urlscan.io logo urlscan.io
SecurityTrails logo

funclub.rw Open in urlscan Pro
2606:4700:3036::6815:124b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://delivery.unlocklocks.com/HSOMEU?id=124732=Jx8EBwNQDgsBTwECUwcIUlUBUx0=XwdbWAgFBkZMXlwOCAxDV0gkWlFRUB9RDFpEU1MAUlMAUQ0GV1R...
Effective URL: https://funclub.rw/eSign/
Submission: On January 23 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 16 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3036::6815:124b, located in United States and belongs to CLOUDFLARENET, US. The main domain is funclub.rw.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 29th 2020. Valid for: a year.
This is the only time funclub.rw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    139.59.218.231 (Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
delivery.unlocklocks.com
20    2606:4700:3036::6815:124b (United States)

ASN13335 (CLOUDFLARENET, US)
funclub.rw
2    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
stackpath.bootstrapcdn.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.de
adservice.google.com
www.googletagservices.com
1    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    13.224.102.65 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-65.zrh50.r.cloudfront.net
certify-js.alexametrics.com
2    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.224.102.91 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-91.zrh50.r.cloudfront.net
certify.alexametrics.com
1    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
20 funclub.rw funclub.rw
4 pagead2.googlesyndication.com funclub.rw
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 stackpath.bootstrapcdn.com funclub.rw
stackpath.bootstrapcdn.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 certify.alexametrics.com funclub.rw
1 certify-js.alexametrics.com funclub.rw
1 cdnjs.cloudflare.com funclub.rw
1 code.jquery.com funclub.rw
1 www.googletagmanager.com funclub.rw
1 fonts.googleapis.com funclub.rw
1 delivery.unlocklocks.com 1 redirects
44 18

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-29 -
2021-07-29		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
certify-js.alexametrics.com
Amazon		 2020-07-12 -
2021-08-12		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
certify.alexametrics.com
Amazon		 2020-07-12 -
2021-08-12		 a year crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://funclub.rw/eSign/
Frame ID: 046FEAD02E9CC41D14057DB9DCF6F28F
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210120/r20190131/zrt_lookup.html
Frame ID: 9CD1E1FA859BAB649B31FD14A4DBF6A6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8563519530061720&output=html&adk=1812271804&adf=3025194257&lmt=1611408951&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Ffunclub.rw%2FeSign%2F&ea=0&flash=0&pra=5&wgl=1&dt=1611408952397&bpp=12&bdt=626&idt=160&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5199934884863&frm=20&pv=2&ga_vid=1488538087.1611408952&ga_sid=1611408953&ga_hid=1876328222&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084%2C21068769&oid=3&pvsid=4173181209104826&pem=88&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=198
Frame ID: 65F23EC6BE182500E62C6E955F11E5FF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: ABDFFFB509ADAA773728B20013CAD339
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://delivery.unlocklocks.com/HSOMEU?id=124732=Jx8EBwNQDgsBTwECUwcIUlUBUx0=XwdbWAgFBkZMXlwOCAxDV0gkWlFRUB9... HTTP 302
    https://funclub.rw/eSign/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

44
Requests

100 %
HTTPS

73 %
IPv6

16
Domains

18
Subdomains

14
IPs

4
Countries

988 kB
Transfer

2046 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://delivery.unlocklocks.com/HSOMEU?id=124732=Jx8EBwNQDgsBTwECUwcIUlUBUx0=XwdbWAgFBkZMXlwOCAxDV0gkWlFRUB9RDFpEU1MAUlMAUQ0GV1RSDVAEA1YYC0BCQV4WF1dWXVsVUkobS0QNDVoBXloOAAhHTFVcD0srZ3l8IWwHWldNRFE=&fl=DBdARkJeFhdVRl9RD0JaTBdGTARmC1JYTg== HTTP 302
    https://funclub.rw/eSign/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
funclub.rw/eSign/
Redirect Chain
  • http://delivery.unlocklocks.com/HSOMEU?id=124732=Jx8EBwNQDgsBTwECUwcIUlUBUx0=XwdbWAgFBkZMXlwOCAxDV0gkWlFRUB9RDFpEU1MAUlMAUQ0GV1RSDVAEA1YYC0BCQV4WF1dWXVsVUkobS0QNDVoBXloOAAhHTFVcD0srZ3l8IWwHWldNRFE=...
  • https://funclub.rw/eSign/
20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:124b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d389386ae84279e2b61eda4469d66f30eebeac4bfcf4398fe3a8eb587e27b6b

Request headers

:method
GET
:authority
funclub.rw
:scheme
https
:path
/eSign/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:51 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=da481710bd1e45222bc0accb5a5d2cbc31611408950; expires=Mon, 22-Feb-21 13:35:50 GMT; path=/; domain=.funclub.rw; HttpOnly; SameSite=Lax; Secure
vary
Cookie,Accept-Encoding
composed-by
SPIP 3.2.1 @ www.spip.net + https://funclub.rw/local/config.txt
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-spip-cache
86400
last-modified
Sat, 23 Jan 2021 13:35:51 GMT
cf-cache-status
DYNAMIC
cf-request-id
07d10e5ec300002c3e360fb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cXGEJU5HP9Fnrw0hYValcbOiM5Myl%2Fi%2BKg8GC1wezEeeRbAJlTXjdi1%2FSAcdiOCiQy1mqkR2hyadvhtW34PMPfwO9klNHy7CJO6vg7jhB9lzPAm6dM0I"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
6161e6779dc32c3e-FRA
content-encoding
br

Redirect headers

server
nginx
date
Sat, 23 Jan 2021 13:35:50 GMT
content-type
text/html
transfer-encoding
chunked
location
https://funclub.rw/eSign/
bootstrap.min.css
funclub.rw/assets/bootstrap/css/ 		141 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://funclub.rw/assets/bootstrap/css/bootstrap.min.css
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:124b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 09 May 2019 14:52:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KygpfbkI%2Fmfk4tiAAbuVBYKAML2%2BiUnZhpeV%2BhgrhBSZuOITYgVOh3XEYzkqihobKrSTL8YcppoE7EG3VFsQOlkjEZzX%2BGxqqXVcBb%2Fi9qOP3mbjfkFX"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
6161e67c98612c3e-FRA
cf-request-id
07d10e61dd00002c3e80286000000001
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
stylesheet.css
funclub.rw/assets/stylesheet/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://funclub.rw/assets/stylesheet/stylesheet.css?t=150
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:124b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0c88d0a993d24cf5bf6daadde6341e82011c9f3340c20e75dedca297d3d2b47

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 01 Jul 2020 09:35:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2tUbofsjHPTYytxPHakxZVT97ZhPF4eoFcLbho7lJ8UXYlDAxKkp8lBXUEGMd8zK7VEMB3newydSaxENMpUOkLzJrskPN8Zw%2FfajtKiXOTT%2FwdOXtmWk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
6161e67c98642c3e-FRA
cf-request-id
07d10e61de00002c3e36a14000000001
magnific-popup.min.css
funclub.rw/assets/stylesheet/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://funclub.rw/assets/stylesheet/magnific-popup.min.css?t=3
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:124b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10fd74f8a0d2a4446db79aa5edcf6c5a3675f94c7360a405615f85a455d28442

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 25 Jun 2019 13:27:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UB%2BG%2F3Sj%2F8Rjjdeczikq1Obzz7nWdhnB2wi25u30QuXT1K%2Bbt6zoZ2%2FSlgZ7X5M33OZ4O8vKPLQrZssZkEl7hKeIBNDCT4cJFbrGrK1xYR8hbqopp%2F%2FR"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
6161e67c98652c3e-FRA
cf-request-id
07d10e61de00002c3e10969000000001
css
fonts.googleapis.com/ 		22 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63e971626cb7961fb014906a5476a7353bba89331013e001bb16b4a6ac5ce93f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 23 Jan 2021 11:44:56 GMT
server
ESF
date
Sat, 23 Jan 2021 13:35:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 Jan 2021 13:35:51 GMT
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-143968592-1
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f1c9ec7184879efdcb12e450eee28b5f9f90916782cfa1d62680ee3b355b2f8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39651
x-xss-protection
0
last-modified
Sat, 23 Jan 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Jan 2021 13:35:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		132 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71674f16bc0443461156f1bcb86acbc3a5256c97c66cc412b9498972564e01ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47256
x-xss-protection
0
server
cafe
etag
10183075830532257014
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 23 Jan 2021 13:35:52 GMT
siteon0.png
funclub.rw/IMG/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://funclub.rw/IMG/siteon0.png?1561471474
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:124b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a1704500f1fc30b986e460f445fef3abd46d7e96f75ccc3ebaad51b3e3ee30a

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 25 Jun 2019 14:04:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1iNe77c%2BQ3xxXSrFPTXHpx%2BNFHh47DdND31fK1vhyX3N%2FgPIHT3fDRgB6jR0rpRxAACHzVPJKk5BcV8qrMcuVfacmYa%2Fjx5Ja%2BhkkYm%2F6zzJJlz5EN4H"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
accept-ranges
bytes
cf-ray
6161e67fafe52c3e-FRA
content-length
23306
cf-request-id
07d10e63cc00002c3e3616b000000001
066e47756b1de9c17b214ecef65148.jpg
funclub.rw/local/cache-gd2/9a/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://funclub.rw/local/cache-gd2/9a/066e47756b1de9c17b214ecef65148.jpg?1611392035
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:124b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c0709bb1c26e9fc8e90fa8daedd28a93718d143a01f7ff8fac1ff6f0e7b3e2

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
cf-cache-status
MISS
last-modified
Sat, 23 Jan 2021 08:53:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rBZHfj7g6P%2FFGpYSeCmtt1jxizOAqlrYLevwR5MSmthfmb7TSd%2B07C3QVCt1vssWxS6WldCAP%2BSfv2Vl0OKT%2BTSau6%2BuzMJbte1H4Q7fp0An%2B%2B7gY1uf"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
accept-ranges
bytes
cf-ray
6161e67fafeb2c3e-FRA
content-length
20204
cf-request-id
07d10e63d100002c3e5809d000000001
baa05725cea8ca3d24128538a09d5c.jpg
funclub.rw/local/cache-gd2/9b/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://funclub.rw/local/cache-gd2/9b/baa05725cea8ca3d24128538a09d5c.jpg?1609322802
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:124b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d9c8d4654446033d0525148d23539489968fa5fff1a9e76c784b1aa688e176b

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Dec 2020 10:06:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Aiot%2FtN35ST4fKFf0OXtiXhID8rluXeAEmKS7Aobq1I3jRXZnOXvkRnMU4be3vMKSdy67blKfF9KLZXNJdbbuY0jO5laU3Mr2HDA%2F7JOSHChn%2B%2BUUNL4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
accept-ranges
bytes
cf-ray
6161e67fafee2c3e-FRA
content-length
23753
cf-request-id
07d10e63ce00002c3e802b8000000001
d9d6e89c9edd53859c20f77aa98d75.jpg
funclub.rw/local/cache-gd2/73/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://funclub.rw/local/cache-gd2/73/d9d6e89c9edd53859c20f77aa98d75.jpg?1601727767
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:124b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a8a73c604300fa4120291be35218d1bf2e639f1a072005a16ac566f36cb7012

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
cf-cache-status
MISS
last-modified
Sat, 03 Oct 2020 12:22:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l3al3xP3AewupZW%2FXCEgTMo8%2B3WIR13hoXxmfkGR6CXyvwgiDktqbg8GNzKFAZHilbRsXvHj1acUfntmwAYwartImrtWuAZa6iakjPvgEjnhnC6kAaPR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
accept-ranges
bytes
cf-ray
6161e67fbff32c3e-FRA
content-length
33766
cf-request-id
07d10e63ce00002c3e27374000000001
e719249710e8b04067fb0a85f80a2a.jpg
funclub.rw/local/cache-gd2/8d/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://funclub.rw/local/cache-gd2/8d/e719249710e8b04067fb0a85f80a2a.jpg?1580593890
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:124b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b9ca69a087f44bea99b55ab23d6e9123f1bf2bef6cad3fd89bb3d4e8f32a67

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
cf-cache-status
MISS
last-modified
Sat, 01 Feb 2020 21:51:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X0YqLrUpu6hjBFqBVdQ0Ev0LvycvVQzgujSZgkT2osmUcnIa6pf1pibHWXo%2BDAtTm5kBPbn3gz3FBgtUpUp5fuSNfL%2BnW34l3W1lwrf6Rn4j7gAp1r3o"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
accept-ranges
bytes
cf-ray
6161e67fbff82c3e-FRA
content-length
26961
cf-request-id
07d10e63cf00002c3e472cf000000001
410f4f40018bce779c9acad75feb9d.jpg
funclub.rw/local/cache-gd2/0d/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://funclub.rw/local/cache-gd2/0d/410f4f40018bce779c9acad75feb9d.jpg?1579974991
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:124b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8fe767fac0a51bca3bb7057d4b2a0c8ecd939ea072174691f93aff13ed60eb1

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
cf-cache-status
MISS
last-modified
Sat, 25 Jan 2020 17:56:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fmjxbqccsfIhH5K9OXHureJFL7sznVqro3l6zqlaH%2BpSCBbca5IlISddYPr8MnsvF7F7C7gWmBjuGagS3Pnl2pWOGWFFYKrK4CN5lZzh%2Ftt0Lv9da5%2Bm"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
accept-ranges
bytes
cf-ray
6161e67fbff92c3e-FRA
content-length
22975
cf-request-id
07d10e63d000002c3e631eb000000001
5d8679cce3ffdc77ae9840a3ef5a16.png
funclub.rw/local/cache-gd2/51/ 		163 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://funclub.rw/local/cache-gd2/51/5d8679cce3ffdc77ae9840a3ef5a16.png?1580678440
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:124b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41e93f3139686a660257ee1c822bf9883ce0c3836cafedcdc6204009f1dcd167

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
cf-cache-status
MISS
last-modified
Sun, 02 Feb 2020 21:20:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cdc4dRtpbS7deBeCgIvilH6oW3zIDhfwEjmSHQSifuzlUii%2BDHf%2BX2fBgDbcLHRdXAM5MWFd4dp3WGGVbJCnXuj8YOUAcusxxRdQ1G%2FSjkGFKfoMyrBF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
accept-ranges
bytes
cf-ray
6161e67fbffb2c3e-FRA
content-length
167344
cf-request-id
07d10e63d100002c3e4c3c8000000001
8cb160ab5bec6dac8c725eb9427153.jpg
funclub.rw/local/cache-gd2/80/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://funclub.rw/local/cache-gd2/80/8cb160ab5bec6dac8c725eb9427153.jpg?1582051436
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:124b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3f8cf9436d6eda197d780b9f68dc6493a8f4976985a4f9e9fb2e191620da98b

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
cf-cache-status
MISS
last-modified
Tue, 18 Feb 2020 18:43:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kdFcWE3%2FctdAj7sJQHBqYj%2BPVjtu%2Bw17nbSiOXpOqxPBd5PJ6G2WuRuGCLr4wpzzYA5HMr5hJXzL310x2aq5ZCiron4zZUGd5RVH5C96It7yP197%2FWPC"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
accept-ranges
bytes
cf-ray
6161e67fbfff2c3e-FRA
content-length
19990
cf-request-id
07d10e63d100002c3e5e26e000000001
38eb8ad2335d71d392322336a09331.jpg
funclub.rw/local/cache-gd2/54/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://funclub.rw/local/cache-gd2/54/38eb8ad2335d71d392322336a09331.jpg?1611321884
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:124b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73fb94257e4c5b0b1f3a1eefb93d077f67eaf62b4befd022ee9c56431a82f41f

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Jan 2021 13:24:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2ByNgaxyImV%2ByrWgd7DWZUv4tWTjBlAg%2FzHSyw8dYR6T6k1Vi7XhcJY7pHIxrx4Q0YHv20lRPHsl%2Fvo9DUYJy4VgZURyT%2BT%2FYV4zeUgxZc%2Bq%2BTODhfRqv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
accept-ranges
bytes
cf-ray
6161e67fb8062c3e-FRA
content-length
26432
cf-request-id
07d10e63d200002c3e3ba88000000001
email-decode.min.js
funclub.rw/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://funclub.rw/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:124b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-request-id
07d10e63c300002c3e6d8ca000000001
last-modified
Wed, 20 Jan 2021 16:35:40 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"60085bdc-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JlZ4zc4bQAgwv%2FJierHh4gwE7xw5nzVSoXc9gyyu2q2VtIBbxP5EcHGXXxcslHhT0K99bVEIZ9JmcR4pTOjHdGTkO3ezn%2FCrfBxuerZeHknR1PaVd34x"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6161e67f9faa2c3e-FRA
expires
Mon, 25 Jan 2021 13:35:52 GMT
jquery-3.3.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Origin
https://funclub.rw
Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
content-encoding
gzip
last-modified
Sat, 20 Jan 2018 17:26:44 GMT
server
nginx
etag
W/"5a637bd4-1111d"
vary
Accept-Encoding
x-hw
1611408952.dop227.fr8.t,1611408952.cds269.fr8.hn,1611408952.cds274.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24038
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://funclub.rw
Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2453901
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6646
cf-request-id
07d10e63c900004a9de30da000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-520c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4BQ2mp6wJeb4KZihWqOxvHEDYrEAcFhXNdSx9%2BWKighi4vxRaLc0QZt4AxN7JiAi3k%2FiYICGP9PUmob0NGkhx25YDarh6qhRadjMNJFwpWnjWc%2B6Rtk8y53CHIMsnBQNEQ%3D%3D"}],"group":"cf-nel"}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6161e67fa9cb4a9d-FRA
expires
Thu, 13 Jan 2022 13:35:52 GMT
bootstrap.min.js
funclub.rw/assets/bootstrap/js/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://funclub.rw/assets/bootstrap/js/bootstrap.min.js
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:124b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 09 May 2019 14:52:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Fl2EsO9oahE8TNWJC4HjwCJX4%2BDe0vvnP93sMcBqwQyRaUHm44HY%2FVP5WLxTw4ZJ%2BqbhawT1%2FKBD46u2JXtBVKUyQ6dOjr94e3FlgMkxVjWA6%2BWEeQmb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
6161e67fafdb2c3e-FRA
cf-request-id
07d10e63cb00002c3e25339000000001
main.js
funclub.rw/assets/js/ 		2 KB
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://funclub.rw/assets/js/main.js
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:124b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2959afd13d46e120e11e93534ac6177501cfab748e8523d1dc20c78a5f902b0b

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 24 May 2019 16:36:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mFG5Ypvf0W2pae5vmgxcXtxvzeD%2F%2BeEnzTgG6vvJ4kNHrqHT9LgepKE1vSJeVBTrhes4tGZUm6wfQaAOe1snP7DTLg%2BHUcBYMbp1g72uMkjNBPq8LQrM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
6161e67fafe32c3e-FRA
cf-request-id
07d10e63cc00002c3e138a4000000001
atrk.js
certify-js.alexametrics.com/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.65 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-65.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 19 Dec 2020 08:26:48 GMT
Via
1.1 376bac901e689131d2a41914df1245d9.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Sat, 16 Mar 2019 16:01:33 GMT
Server
AmazonS3
Age
3042545
ETag
"96c08723796affab377d9bb08d631cd0"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Cache-Control
max-age=26920000
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
Content-Length
4264
X-Amz-Cf-Id
UvBgOKZfZJSlmzG_cwF4bQVrERX27sRez0M-K1BYhp8HjOEXdo22SA==
/
funclub.rw/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://funclub.rw/
Requested by
Host: funclub.rw
URL: https://funclub.rw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:124b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://funclub.rw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=emzwod5eBdP%2Bn6n3IMhu9wmG8WmF9l1rvuRtw%2FUEw9zPLIdghBK59gDxTLDL4SYdWvdPUi60yIGgyZNonqp4CW1vrbDV8JmZKNgePXJBr8t%2FenR0ckv7"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=0
cf-ray
6161e67fb80b2c3e-FRA
cf-request-id
07d10e63d300002c3e6a187000000001
expires
Sat, 23 Jan 2021 13:35:52 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://funclub.rw
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 19:09:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
239202
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Thu, 20 Jan 2022 19:09:10 GMT
Poppins-Regular.ttf
funclub.rw/assets/fonts/poppins/ 		142 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://funclub.rw/assets/fonts/poppins/Poppins-Regular.ttf
Requested by
Host: funclub.rw
URL: https://funclub.rw/assets/stylesheet/stylesheet.css?t=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:124b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2425ebbc021bfdd18fe55edbeeb1539d22a217212c14430a7d4d75266a333bbc

Request headers

Origin
https://funclub.rw
Referer
https://funclub.rw/assets/stylesheet/stylesheet.css?t=150
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 22 May 2019 16:09:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4hNc7jHbO8C24IWv3BnZ6iV%2F8jhV51MgyVJ5rdTVEPkboNXS76xsgEDv0eKto4fZjvZYeRBJ1wtDjkenYqJT8EKLOdnyx%2FjLERCTDSHEggMSzloqZP4q"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
6161e67fb81d2c3e-FRA
cf-request-id
07d10e63d600002c3e3fb23000000001
fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://funclub.rw
Referer
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
77171
Sathu.ttf
funclub.rw/assets/fonts/ 		406 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://funclub.rw/assets/fonts/Sathu.ttf
Requested by
Host: funclub.rw
URL: https://funclub.rw/assets/stylesheet/stylesheet.css?t=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:124b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bf249b586427813ae0145fd10d15617604bf420ca73ccade3615f85ffcde9f0

Request headers

Origin
https://funclub.rw
Referer
https://funclub.rw/assets/stylesheet/stylesheet.css?t=150
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 01 Jan 2001 12:19:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8kGUvPBFQRQwRfOAcYz1Mo7vsilYw7RMpWCFFknXyYDl0a1wT9R17WTPCIET8vZXAM8EaA%2FeXETm4BVgWq9dHWn8KmgpCWMbb8KlQuLm8rQd39jbn3OP"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
6161e67fb8222c3e-FRA
cf-request-id
07d10e63d700002c3e5320c000000001
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://funclub.rw
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 11:36:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
93540
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Sat, 22 Jan 2022 11:36:52 GMT
ITCAvantGardeStd-Bk.otf
funclub.rw/assets/fonts/ 		30 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://funclub.rw/assets/fonts/ITCAvantGardeStd-Bk.otf
Requested by
Host: funclub.rw
URL: https://funclub.rw/assets/stylesheet/stylesheet.css?t=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:124b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9a6a06221f6af8eef23cb92f8ef979123e5fb7fb84aa0927f92deae576cfe1b

Request headers

Origin
https://funclub.rw
Referer
https://funclub.rw/assets/stylesheet/stylesheet.css?t=150
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 16 Jan 2007 00:23:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2%2FLC%2B0JqW7JKIb9975k88q0%2FBzVXFjRIqWEYD5f2AnXbVkgv1Rjz%2FD4VDyQnTyUqwXEZs7dZJhstXpHA2ZH9iTyXGZA78YnNTlrMZeJMFPNeMnUa4jbB"}],"group":"cf-nel","max_age":604800}
content-type
font/otf
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
6161e67fb8282c3e-FRA
cf-request-id
07d10e63d800002c3e4b2c2000000001
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/ 		224 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
261d6dc86d7002888cd60be2998e37ccf910233d570151dc206564ac459ffdce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
85977
x-xss-protection
0
server
cafe
etag
16085909096229427883
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Jan 2021 13:35:52 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210120/r20190131/ Frame 9CD1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210120/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210120/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://funclub.rw/eSign/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://funclub.rw/eSign/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 22 Jan 2021 19:41:33 GMT
expires
Fri, 05 Feb 2021 19:41:33 GMT
content-type
text/html; charset=UTF-8
etag
1252425945412704235
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4751
x-xss-protection
0
age
64459
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143968592-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
5917
date
Sat, 23 Jan 2021 11:57:15 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sat, 23 Jan 2021 13:57:15 GMT
collect
www.google-analytics.com/j/ 		1 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1876328222&t=pageview&_s=1&dl=https%3A%2F%2Ffunclub.rw%2FeSign%2F&ul=en-us&de=UTF-8&dt=Error%20404%20-%20FunClub%20%7C%20Ruhago%2CBasketball%2CVolleyball%2CAmagare%2Cindi%20Mikino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1605345036&gjid=31520355&cid=1488538087.1611408952&tid=UA-143968592-1&_gid=940636960.1611408952&_r=1&gtm=2ou1d0&z=1676300150
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Jan 2021 13:35:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://funclub.rw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Error%20404%20-%20FunClub%20%7C%20Ruhago%2CBasketball%2CVolleyball%2CAmagare%2Cindi%20Mikino&time=1611408952463&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Ffunclub.rw%2FeSign%2F&random_number=7816954638&sess_cookie=46248c0b1772f754c8ea7bf2483&sess_cookie_flag=1&user_cookie=46248c0b1772f754c8ea7bf2483&user_cookie_flag=1&dynamic=true&domain=funclub.rw&account=+i3it1hNdI20fn&jsv=20130128&user_lang=en-US
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.91 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-91.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 14:51:43 GMT
Via
1.1 0baaefd2451e4f0e2d5ea55eb90f4a1a.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
81849
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
ZRH50-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
z0jZ3vDQbRSIX-65jb1ZHkakmI_GJzY49UukpuJEoGmiQ9p9vNAzoQ==
cookie.js
partner.googleadservices.com/gampad/ 		200 B
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=funclub.rw&callback=_gfp_s_&client=ca-pub-8563519530061720
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
b9ecb6a84f6ee02440c69261ed0e061c627d1d89255a77a3818d64dc50964ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=funclub.rw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Jan 2021 13:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=funclub.rw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Jan 2021 13:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 65F2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8563519530061720&output=html&adk=1812271804&adf=3025194257&lmt=1611408951&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Ffunclub.rw%2FeSign%2F&ea=0&flash=0&pra=5&wgl=1&dt=1611408952397&bpp=12&bdt=626&idt=160&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5199934884863&frm=20&pv=2&ga_vid=1488538087.1611408952&ga_sid=1611408953&ga_hid=1876328222&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084%2C21068769&oid=3&pvsid=4173181209104826&pem=88&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=198
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8563519530061720&output=html&adk=1812271804&adf=3025194257&lmt=1611408951&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Ffunclub.rw%2FeSign%2F&ea=0&flash=0&pra=5&wgl=1&dt=1611408952397&bpp=12&bdt=626&idt=160&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5199934884863&frm=20&pv=2&ga_vid=1488538087.1611408952&ga_sid=1611408953&ga_hid=1876328222&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084%2C21068769&oid=3&pvsid=4173181209104826&pem=88&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=198
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://funclub.rw/eSign/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://funclub.rw/eSign/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 23 Jan 2021 13:35:52 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 23-Jan-2021 13:50:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 23 Jan 2021 13:35:52 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1187995a6a31ed3a06d13bae8d36edcc63782f5764897a5a62703d2d6cb840c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611319200633513"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28803
x-xss-protection
0
expires
Sat, 23 Jan 2021 13:35:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210120&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b7008b6678e28501ccc32c739f08950068451daeb2c5f3385b0dfec27e6bbb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Jan 2021 13:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6777
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607463675096825"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6146
x-xss-protection
0
expires
Sat, 23 Jan 2021 13:35:53 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame ABDF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/220/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://funclub.rw/eSign/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://funclub.rw/eSign/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4868
date
Fri, 22 Jan 2021 22:45:59 GMT
expires
Sat, 22 Jan 2022 22:45:59 GMT
last-modified
Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
53394
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20210120&jk=4173181209104826&bg=!3d6l3p3NAAVwd1e1cDsAKQB2-DxaHRALPOrCoYDSx1TKll6jQaZIpPqd5P3dPxg62N-DD5K7EkjTAgAAAEtSAAAAC2gBBwoBK_p0zSlBNFZJif3g_NT7yp_Ako_1v7hKboKH9vhArq1cwsa11AvFcHwSgw2iiJdWqrumNC_QX9mOItUJSV87HQAMTivGlQdQgxMwmacP_glf-hNW3o4TsKDvhtYtJov-iQNxqCpFxy4ZRsz67uLd40bZc8B3YyUGL3O4ofWSHle8YNCusIDDv1Q-SRyrpT98_nDl7Xe9vxvvs8vowS0ZxlIGXVScoDoJCi5ftjNg0Z72v6zMSasUzy2qS5h7O7ldI2WOiXuYqktdtsesxsEgCFcL_XiMA5kUh-r7U2nAJgaopEMqLTXrVUU6Kdwe3CXozmDgbwdpOc2KhvNjEK11MZ3j4gHrISUg4Wsl2U7zW1B3s0tZLeu33rHWBfs5Jtg3GL6M3ob6DmrAoicumQHLpEXJOQkmv--EE71paMrtkT0sYfy6PEVHKm8M9DbV1-IhdH5Gd3M0Lrr6nEvYa8UHULYAOoO7PgtA8ygBu3__i-jFR2hCXjbWzzdiqh6xIZbaCHIDtzNo3YCOiP5W_cbf0pYWH6LE5J5IHLNN2SZ63PwE82cW9g1CLQXXLFj_2RqoDkOK9_8fTnV-HeSNJki-Cu99d9Xn6I79DzJM9PHugBHdavWjBpjPPkHQHVl9eF7BKz2Ul9RVIJdC4RPKuhGpaRme87mcrQ3dLodXNTqqpAtdxQiT_BCahcLvT0w6UMLQpj3H4B6OW9k4Ln2UBq9R1T_g_3P8RjMs2sTg2HfS1bdd0GJ3Ef_VIsMMw5mvn9yWINhnhlnZ1_jW4QZ6tbYgQRllmcAaFmVfRGrDSLbFQhkmlpV-YGCUKN83SZEhSxC2Ud8jS6xm495qGfaLXD80uSmHBcufs2NvyW1OUC2uSJiutX2yETDe2tvhVgEcMmd2X_wqGyj01bw1BDm_Ra0JZPWeInU-jl_tMqVXQFSNvqh0v4gBycrjiN9T6cLXSbdsPWCm0xqzKaQGEmKOozA6HcKPCTLlcXOEXCCgDP-kkoTiyvuC3UGmuECv
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Jan 2021 13:35:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| adsbygoogle object| _atrk_opts function| scrollFunction function| topFunction function| $ function| jQuery function| Popper object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| atrk boolean| _atrk_fired function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| bootstrap function| openCity object| GoogleGcLKhOms object| google_image_requests

8 Cookies

Domain/Path Name / Value
.funclub.rw/ Name: __auc
Value: 46248c0b1772f754c8ea7bf2483
.funclub.rw/ Name: __gads
Value: ID=e88123f499529891-22d07d90a4b90060:T=1611408952:RT=1611408952:S=ALNI_MYj-K42PjjEzP6iFhK1Od22pwBr_g
.funclub.rw/ Name: __asc
Value: 46248c0b1772f754c8ea7bf2483
.funclub.rw/ Name: _gat_gtag_UA_143968592_1
Value: 1
.funclub.rw/ Name: _gid
Value: GA1.2.940636960.1611408952
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.funclub.rw/ Name: _ga
Value: GA1.2.1488538087.1611408952
.funclub.rw/ Name: __cfduid
Value: da481710bd1e45222bc0accb5a5d2cbc31611408950

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
certify-js.alexametrics.com
certify.alexametrics.com
code.jquery.com
delivery.unlocklocks.com
fonts.googleapis.com
fonts.gstatic.com
funclub.rw
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
stackpath.bootstrapcdn.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
13.224.102.65
13.224.102.91
139.59.218.231
2001:4de0:ac19::1:b:2a
2001:4de0:ac19::1:b:2b
216.58.207.66
2606:4700:3036::6815:124b
2606:4700::6810:125e
2a00:1450:4001:802::2008
2a00:1450:4001:802::200e
2a00:1450:4001:803::2001
2a00:1450:4001:803::200a
2a00:1450:4001:81a::2002
2a00:1450:4001:81e::2003
2a00:1450:4001:824::200e
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0d389386ae84279e2b61eda4469d66f30eebeac4bfcf4398fe3a8eb587e27b6b
10fd74f8a0d2a4446db79aa5edcf6c5a3675f94c7360a405615f85a455d28442
1a1704500f1fc30b986e460f445fef3abd46d7e96f75ccc3ebaad51b3e3ee30a
2425ebbc021bfdd18fe55edbeeb1539d22a217212c14430a7d4d75266a333bbc
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
261d6dc86d7002888cd60be2998e37ccf910233d570151dc206564ac459ffdce
2959afd13d46e120e11e93534ac6177501cfab748e8523d1dc20c78a5f902b0b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b7008b6678e28501ccc32c739f08950068451daeb2c5f3385b0dfec27e6bbb9
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
3d9c8d4654446033d0525148d23539489968fa5fff1a9e76c784b1aa688e176b
41e93f3139686a660257ee1c822bf9883ce0c3836cafedcdc6204009f1dcd167
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
63c0709bb1c26e9fc8e90fa8daedd28a93718d143a01f7ff8fac1ff6f0e7b3e2
63e971626cb7961fb014906a5476a7353bba89331013e001bb16b4a6ac5ce93f
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71674f16bc0443461156f1bcb86acbc3a5256c97c66cc412b9498972564e01ac
73fb94257e4c5b0b1f3a1eefb93d077f67eaf62b4befd022ee9c56431a82f41f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a8a73c604300fa4120291be35218d1bf2e639f1a072005a16ac566f36cb7012
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bf249b586427813ae0145fd10d15617604bf420ca73ccade3615f85ffcde9f0
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
b1187995a6a31ed3a06d13bae8d36edcc63782f5764897a5a62703d2d6cb840c
b9b9ca69a087f44bea99b55ab23d6e9123f1bf2bef6cad3fd89bb3d4e8f32a67
b9ecb6a84f6ee02440c69261ed0e061c627d1d89255a77a3818d64dc50964ef6
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
c8fe767fac0a51bca3bb7057d4b2a0c8ecd939ea072174691f93aff13ed60eb1
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f8cf9436d6eda197d780b9f68dc6493a8f4976985a4f9e9fb2e191620da98b
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f0c88d0a993d24cf5bf6daadde6341e82011c9f3340c20e75dedca297d3d2b47
f1c9ec7184879efdcb12e450eee28b5f9f90916782cfa1d62680ee3b355b2f8c
f9a6a06221f6af8eef23cb92f8ef979123e5fb7fb84aa0927f92deae576cfe1b