:48:51 GMT x-robots-tag none vary Accept-Encoding x-cache Hit from cloudfront via 1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront) x-amz-cf-pop ZRH50-C1 x-amz-cf-id 8_MVAmxbN0DTgA3o4wmn3FodCoRMASAyQ-xoNz9atLpfak6GRJLCFg== age 4125052
GET H3-29	200	sdk.js Show response connect.facebook.net/en_US/	213 KB 63 KB	37ms 17ms	Script application/x-javascript	2a03:2880:f030:13:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=dc4734a689a04d5ac6a3350564753338&ua=modern_es6 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4306bbaaafd44673084284fc84fe95e81130a3fe01232d481c487df7443ac073 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Origin https://www.ictiva.com Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 TE9s7/XJQnkUVjqyNm+Z8Q== cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 64606 x-fb-rlafr 0 x-fb-debug Nb0X5kfzMyu2TuohzynZC5ozTmzrtZhyoaqeNVVf6Mo3aq4pwehmm0TYte+HYZg9xFXjPlEaJVFuqUcK7no8sw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 12c3b1cbc93a6d100064f2e6b40cb0d5 cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Mon, 17 May 2021 10:01:24 GMT vary Accept-Encoding report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "16263aa3f99538c983ff058e93178394" timing-allow-origin * priority u=3,i expires Tue, 17 May 2022 08:23:49 GMT
GET H/1.1	200 OK	capture-apps-5.0.0.js Show response config1.veinteractive.com/scripts/5.0-empty/	0 631 B	86ms 44ms	Script application/javascript	104.109.83.200 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://config1.veinteractive.com/scripts/5.0-empty/capture-apps-5.0.0.js Requested by Host: config1.veinteractive.com URL: https://config1.veinteractive.com/tags/AFDC348F/FCE0/4152/B0F4/9958F7500D4D/tag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.109.83.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-83-200.deploy.static.akamaitechnologies.com Software VeGlobal / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1;mode=block Request headers Origin https://www.ictiva.com Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Mon, 17 May 2021 10:01:24 GMT X-Content-Type-Options nosniff Last-Modified Mon, 11 Sep 2017 13:24:39 GMT Server VeGlobal ETag 0x8D4F91874446411 Content-Type application/javascript Access-Control-Allow-Origin * x-ms-request-id 83fe6f1e-601e-0015-49a3-3aa90c000000 Access-Control-Expose-Headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 Connection keep-alive Content-Length 0 X-XSS-Protection 1;mode=block
GET H2	200	en.json Show response cdn.cookielaw.org/consent/52585c03-5407-4ad2-a7b9-16896987ff12/fd68d806-fa03-4eb7-b277-6f2fe5d38860/	45 KB 10 KB	29ms 28ms	Fetch application/x-javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/52585c03-5407-4ad2-a7b9-16896987ff12/fd68d806-fa03-4eb7-b277-6f2fe5d38860/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a062bba36d43bfbf68bd41b858d306d1847f3689c6e93339a7f09556eb1de70d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 17 May 2021 10:01:24 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 Ria5g1fn3Ewv/W3TdUNLVg== age 5 vary Accept-Encoding content-length 9911 cf-request-id 0a1b5f01f700002be90db6f000000001 x-ms-lease-status unlocked last-modified Thu, 13 May 2021 10:01:27 GMT server cloudflare etag 0x8D915F612DE0345 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id fcb19289-301e-0178-5f07-49f604000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 650c01165a512be9-FRA
GET H/1.1	200 OK	js Show response pixel.mathtag.com/event/ Frame 8A64	597 B 1 KB	136ms 60ms	Script text/javascript	2.18.233.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://pixel.mathtag.com/event/js?mt_id=1406081&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1 Requested by Host: hal9000.redintelligence.net URL: https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-201.deploy.static.akamaitechnologies.com Software MT3 3736 915c305 master zrh-pixel-x25 / Resource Hash a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2 Request headers Referer https://hal9000.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 17 May 2021 10:01:24 GMT Server MT3 3736 915c305 master zrh-pixel-x25 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Content-Type text/javascript Content-Length 597 Expires Mon, 17 May 2021 10:01:23 GMT
GET H/1.1	200 OK	js Show response pixel.mathtag.com/event/ Frame 8A64	597 B 1 KB	268ms 189ms	Script text/javascript	2.18.233.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://pixel.mathtag.com/event/js?mt_id=1393997&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1 Requested by Host: hal9000.redintelligence.net URL: https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-201.deploy.static.akamaitechnologies.com Software MT3 3736 915c305 master cdg-pixel-x30 / Resource Hash a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2 Request headers Referer https://hal9000.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 17 May 2021 10:01:24 GMT Server MT3 3736 915c305 master cdg-pixel-x30 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Content-Type text/javascript Content-Length 597 Expires Mon, 17 May 2021 10:00:50 GMT
GET H3-29	200	activityi;dc_pre=CNSe7-i60PACFZfIuwgdwyIASQ;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4156350663383.0596 Show response 8622247.fls.doubleclick.net/ Frame EC8D Redirect Chain https://8622247.fls.doubleclick.net/activityi;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4156350663383.0596? https://8622247.fls.doubleclick.net/activityi;dc_pre=CNSe7-i60PACFZfIuwgdwyIASQ;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4156350663383.0596?	504 B 419 B	61ms 30ms	Document text/html	172.217.23.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://8622247.fls.doubleclick.net/activityi;dc_pre=CNSe7-i60PACFZfIuwgdwyIASQ;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4156350663383.0596? Requested by Host: hal9000.redintelligence.net URL: https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f102.1e100.net Software cafe / Resource Hash 8869ce389c7994e6008cd463fc890014b325c8fa3bf1bcf81420f4f171b69de7 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 8622247.fls.doubleclick.net :scheme https :path /activityi;dc_pre=CNSe7-i60PACFZfIuwgdwyIASQ;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4156350663383.0596? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://hal9000.redintelligence.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://hal9000.redintelligence.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Mon, 17 May 2021 10:01:24 GMT expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate strict-transport-security max-age=21600 content-type text/html; charset=UTF-8 pragma no-cache x-content-type-options nosniff content-encoding gzip server cafe content-length 394 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Mon, 17-May-2021 10:16:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Redirect headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Mon, 17 May 2021 10:01:24 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate follow-only-when-prerender-shown 1 strict-transport-security max-age=21600 location https://8622247.fls.doubleclick.net/activityi;dc_pre=CNSe7-i60PACFZfIuwgdwyIASQ;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4156350663383.0596? content-type text/html; charset=UTF-8 x-content-type-options nosniff server cafe content-length 0 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	activityi;dc_pre=CJmb8Oi60PACFTfmuwgdu9wPcA;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8598814605556.319 Show response 5994599.fls.doubleclick.net/ Frame A7A8 Redirect Chain https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8598814605556.319? https://5994599.fls.doubleclick.net/activityi;dc_pre=CJmb8Oi60PACFTfmuwgdu9wPcA;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8598814605556....	512 B 419 B	59ms 32ms	Document text/html	172.217.23.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5994599.fls.doubleclick.net/activityi;dc_pre=CJmb8Oi60PACFTfmuwgdu9wPcA;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8598814605556.319? Requested by Host: hal9000.redintelligence.net URL: https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f102.1e100.net Software cafe / Resource Hash 412828e71377345d9f5f7af9c2451dd6859239c770e7a6f3540ca15516b3458d Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 5994599.fls.doubleclick.net :scheme https :path /activityi;dc_pre=CJmb8Oi60PACFTfmuwgdu9wPcA;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8598814605556.319? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://hal9000.redintelligence.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://hal9000.redintelligence.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Mon, 17 May 2021 10:01:24 GMT expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate strict-transport-security max-age=21600 content-type text/html; charset=UTF-8 pragma no-cache x-content-type-options nosniff content-encoding gzip server cafe content-length 394 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Mon, 17-May-2021 10:16:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Redirect headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Mon, 17 May 2021 10:01:24 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate follow-only-when-prerender-shown 1 strict-transport-security max-age=21600 location https://5994599.fls.doubleclick.net/activityi;dc_pre=CJmb8Oi60PACFTfmuwgdu9wPcA;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8598814605556.319? content-type text/html; charset=UTF-8 x-content-type-options nosniff server cafe content-length 0 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	trackpoint-async.js Show response s2.adform.net/banners/scripts/st/ Frame 8A64 Redirect Chain https://track.adform.net/serving/scripts/trackpoint/async/ https://s2.adform.net/banners/scripts/st/trackpoint-async.js	80 KB 28 KB	124ms 42ms	Script application/x-javascript	37.157.2.247 ADFORM
General Check archive.org Show headers Download Go to Full URL https://s2.adform.net/banners/scripts/st/trackpoint-async.js Requested by Host: hal9000.redintelligence.net URL: https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 5addb050e7fe474684bcb62d5bc8717ab681735dce2d2539631a08d570cf81a5 Request headers Referer https://hal9000.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:24 GMT content-encoding gzip last-modified Mon, 17 May 2021 07:34:29 GMT server nginx etag W/"60a21c85-13e2b" x-cache-status HIT p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control public, max-age=604800 content-type application/x-javascript Redirect headers location https://s2.adform.net/banners/scripts/st/trackpoint-async.js date Mon, 17 May 2021 10:01:24 GMT server nginx strict-transport-security max-age=31536000; includeSubDomains content-type text/html
GET H3-29	200	activityi;dc_pre=CPGZ8Oi60PACFU3uuwgdByoL2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4460779151200.793 Show response 5994599.fls.doubleclick.net/ Frame 7FB5 Redirect Chain https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4460779151200.793? https://5994599.fls.doubleclick.net/activityi;dc_pre=CPGZ8Oi60PACFU3uuwgdByoL2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4460779151200.793?	503 B 416 B	60ms 32ms	Document text/html	172.217.23.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5994599.fls.doubleclick.net/activityi;dc_pre=CPGZ8Oi60PACFU3uuwgdByoL2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4460779151200.793? Requested by Host: hal9000.redintelligence.net URL: https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f102.1e100.net Software cafe / Resource Hash db07d826686587d2640e209cad137b7802b622926aa7666a33681fc01c55315b Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 5994599.fls.doubleclick.net :scheme https :path /activityi;dc_pre=CPGZ8Oi60PACFU3uuwgdByoL2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4460779151200.793? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://hal9000.redintelligence.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://hal9000.redintelligence.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Mon, 17 May 2021 10:01:24 GMT expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate strict-transport-security max-age=21600 content-type text/html; charset=UTF-8 pragma no-cache x-content-type-options nosniff content-encoding gzip server cafe content-length 391 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Mon, 17-May-2021 10:16:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Redirect headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Mon, 17 May 2021 10:01:24 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate follow-only-when-prerender-shown 1 strict-transport-security max-age=21600 location https://5994599.fls.doubleclick.net/activityi;dc_pre=CPGZ8Oi60PACFU3uuwgdByoL2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4460779151200.793? content-type text/html; charset=UTF-8 x-content-type-options nosniff server cafe content-length 0 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	otCenterRounded.json Show response cdn.cookielaw.org/scripttemplates/6.10.0/assets/	9 KB 3 KB	24ms 24ms	Fetch application/json	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otCenterRounded.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 452ee2471448cc6b716090a014cf7fc9cc515998bda9dcc334aa073a72a591e7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 17 May 2021 10:01:24 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 SH1nUCPouc1JVrHnvxpQbg== age 294192 vary Accept-Encoding content-length 2857 cf-request-id 0a1b5f028c00002be9d591f000000001 x-ms-lease-status unlocked last-modified Thu, 03 Dec 2020 02:42:51 GMT server cloudflare etag 0x8D89735210A49EB expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id 6ec8ff85-c01e-0122-2c56-48f085000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=691200 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 650c01174c6f2be9-FRA expires Tue, 25 May 2021 10:01:24 GMT
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/	46 KB 11 KB	23ms 23ms	Fetch application/json	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/otPcCenter.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b27f686e9c39188ff63e191cc3efb6500a6c6d06f2d1d2ec27ceb623a2ecacc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 17 May 2021 10:01:24 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 ydfMbMpHX/N/aS5YhkXXwQ== age 400702 vary Accept-Encoding content-length 11336 cf-request-id 0a1b5f028d00002be9213d3000000001 x-ms-lease-status unlocked last-modified Thu, 03 Dec 2020 02:42:53 GMT server cloudflare etag 0x8D89735220FDD9F expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id 3070b8ae-b01e-004f-745e-471cfe000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=691200 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 650c01174c742be9-FRA expires Tue, 25 May 2021 10:01:24 GMT
GET H3-29	200	/ www.facebook.com/tr/	44 B 88 B	20ms 16ms	Image image/gif	2a03:2880:f130:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1726290627612934&ev=Microdata&dl=https%3A%2F%2Fwww.ictiva.com%2Fusuarios%2Flogin%2F&rl=&if=false&ts=1621245684406&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20%20%20%20Inicia%20sesi%C3%B3n%5Cn%20-%20ictiva%22%2C%22meta%3Adescription%22%3A%22Usuarios%20de%20ictiva%2C%20tu%20gimnasio%20en%20casa%22%2C%22meta%3Akeywords%22%3A%22usuarios%2C%20ictiva%2C%20gimnasio%20en%20casa%2C%20gimnasia%20en%20casa%2C%20gimnasio%20online%2C%20gimnasio%20virtual%2C%20clases%20virtuales%2C%20videos%20de%20ejercicios%20fisiscos%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22ictiva%2C%20tu%20gimnasio%20online%22%2C%22og%3Adescription%22%3A%22Tu%20gimnasio%20online%20con%2021%20disciplinas%20donde%20escoger%2C%20m%C3%A1s%20de%20400%20sesiones%2C%20disponibles%2024h%20los%20365%20d%C3%ADas%20al%20a%C3%B1o%2C%20%20evoluci%C3%B3n%20con%20gr%C3%A1ficos%20y%20estad%C3%ADsticas%2C%20planes%20de%20entrenamiento%2C%20dietas%20de%20expertos%20nutricionistas%2C%20tarifas%20a%20tu%20medida%22%2C%22og%3Aurl%22%3A%22%2F%2Fwww.ictiva.com%2F%22%2C%22og%3Asite_name%22%3A%22ictiva%2C%20tu%20gimnasio%20online%22%2C%22og%3Aimage%22%3A%22%2F%2Fwww.ictiva.com%2Fbase%2Fvar%2Fsites%2Fictivate%2Fdissenys%2Fimg%2Flogo.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1621245683888.1226569246&it=1621245683663&coo=false&es=automatic&tm=3&exp=l1&rqm=GET Requested by Host: www.ictiva.com URL: https://www.ictiva.com/usuarios/login/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.ictiva.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 10:01:24 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 priority u=3,i expires Mon, 17 May 2021 10:01:24 GMT
GET H/1.1	200 OK	img pixel.mathtag.com/misc/ Frame 8A64	43 B 479 B	57ms 49ms	Image image/gif	2.18.233.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0 Requested by Host: hal9000.redintelligence.net URL: https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-201.deploy.static.akamaitechnologies.com Software MT3 3736 915c305 master cdg-pixel-x8 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://hal9000.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 17 May 2021 10:01:24 GMT Server MT3 3736 915c305 master cdg-pixel-x8 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 17 May 2021 10:00:50 GMT
GET H2	200	/ Show response adservice.google.com/ddm/fls/i/dc_pre=CNSe7-i60PACFZfIuwgdwyIASQ;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4156350663383.0596;~oref=https://hal90... Frame 564C	503 B 866 B	75ms 42ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/ddm/fls/i/dc_pre=CNSe7-i60PACFZfIuwgdwyIASQ;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4156350663383.0596;~oref=https://hal9000.redintelligence.net/ Requested by Host: 8622247.fls.doubleclick.net URL: https://8622247.fls.doubleclick.net/activityi;dc_pre=CNSe7-i60PACFZfIuwgdwyIASQ;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4156350663383.0596? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8877c7c87f2766fe86a579c98fa08e7488cad2545ff5aa2c7e974d5310369fa8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority adservice.google.com :scheme https :path /ddm/fls/i/dc_pre=CNSe7-i60PACFZfIuwgdwyIASQ;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4156350663383.0596;~oref=https://hal9000.redintelligence.net/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://8622247.fls.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://8622247.fls.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin date Mon, 17 May 2021 10:01:24 GMT expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 pragma no-cache x-content-type-options nosniff content-encoding gzip server cafe content-length 393 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	/ Show response adservice.google.com/ddm/fls/i/dc_pre=CPGZ8Oi60PACFU3uuwgdByoL2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4460779151200.793;~oref=https://hal900... Frame 56D5	502 B 459 B	98ms 83ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/ddm/fls/i/dc_pre=CPGZ8Oi60PACFU3uuwgdByoL2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4460779151200.793;~oref=https://hal9000.redintelligence.net/ Requested by Host: 5994599.fls.doubleclick.net URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPGZ8Oi60PACFU3uuwgdByoL2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4460779151200.793? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2176f20750336e21ba85023f5cce8bd5cea57a525b193845faecb20e0e9ac2cb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority adservice.google.com :scheme https :path /ddm/fls/i/dc_pre=CPGZ8Oi60PACFU3uuwgdByoL2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4460779151200.793;~oref=https://hal9000.redintelligence.net/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://5994599.fls.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://5994599.fls.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin date Mon, 17 May 2021 10:01:24 GMT expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 pragma no-cache x-content-type-options nosniff content-encoding gzip server cafe content-length 389 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	/ Show response adservice.google.com/ddm/fls/i/dc_pre=CJmb8Oi60PACFTfmuwgdu9wPcA;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8598814605556.319;~oref=https... Frame 592B	511 B 459 B	90ms 84ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/ddm/fls/i/dc_pre=CJmb8Oi60PACFTfmuwgdu9wPcA;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8598814605556.319;~oref=https://hal9000.redintelligence.net/ Requested by Host: 5994599.fls.doubleclick.net URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJmb8Oi60PACFTfmuwgdu9wPcA;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8598814605556.319? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d74056c5677c9d448e3314660c6041e0825df16e630acf22c609727e7c71fc44 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority adservice.google.com :scheme https :path /ddm/fls/i/dc_pre=CJmb8Oi60PACFTfmuwgdu9wPcA;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8598814605556.319;~oref=https://hal9000.redintelligence.net/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://5994599.fls.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://5994599.fls.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin date Mon, 17 May 2021 10:01:24 GMT expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 pragma no-cache x-content-type-options nosniff content-encoding gzip server cafe content-length 393 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	/ Show response adservice.google.de/ddm/fls/i/dc_pre=CNSe7-i60PACFZfIuwgdwyIASQ;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4156350663383.0596;~oref=https://hal900... Frame 8D7E	194 B 664 B	56ms 42ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/ddm/fls/i/dc_pre=CNSe7-i60PACFZfIuwgdwyIASQ;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4156350663383.0596;~oref=https://hal9000.redintelligence.net/ Requested by Host: adservice.google.com URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNSe7-i60PACFZfIuwgdwyIASQ;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4156350663383.0596;~oref=https://hal9000.redintelligence.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority adservice.google.de :scheme https :path /ddm/fls/i/dc_pre=CNSe7-i60PACFZfIuwgdwyIASQ;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4156350663383.0596;~oref=https://hal9000.redintelligence.net/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://adservice.google.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://adservice.google.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin date Mon, 17 May 2021 10:01:24 GMT expires Mon, 17 May 2021 10:01:24 GMT cache-control private, max-age=0 content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip server cafe content-length 177 x-xss-protection 0 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H2	200	/ Show response track.adform.net/Serving/TrackPoint/ Frame 8A64 Redirect Chain https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=514132044069&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ictiva.com%2F&ADFtpmod... https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=514132044069&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ictiva.com%2F&ADF...	111 B 500 B	53ms 48ms	Script text/javascript	37.157.6.253 ADFORM
General Check archive.org Show headers Download Go to Full URL https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=514132044069&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ictiva.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D25611%26version%3D1%26redirected%3D1 Requested by Host: hal9000.redintelligence.net URL: https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS s1.adform.net Software nginx / Resource Hash 6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://hal9000.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 17 May 2021 10:01:24 GMT content-encoding gzip server nginx vary Accept-Encoding p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform strict-transport-security max-age=31536000; includeSubDomains content-type text/javascript; charset=utf-8 content-length 186 expires -1 Redirect headers pragma no-cache date Mon, 17 May 2021 10:01:24 GMT server nginx location https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=514132044069&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ictiva.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D25611%26version%3D1%26redirected%3D1 strict-transport-security max-age=31536000; includeSubDomains p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform content-type text/html; charset=utf-8 expires -1
GET H2	200	/ Show response adservice.google.de/ddm/fls/i/dc_pre=CPGZ8Oi60PACFU3uuwgdByoL2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4460779151200.793;~oref=https://hal9000... Frame 06D2	194 B 265 B	64ms 43ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/ddm/fls/i/dc_pre=CPGZ8Oi60PACFU3uuwgdByoL2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4460779151200.793;~oref=https://hal9000.redintelligence.net/ Requested by Host: adservice.google.com URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPGZ8Oi60PACFU3uuwgdByoL2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4460779151200.793;~oref=https://hal9000.redintelligence.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority adservice.google.de :scheme https :path /ddm/fls/i/dc_pre=CPGZ8Oi60PACFU3uuwgdByoL2Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4460779151200.793;~oref=https://hal9000.redintelligence.net/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://adservice.google.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://adservice.google.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin date Mon, 17 May 2021 10:01:25 GMT expires Mon, 17 May 2021 10:01:25 GMT cache-control private, max-age=0 content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip server cafe content-length 177 x-xss-protection 0 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H2	200	/ Show response adservice.google.de/ddm/fls/i/dc_pre=CJmb8Oi60PACFTfmuwgdu9wPcA;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8598814605556.319;~oref=https:... Frame 5FF2	194 B 242 B	64ms 58ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/ddm/fls/i/dc_pre=CJmb8Oi60PACFTfmuwgdu9wPcA;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8598814605556.319;~oref=https://hal9000.redintelligence.net/ Requested by Host: adservice.google.com URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJmb8Oi60PACFTfmuwgdu9wPcA;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8598814605556.319;~oref=https://hal9000.redintelligence.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority adservice.google.de :scheme https :path /ddm/fls/i/dc_pre=CJmb8Oi60PACFTfmuwgdu9wPcA;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8598814605556.319;~oref=https://hal9000.redintelligence.net/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://adservice.google.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://adservice.google.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin date Mon, 17 May 2021 10:01:25 GMT expires Mon, 17 May 2021 10:01:25 GMT cache-control private, max-age=0 content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip server cafe content-length 177 x-xss-protection 0 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	img pixel.mathtag.com/misc/ Frame 8A64	43 B 634 B	72ms 72ms	Image image/gif	2.18.233.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-201.deploy.static.akamaitechnologies.com Software MT3 3736 915c305 master zrh-pixel-x9 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://hal9000.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 17 May 2021 10:01:34 GMT Server MT3 3736 915c305 master zrh-pixel-x9 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 17 May 2021 10:01:26 GMT
GET H/1.1	200 OK	img pixel.mathtag.com/misc/ Frame 8A64	43 B 488 B	47ms 47ms	Image image/gif	2.18.233.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1 Requested by Host: pixel.mathtag.com URL: https://pixel.mathtag.com/event/js?mt_id=1393997&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-201.deploy.static.akamaitechnologies.com Software MT3 3736 915c305 master cdg-pixel-x1 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://hal9000.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 17 May 2021 10:01:34 GMT Server MT3 3736 915c305 master cdg-pixel-x1 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 17 May 2021 10:01:00 GMT