cf.spybriefing.com Open in urlscan Pro
2606:4700::6810:fc2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.spybriefing.com/a/1485/click/9349/165523/441d3f712b67c75a0551dcb3041bbb6ec813f91d/5a87b888d6f8f103142380318b74a8...
Effective URL:
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Submission: On June 09 via manual (June 9th 2022, 2:15:34 pm UTC) from US — Scanned from DE

Summary HTTP 181 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 79 IPs in 9 countries across 67 domains to perform 181 HTTP transactions. The main IP is 2606:4700::6810:fc2, located in United States and belongs to CLOUDFLARENET, US. The main domain is cf.spybriefing.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2022. Valid for: a year.

This is the only time cf.spybriefing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.238.129.105 35.238.129.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 24	2606:4700::68... 2606:4700::6810:fc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1 7	2606:4700:440... 2606:4700:4400::6812:24d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::ac40:946f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:ec2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.32.27.12 13.32.27.12	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:350... 2a02:26f0:3500:887::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	67.205.176.157 67.205.176.157	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (STACKPATH...) (STACKPATH-CDN)
2	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.27.174 104.18.27.174	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
14	23.36.163.228 23.36.163.228	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	3.214.237.192 3.214.237.192	14618 (AMAZON-AES) (AMAZON-AES)
5	85.17.54.17 85.17.54.17	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	52.45.50.106 52.45.50.106	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 3	44.196.167.20 44.196.167.20	14618 (AMAZON-AES) (AMAZON-AES)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1 4	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223e:0:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	169.50.137.179 169.50.137.179	36351 (SOFTLAYER) (SOFTLAYER)
4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	178.250.2.140 178.250.2.140	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:20:... 2606:4700:20::ac43:4839	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 5	2600:9000:206... 2600:9000:206f:3c00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	91.195.240.87 91.195.240.87	47846 (SEDO-AS) (SEDO-AS)
1	104.102.29.173 104.102.29.173	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	18.205.229.183 18.205.229.183	14618 (AMAZON-AES) (AMAZON-AES)
3	70.42.32.95 70.42.32.95	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	54.220.99.25 54.220.99.25	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2 3	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	52.209.107.65 52.209.107.65	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	185.33.220.100 185.33.220.100	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	18.195.192.101 18.195.192.101	16509 (AMAZON-02) (AMAZON-02)
1	54.77.142.93 54.77.142.93	16509 (AMAZON-02) (AMAZON-02)
1	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.86.139.57 185.86.139.57	201081 (SMARTADSE...) (SMARTADSERVER)
1	3.120.204.202 3.120.204.202	16509 (AMAZON-02) (AMAZON-02)
1 2	52.210.108.30 52.210.108.30	16509 (AMAZON-02) (AMAZON-02)
2 2	34.206.247.163 34.206.247.163	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5	14618 (AMAZON-AES) (AMAZON-AES)
1	52.203.231.62 52.203.231.62	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:612... 2600:1f18:612b:4232:6e00:7b23:6545:3513	14618 (AMAZON-AES) (AMAZON-AES)
1 1	23.35.229.117 23.35.229.117	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.120.22.117 3.120.22.117	16509 (AMAZON-02) (AMAZON-02)
1	52.49.242.166 52.49.242.166	16509 (AMAZON-02) (AMAZON-02)
181	79

1 35.238.129.105 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com

links.spybriefing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700::6810:fc2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cf.spybriefing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::6812:24d6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kw493.infusionsoft.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:946f (United States)

ASN13335 (CLOUDFLARENET, US)

kw493.infusionsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:ec2 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-12.fra56.r.cloudfront.net

tag.segmetrics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:887::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.205.176.157 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: statistinamics.com

ndn.statistinamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

a.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.27.174 (None, )

ASN13335 (CLOUDFLARENET, US)

a.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 23.36.163.228 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-228.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.214.237.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-237-192.compute-1.amazonaws.com

web.adblade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 85.17.54.17 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

visit.prayfashion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.50.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-50-106.compute-1.amazonaws.com

pixel.adblade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.196.167.20 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-167-20.compute-1.amazonaws.com

rdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:0:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.140 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4839 (United States)

ASN13335 (CLOUDFLARENET, US)

track.segmetrics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:206f:3c00:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.195.240.87 (Germany)

ASN47846 (SEDO-AS, DE)

m.revmizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.29.173 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-173.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.205.229.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-229-183.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.99.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-99-25.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.107.65 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-107-65.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.14 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.100 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.247 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.192.101 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-192-101.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.142.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-142-93.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.57 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.204.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-204-202.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.108.30 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-108-30.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.206.247.163 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-247-163.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.231.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-231-62.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:6e00:7b23:6545:3513 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.229.117 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-117.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.22.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-22-117.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.242.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-242-166.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	spybriefing.com 2 redirects links.spybriefing.com — Cisco Umbrella Rank: 663192 cf.spybriefing.com	5 MB
14	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 981	81 KB
11	youtube.com www.youtube.com — Cisco Umbrella Rank: 103	761 KB
10	criteo.com 3 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4215 gum.criteo.com — Cisco Umbrella Rank: 369 mug.criteo.com — Cisco Umbrella Rank: 2871 sslwidget.criteo.com — Cisco Umbrella Rank: 1539 widget.us.criteo.com — Cisco Umbrella Rank: 17602 dis.criteo.com — Cisco Umbrella Rank: 692	19 KB
8	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 static.doubleclick.net — Cisco Umbrella Rank: 370 cm.g.doubleclick.net — Cisco Umbrella Rank: 199	5 KB
7	adnxs.com 6 redirects secure.adnxs.com — Cisco Umbrella Rank: 393 ib.adnxs.com — Cisco Umbrella Rank: 225	7 KB
7	infusionsoft.app 1 redirects kw493.infusionsoft.app	14 KB
6	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 2116 d.adroll.com — Cisco Umbrella Rank: 1441	78 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 52 jnn-pa.googleapis.com — Cisco Umbrella Rank: 299	33 KB
5	prayfashion.com visit.prayfashion.com	7 KB
5	clickfunnels.com assets.clickfunnels.com — Cisco Umbrella Rank: 60807 app.clickfunnels.com — Cisco Umbrella Rank: 36031	5 KB
4	yahoo.com 1 redirects ads.yahoo.com — Cisco Umbrella Rank: 1008 sp.analytics.yahoo.com — Cisco Umbrella Rank: 733 ups.analytics.yahoo.com — Cisco Umbrella Rank: 283	1 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 3528	7 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 1968 tr.outbrain.com — Cisco Umbrella Rank: 1805 sync.outbrain.com — Cisco Umbrella Rank: 715	4 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6180	870 B
4	google.com www.google.com — Cisco Umbrella Rank: 4	870 B
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 939	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	264 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 547 i6.liadm.com — Cisco Umbrella Rank: 1516	1 KB
3	rdcdn.com 2 redirects rdcdn.com — Cisco Umbrella Rank: 45559	801 B
3	adblade.com web.adblade.com — Cisco Umbrella Rank: 65001 pixel.adblade.com — Cisco Umbrella Rank: 209376	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 43	20 KB
3	gstatic.com fonts.gstatic.com	76 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 875	92 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 644 cdn.stickyadstv.com — Cisco Umbrella Rank: 2517	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 623	851 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 276	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1478	2 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 310	140 B
2	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 770	1 KB
2	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 5892 trends.revcontent.com — Cisco Umbrella Rank: 1960	10 KB
2	adskeeper.co.uk a.adskeeper.co.uk — Cisco Umbrella Rank: 462139	6 KB
2	mgid.com a.mgid.com — Cisco Umbrella Rank: 18330	6 KB
2	statistinamics.com ndn.statistinamics.com — Cisco Umbrella Rank: 98659	1 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 741	19 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 942 pixel.quantserve.com — Cisco Umbrella Rank: 430	10 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 92	388 B
2	segmetrics.io tag.segmetrics.io — Cisco Umbrella Rank: 65901 track.segmetrics.io — Cisco Umbrella Rank: 88311	26 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	110 KB
2	infusionsoft.com kw493.infusionsoft.com	31 KB
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 1844	220 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1297	40 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2215	183 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1234	428 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 577	261 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 590	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1163	99 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1591	172 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 520	798 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 380	140 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 582	578 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 317	239 B
1	addthis.com cw.addthis.com — Cisco Umbrella Rank: 1433	428 B
1	mediawallahscript.com partner.mediawallahscript.com — Cisco Umbrella Rank: 2106	232 B
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 389	720 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 362	14 KB
1	revmizer.com m.revmizer.com
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 586	14 KB
1	simpli.fi tag.simpli.fi — Cisco Umbrella Rank: 4294	4 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 906	354 B
1	turn.com r.turn.com — Cisco Umbrella Rank: 2685	398 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1072	8 KB
1	exoclick.com a.exoclick.com — Cisco Umbrella Rank: 77683	935 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 122	15 KB
1	clickcease.com www.clickcease.com — Cisco Umbrella Rank: 10605	53 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1222	5 KB
0	addevent.com Failed track.addevent.com Failed
181	67

	Domain	Requested by
20	cf.spybriefing.com	1 redirects cf.spybriefing.com static.cloudflareinsights.com
14	analytics.tiktok.com	cf.spybriefing.com analytics.tiktok.com
11	www.youtube.com	cf.spybriefing.com www.youtube.com
7	kw493.infusionsoft.app	1 redirects cf.spybriefing.com kw493.infusionsoft.app
5	s.adroll.com	1 redirects cf.spybriefing.com s.adroll.com
5	visit.prayfashion.com	cf.spybriefing.com visit.prayfashion.com
4	secure.adnxs.com	3 redirects
4	tags.srv.stackadapt.com	cf.spybriefing.com tags.srv.stackadapt.com
4	jnn-pa.googleapis.com	www.youtube.com
4	www.google.de	cf.spybriefing.com
4	www.google.com	cf.spybriefing.com
4	tr.snapchat.com	sc-static.net cf.spybriefing.com
4	googleads.g.doubleclick.net	1 redirects www.googleadservices.com www.youtube.com
4	app.clickfunnels.com	cf.spybriefing.com
4	www.googletagmanager.com	cf.spybriefing.com www.googletagmanager.com
3	ib.adnxs.com	3 redirects
3	dis.criteo.com
3	gum.criteo.com	2 redirects static.criteo.net
3	rdcdn.com	2 redirects cf.spybriefing.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	use.fontawesome.com	cf.spybriefing.com use.fontawesome.com
2	i.liadm.com	2 redirects
2	ad.360yield.com	1 redirects
2	x.bidswitch.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	idsync.rlcdn.com
2	tr.outbrain.com	amplify.outbrain.com
2	ct.pinterest.com	s.pinimg.com cf.spybriefing.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	web.adblade.com	cf.spybriefing.com
2	a.adskeeper.co.uk	cf.spybriefing.com
2	a.mgid.com	cf.spybriefing.com
2	ndn.statistinamics.com	www.googletagmanager.com ndn.statistinamics.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.facebook.com	cf.spybriefing.com
2	connect.facebook.net	cf.spybriefing.com connect.facebook.net
2	kw493.infusionsoft.com	cf.spybriefing.com
2	fonts.googleapis.com	cf.spybriefing.com
1	sync-criteo.ads.yieldmo.com
1	exchange.mediavine.com
1	cdn.stickyadstv.com
1	ads.stickyadstv.com	1 redirects
1	criteo-partners.tremorhub.com
1	jadserve.postrelease.com
1	i6.liadm.com
1	match.sharethrough.com
1	rtb-csync.smartadserver.com
1	sync-t1.taboola.com
1	criteo-sync.teads.tv
1	trends.revcontent.com
1	contextual.media.net
1	eb2.3lift.com
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	cw.addthis.com
1	sync.outbrain.com
1	sp.analytics.yahoo.com
1	ads.yahoo.com
1	partner.mediawallahscript.com
1	cm.g.doubleclick.net	1 redirects
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	cf.spybriefing.com
1	d.adroll.com	s.adroll.com
1	amplify.outbrain.com	cf.spybriefing.com
1	m.revmizer.com	cf.spybriefing.com
1	static.criteo.net	dynamic.criteo.com
1	track.segmetrics.io	tag.segmetrics.io
1	dynamic.criteo.com	cf.spybriefing.com
1	static.doubleclick.net	www.youtube.com
1	pixel.quantserve.com	cf.spybriefing.com
1	tag.simpli.fi	cf.spybriefing.com
1	rules.quantcount.com	secure.quantserve.com
1	assets.revcontent.com	www.googletagmanager.com
1	r.turn.com	cf.spybriefing.com
1	pixel.adblade.com	cf.spybriefing.com
1	sc-static.net	cf.spybriefing.com
1	a.exoclick.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.clickcease.com	cf.spybriefing.com
1	tag.segmetrics.io	cf.spybriefing.com
1	static.cloudflareinsights.com	cf.spybriefing.com
1	assets.clickfunnels.com	cf.spybriefing.com
1	links.spybriefing.com	1 redirects
0	track.addevent.com Failed	cf.spybriefing.com
181	90

This site contains links to these domains. Also see Links.

Domain
spybriefing.com

Subject Issuer	Validity	Valid
cf.spybriefing.com Cloudflare Inc ECC CA-3	`2022-05-08` - `2023-05-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-18` - `2022-06-16`	3 months	crt.sh
tag.segmetrics.io Amazon	`2021-11-15` - `2022-12-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
statistinamics.com R3	`2022-06-04` - `2022-09-02`	3 months	crt.sh
*.exoclick.com Go Daddy Secure Certificate Authority - G2	`2021-08-03` - `2022-09-04`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
adblade.com Amazon	`2022-04-17` - `2023-05-16`	a year	crt.sh
visit.prayfashion.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-07` - `2022-09-07`	a year	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-02` - `2023-04-01`	a year	crt.sh
assets.revcontent.com R3	`2022-05-17` - `2022-08-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
m.revmizer.com Encryption Everywhere DV TLS CA - G1	`2022-06-06` - `2023-06-06`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.srv.stackadapt.com Amazon	`2021-11-09` - `2022-12-07`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.mediawallahscript.com Amazon	`2022-05-04` - `2023-06-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-06` - `2022-07-27`	2 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2021-08-05` - `2022-09-03`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Frame ID: 6896FDB011EE9446E892FC8D14F9D3B6
Requests: 128 HTTP requests in this frame

Frame: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Frame ID: 16C7BB8018A0D4016FA13665D1EFB0E0
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Frame ID: 1EA36CB733396347DF9268781E50236F
Requests: 13 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=dcac7434-c37f-428b-b940-285ccbce8757
Frame ID: 1766718BA531D350EAD9C4E6971B55EF
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 5A629C58094B70CD8C3CA8931B3AEB25
Requests: 1 HTTP requests in this frame

Frame: https://kw493.infusionsoft.app/app/webTracking/websiteTriggerIframe
Frame ID: 8595F6A84FB208C16A6C18E2D0B079E6
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=cf.spybriefing.com&origin=onetag
Frame ID: 2DCADA87785C37B01C5D7C8F6A16E1C9
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-CLiWya1Po2NVU3f3Mgm0cFK1OQ4G9NxHzsj_jQ&google_gid=CAESEL7wf69QiRo5jjXPACoo6XY&google_cver=1&google_ula=913071,0
Frame ID: 4558A782AFA3AD8B26FB3248FC501EF0
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Carfighting Video

Page URL History Show full URLs

https://links.spybriefing.com/a/1485/click/9349/165523/441d3f712b67c75a0551dcb3041bbb6ec813f91d/5a87b888d6... HTTP 302
https://cf.spybriefing.com/carfighting-le HTTP 302
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778 Page URL

Detected technologies

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

ClickFunnels (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

<meta property="cf:app_domain" content="app\.clickfunnels\.com"

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

181
Requests

90 %
HTTPS

37 %
IPv6

67
Domains

90
Subdomains

79
IPs

9
Countries

6762 kB
Transfer

13030 kB
Size

97
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://spybriefing.com/terms-conditions
Title: TERMS AND CONDITIONS

Search URL Search Domain Scan URL

URL: https://spybriefing.com/privacy-policy
Title: PRIVACY POLICY

Search URL Search Domain Scan URL

URL: https://spybriefing.com/return-policy
Title: RETURN POLICY

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.spybriefing.com/a/1485/click/9349/165523/441d3f712b67c75a0551dcb3041bbb6ec813f91d/5a87b888d6f8f103142380318b74a8d93287aa1e HTTP 302
https://cf.spybriefing.com/carfighting-le HTTP 302
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://rdcdn.com/rt?aid=19177&e=1&img=1 HTTP 302
https://rdcdn.com/eow HTTP 302
https://rdcdn.com/images/blank.gif

Request Chain 111

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 126

https://s.adroll.com/j/exp/LIAFGQD4BJCQNANH5CBFII/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 143

https://kw493.infusionsoft.app/app/webTracking/contact/1654784127844?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=cf.spybriefing.com&location=https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778&referrer= HTTP 302
https://kw493.infusionsoft.app/slices/spacer.gif

Request Chain 147

https://gum.criteo.com/sid/json?origin=onetag&domain=spybriefing.com&sn=ChromeSyncframe&so=0&topUrl=cf.spybriefing.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ItmNlXw3RDlINnV6bFNtRUdxd295bDRLMkc2KzZQWVJPMEtoL3RvK1Z2ME4ybTlrZXVRZzlsQnVDaGhoczF5ZXZXYkdMSENhRTBQbTk4Vmx0aThVT1FFVHQxYm5hQmlBdnh6SFFvamVFUDJnbWJEMGpNZlcwUzRPSlQ1U1VxSUZNL2tvWkp4aDZ2Q3Nmem1ORmNJTEgzK1VBR2JTRzNyTjRtS2pUNjI0WUthWEZobEVRZE9xbzhkd1dSeVhkQk96UWw1NGdaamZHdWV6cWFPVHVzT2UxS0R5cnVYN0phTkRCRG1QSjRpWjc4MTJFTTZZRis1bVIvTEpJSXM5QkRPcktoa3ZEcWFWaWJFOEZqR2lPZklPZGhUWjhFdz09fA&cppv=2

Request Chain 148

https://sslwidget.criteo.com/event?a=94432&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=FcqTk18xRGs2WXlJNFRGZHpoUWpRdnpkRFMxbkMlMkJtMkZ5Y1dqZ2JFQVlNVHlOYjM5ZSUyRlJrcjMyZ1Q2NHRRQWNleTV5ZG1Va3VyMHJoVFRXQmt4TWpzb2V2UFVmQ0clMkIwYk9Ud0piOE1TemNGNG9BblhIM3ZPU0V0YkZnemtyd3M0WVBmUiUyQktueDFhYVlGbGhUeXQzTW8zWGxMdyUzRCUzRA&tld=spybriefing.com&dy=1&fu=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&dtycbr=34019 HTTP 302
https://widget.us.criteo.com/event?a=94432&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=FcqTk18xRGs2WXlJNFRGZHpoUWpRdnpkRFMxbkMlMkJtMkZ5Y1dqZ2JFQVlNVHlOYjM5ZSUyRlJrcjMyZ1Q2NHRRQWNleTV5ZG1Va3VyMHJoVFRXQmt4TWpzb2V2UFVmQ0clMkIwYk9Ud0piOE1TemNGNG9BblhIM3ZPU0V0YkZnemtyd3M0WVBmUiUyQktueDFhYVlGbGhUeXQzTW8zWGxMdyUzRCUzRA&tld=spybriefing.com&dy=1&fu=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&dtycbr=34019

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-CLiWya1Po2NVU3f3Mgm0cFK1OQ4G9NxHzsj_jQ&google_cm&google_hm=ay1DTGlXeWExUG8yTlZVM2YzTWdtMGNGSzFPUTRHOU54SHpzal9qUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-CLiWya1Po2NVU3f3Mgm0cFK1OQ4G9NxHzsj_jQ&google_gid=CAESEL7wf69QiRo5jjXPACoo6XY&google_cver=1&google_ula=913071,0

Request Chain 150

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=YRTt4rWg9WkgBr5hO1EklaBZNUxCOH4H

Request Chain 155

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-gUBura1Po2NVU3f3Mgm0cFK1OQ4gZhkcVWRUhg HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-gUBura1Po2NVU3f3Mgm0cFK1OQ4gZhkcVWRUhg&verify=true

Request Chain 159

https://secure.adnxs.com/setuid?entity=52&code=k-QwjWyq1Po2NVU3f3Mgm0cFK1OQ4FYIt845WMuA&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-QwjWyq1Po2NVU3f3Mgm0cFK1OQ4FYIt845WMuA%26seg%3D95287

Request Chain 160

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7931250822918471892

Request Chain 164

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-KFWTg61Po2NVU3f3Mgm0cFK1OQ6-W-QMPFXyLQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-KFWTg61Po2NVU3f3Mgm0cFK1OQ6-W-QMPFXyLQ&C=1

Request Chain 165

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-h4iY8q1Po2NVU3f3Mgm0cFK1OQ4r2cMlLJOzbA&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-h4iY8q1Po2NVU3f3Mgm0cFK1OQ4r2cMlLJOzbA&expires=30&user_group=5

Request Chain 171

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-baIdg61Po2NVU3f3Mgm0cFK1OQ6Y8NC8tDGGhw HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-baIdg61Po2NVU3f3Mgm0cFK1OQ6Y8NC8tDGGhw

Request Chain 172

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-T1x_T61Po2NVU3f3Mgm0cFK1OQ69DKdC9hW_bA HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-T1x_T61Po2NVU3f3Mgm0cFK1OQ69DKdC9hW_bA&_li_chk=true&previous_uuid=ed06c5e18d7b4b47be4ed87edfc90b9c HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-T1x_T61Po2NVU3f3Mgm0cFK1OQ69DKdC9hW_bA

Request Chain 175

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-bSXZ7a1Po2NVU3f3Mgm0cFK1OQ7YAmK4TvOV2g&redirectId=69 HTTP 302
https://cdn.stickyadstv.com/one-shot/empty.gif

Request Chain 179

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7931250822918471892

181 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request sales-page-4977917816267594971791630527983778 Show response
cf.spybriefing.com/
Redirect Chain

https://links.spybriefing.com/a/1485/click/9349/165523/441d3f712b67c75a0551dcb3041bbb6ec813f91d/5a87b888d6f8f103142380318b74a8d93287aa1e
https://cf.spybriefing.com/carfighting-le
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

389 KB
39 KB

411ms
410ms

Document
text/html

2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

63ff3865a7ab8198634191b854c998bf9a867246ffb4329900f751ec95089fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, private
cf-cache-status: BYPASS
cf-ray: 718a7abaeb0f5b4a-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 09 Jun 2022 14:15:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
status: 200 OK
strict-transport-security: max-age=0
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: a8ca64811c93bba9a415581456f55859
x-runtime: 0.228002

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
cf-cache-status: EXPIRED
cf-ray: 718a7ab6dd5c5b4a-FRA
content-type: text/html; charset=utf-8
date: Thu, 09 Jun 2022 14:15:26 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
server: cloudflare
status: 302 Found
strict-transport-security: max-age=0
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 6e2632b46d20d00d81e4e232118f8216
x-runtime: 0.187084

GET
H2 200 lander.css
cf.spybriefing.com/assets/ 425 KB
70 KB 51ms
50ms Stylesheet
text/css 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.spybriefing.com/assets/lander.css

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 775
last-modified: Thu, 26 May 2022 21:52:55 GMT
server: cloudflare
etag: W/"628ff6b7-6a514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 718a7abd9e865b4a-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 09 Jun 2022 14:35:27 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.9.0/css/ 55 KB
13 KB 34ms
17ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11672219
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: R6NH4GJ7K569R50W
x-amz-id-2: UMzeQ4xVVEzkt+nMXUeDEUQvy+wpjX5qBC4xjuMDX2OaDkyj9B0Hmp1pqTpRuUYIak+jxrdXODQ=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eiVho2PfZeztxUnRHgiAvyK0unMQR3PX1Mptajy8l26kuwmmTskNCopHa%2BA1a95tvYkF7CJIHx3SsaJdBau5EfcNqI6CKBzKJ501GfKNNchjbpvUtAhxS4ZJxJce%2Fc6Ph5lzNP1d3rBrV0YE%2Bk6qQ9PO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 718a7abdba379231-FRA

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 26 KB
4 KB 38ms
22ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11672124
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: RB5BPRT48JBAE6TP
x-amz-id-2: gCI0BCd4N0Ze41wUUC9fQ5XlRt+jkrB7evHnqcM8HM5N2U+Yr/0Hi6JfxMBuYiohKnNmeTq+oho=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"e140a7d32f343530f016095df3cc2ae4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGp%2FeAB%2BUIQ9exgfsAmT7wN6OnfDKGev4QIfcz69MDE3yKI413910LCo3ZN1BOe2nO%2BQ35wRo25qiOlvcNpVq6RXdXg4XOmemZYLI7%2Fk44HnRBV0zDofUwofEwd0PsHFjGaZZBknDv13jwgRkjSPmR%2FQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 718a7abdba389231-FRA

GET
H2 200 css
fonts.googleapis.com/ 45 KB
3 KB 133ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e2885606820de818f23a4d95e72051f4b025951e38578740dac202462cf7dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:58:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 09 Jun 2022 14:15:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Jun 2022 14:15:27 GMT

GET
H2 200 application.js Show response
cf.spybriefing.com/assets/userevents/ 5 KB
2 KB 52ms
51ms Script
application/x-javascript 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.spybriefing.com/assets/userevents/application.js

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 418
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=FccJ4eJ.B6Ra9djnQ9qtmZfWSCzKqZGgtP31NhzUunk-1654784127-0-ART1-NmRMY8Fpht7usNXpfdhhDwmFhF8riipnacoNiFBsdFscekKICzFvun9ewXHGbdqnqfjwWZioYv0S4UyaOg
last-modified: Thu, 26 May 2022 21:52:55 GMT
server: cloudflare
etag: W/"628ff6b7-1353"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 718a7abdae8d5b4a-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 09 Jun 2022 14:35:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
39 KB 187ms
93ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-164010868-2

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cec2a729182e5d96055c73654d17990a0543ffa9134159a1b0b1c0d4dec02099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39822
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 14:15:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 146ms
52ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-459873033

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c2698cf6eb70b05240ee1df469915d4c4c33bc653bd4b4427b7c776c9c8c69bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43448
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 14:15:27 GMT

GET
H2 200 getTrackingCode Show response
kw493.infusionsoft.app/app/webTracking/ 7 KB
2 KB 224ms
180ms Script
text/javascript 2606:4700:4400::6812:24d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kw493.infusionsoft.app/app/webTracking/getTrackingCode

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65fe5c0c5a06bbf5841f03219a3cb5c120928a84ba31242b21357a0d466426a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 google
cache-control: no-cache, no-store
cf-ray: 718a7abdefe35c4a-FRA
vary: accept-encoding
x-xss-protection: 1; mode=block
expires: Thu, 09 Jun 2022 14:15:27 GMT

GET
H2 200 timezoneInputJs Show response
kw493.infusionsoft.com/app/timezone/ 601 B
778 B 231ms
191ms Script
text/javascript 2606:4700:4400::ac40:946f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kw493.infusionsoft.com/app/timezone/timezoneInputJs?xid=f4e7c818890795a52af78f8062d8f315

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:946f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00d334a19d88f3d2e38b960842f66f72cac7859e75c77374445bd592cc75dfcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
vary: accept-encoding
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 google
cache-control: no-cache, no-store
cf-ray: 718a7abdea65692b-FRA
expires: Thu, 09 Jun 2022 14:15:27 GMT

GET
H2 200 jquery-3.3.1.js Show response
kw493.infusionsoft.com/js/jquery/ 84 KB
30 KB 75ms
35ms Script
application/javascript 2606:4700:4400::ac40:946f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kw493.infusionsoft.com/js/jquery/jquery-3.3.1.js

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:946f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a36500e83ddd457e5e41c712041085e300b4f4bb1776488a6393433895ae05ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1431
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Jun 2022 10:31:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"85855-1654770712946"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: application/javascript;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=31552569
cf-ray: 718a7abdea68692b-FRA
expires: Fri, 09 Jun 2023 18:51:36 GMT

GET
H2 200 overwriteRefererJs Show response
kw493.infusionsoft.app/app/webform/ 202 B
890 B 218ms
175ms Script
text/javascript 2606:4700:4400::6812:24d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kw493.infusionsoft.app/app/webform/overwriteRefererJs

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbafd37b04603f38be311dca28a3e5ff54b8117a0bf6b56ba37674367c863dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
vary: accept-encoding
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 google
cache-control: no-cache, no-store
cf-ray: 718a7abdefe55c4a-FRA
expires: Thu, 09 Jun 2022 14:15:27 GMT

GET
H2 200 im-4.png
cf.spybriefing.com/hosted/images/f8/e93897e8f24ac39a5a026063d669ae/ 491 KB
492 KB 54ms
50ms Image
image/png 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/f8/e93897e8f24ac39a5a026063d669ae/im-4.png
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b4337c676312e00f11b5e884489a3d9e4ded93e334ce3ddb551fbf94b22f6e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
cf-cache-status: HIT
age: 1431
cf-polished: origSize=502857
content-length: 502672
last-modified: Tue, 20 Jul 2021 03:25:59 GMT
server: cloudflare
etag: "b7465fe25469a6d31e54fdeec6704d0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7abf287f5b4a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 closemodal.png
assets.clickfunnels.com/images/ 672 B
1 KB 118ms
71ms Image
image/webp 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.clickfunnels.com/images/closemodal.png

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 58128
cf-polished: origFmt=png, origSize=788
content-disposition: inline; filename="closemodal.webp"
content-length: 672
last-modified: Thu, 26 May 2022 21:52:55 GMT
server: cloudflare
etag: "628ff6b7-314"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 10 Jul 2022 14:15:27 GMT
cache-control: public, max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 718a7abf68639a3f-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj: imgq:100,h2pri

GET
H2 200 Carfighting-Story-Lead-2.png
cf.spybriefing.com/hosted/images/dd/e41ea4687a4acbbee3c13d75edc867/ 2 MB
2 MB 80ms
76ms Image
image/png 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/dd/e41ea4687a4acbbee3c13d75edc867/Carfighting-Story-Lead-2.png
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a006127f3ac3af107355ede29826abfa058fd2bf97f5ab9e49e38c36884af8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
cf-cache-status: HIT
age: 1431
cf-polished: origSize=1924576
content-length: 1920498
last-modified: Thu, 23 Dec 2021 19:26:53 GMT
server: cloudflare
etag: "8b20ef304ad4c90d76820a30cc752e7a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7abf28825b4a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Exceptional-Performance-Award-2005-768x593.jpg
cf.spybriefing.com/hosted/images/39/149c91952911e88d9e1de1d220cef3/ 44 KB
44 KB 75ms
71ms Image
image/jpeg 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/39/149c91952911e88d9e1de1d220cef3/Exceptional-Performance-Award-2005-768x593.jpg
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dab3de50e1ddfa138a0572ae7f02067f29b23ddead6fcd446114e23cbe558249

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
cf-cache-status: HIT
age: 1431
cf-polished: status=not_needed
content-length: 44753
last-modified: Wed, 01 Aug 2018 01:21:34 GMT
server: cloudflare
etag: "1cf261d5ec31a789026a38d38ce42e39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7abf28835b4a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 coins.jpg
cf.spybriefing.com/hosted/images/44/32080b28ac4f77b35a09b89b84a125/ 46 KB
46 KB 61ms
58ms Image
image/jpeg 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/44/32080b28ac4f77b35a09b89b84a125/coins.jpg
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e7db8a58e717a428cc1ef7503bc697bef2e68751f79e09ecef3bb03599fe747

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
cf-cache-status: HIT
age: 1431
cf-polished: status=not_needed
content-length: 47065
last-modified: Wed, 21 Apr 2021 03:58:40 GMT
server: cloudflare
etag: "6d00e31dfa25c1d45fbc0d4fa87ba860"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7abf28855b4a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 im-7.png
cf.spybriefing.com/hosted/images/59/f24834b7a24ba89fd2989d5a09dfca/ 48 KB
49 KB 59ms
55ms Image
image/png 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/59/f24834b7a24ba89fd2989d5a09dfca/im-7.png
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50ef2ba0ac1df3b199f3363b5870074528cda342a6ecead079a0e973705e554d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
cf-cache-status: HIT
age: 1431
cf-polished: origSize=49703
content-length: 49518
last-modified: Tue, 20 Jul 2021 03:41:29 GMT
server: cloudflare
etag: "cf1ffc8b56f3251cca97ae13e49036f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7abf28865b4a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 im-8.png
cf.spybriefing.com/hosted/images/bc/c218ee7a4c4e07b133ff4215491c36/ 90 KB
91 KB 66ms
63ms Image
image/png 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/bc/c218ee7a4c4e07b133ff4215491c36/im-8.png
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 559f7cd9a09fd3e5fecd298149ea6c2cf70a1082e391af9ffe6e70b133ce16c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
cf-cache-status: HIT
age: 1431
cf-polished: origSize=92555, status=webp_bigger
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=KPkiXZCoR5FOwxKON7BLbWa8JKCgzZ_2p3VboTwdjc4-1654784127-0-Aef-kocNWbIDYaRC5q6SKaXsRTt7t7l3e0v8RynVVLQov6SwdHo393DEepkwbCOH8lK5bG_E6c6Kt-A0pYkFRH0
content-length: 92297
last-modified: Tue, 20 Jul 2021 03:42:50 GMT
server: cloudflare
etag: "b5b0460d1d05b450bb810f61c9bbc68f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7abf28885b4a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 im-9.png
cf.spybriefing.com/hosted/images/2a/c9392b1fb446a8bf568685d1434c1e/ 665 KB
666 KB 62ms
59ms Image
image/png 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/2a/c9392b1fb446a8bf568685d1434c1e/im-9.png
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2095855bb7d7234482f92598b097576fe0cd42a6145e38d3d1ece32a76433add

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
cf-cache-status: HIT
age: 1431
cf-polished: origSize=680952
content-length: 680767
last-modified: Tue, 20 Jul 2021 03:45:08 GMT
server: cloudflare
etag: "a39c7ad0221fdbd8d44d41ce22f3962d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7abf288b5b4a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 QDC-BONUS-2.png
cf.spybriefing.com/hosted/images/fa/e66087bb1e43b68e1875d3f2e5fea2/ 271 KB
271 KB 66ms
64ms Image
image/png 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/fa/e66087bb1e43b68e1875d3f2e5fea2/QDC-BONUS-2.png
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8276765a27484dcb04805218f99cfdbaa5256ae24350382f1b187798ff16f75f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
cf-cache-status: HIT
age: 1431
cf-polished: origSize=277440
content-length: 277271
last-modified: Tue, 13 Jul 2021 13:33:50 GMT
server: cloudflare
etag: "f387325bc155effcdbec352edf3c9fea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7abf288c5b4a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 im-12.png
cf.spybriefing.com/hosted/images/0c/e2b953954c4e959a63b4af34ea5c38/ 247 KB
248 KB 41ms
38ms Image
image/png 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/0c/e2b953954c4e959a63b4af34ea5c38/im-12.png
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f784e4a8bb0cee3ec5be0a59c80631ce8375c1070a7b7b3d9924df6dcbe006f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
cf-cache-status: HIT
age: 1431
cf-polished: origSize=253503
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=jEq4et2poJCzYZg9prnFB_hqWR2ChFgeNOEhZM.FoJA-1654784127-0-AR2_l9N5TRDqYaSbKR2J2Z9kkdrRt95hUnuIJaArWfEFtPr3u9Cc3cbf-xkUcFIWwJL9pZSOQmNLf0kPgcpdGQI
content-length: 253318
last-modified: Tue, 20 Jul 2021 04:34:43 GMT
server: cloudflare
etag: "fc1ebc775a3a4fed8437f3a75f1db5b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7abf288e5b4a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 im-13.png
cf.spybriefing.com/hosted/images/b3/2d7db65a7e457bbfbe340510f0c566/ 290 KB
291 KB 74ms
72ms Image
image/png 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/b3/2d7db65a7e457bbfbe340510f0c566/im-13.png
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19e30a7d52bf395dc0ab88b8d1fc9f969923c23d3099ab5749a924d6218509dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
cf-cache-status: HIT
age: 1431
cf-polished: origSize=297582
content-length: 297397
last-modified: Tue, 20 Jul 2021 04:55:50 GMT
server: cloudflare
etag: "736098a9d063f1324c6439ba9fa5081e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7abf28915b4a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 im-14.png
cf.spybriefing.com/hosted/images/d6/53fc0f64ea4a9f82383775a191739e/ 93 KB
94 KB 77ms
75ms Image
image/png 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/d6/53fc0f64ea4a9f82383775a191739e/im-14.png
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fb3605148bef5e3a620bb845ed7883d8431f4fb95e15203b9451d243ebb28ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
cf-cache-status: HIT
age: 1431
cf-polished: origSize=95794
content-length: 95609
last-modified: Tue, 20 Jul 2021 05:16:44 GMT
server: cloudflare
etag: "7c62d5a0e5820db91e39984907803605"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7abf38965b4a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 css
fonts.googleapis.com/ 5 KB
810 B 45ms
45ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%7CRoboto%7COpen+Sans%7COpen+Sans%7C

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d879cce1d3b8d492e394e9be9e78042509f0d46aac16250c43cace3782a5a55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 14:15:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 09 Jun 2022 14:15:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Jun 2022 14:15:27 GMT

GET
H2 200 lander.js Show response
cf.spybriefing.com/assets/ 2 MB
663 KB 57ms
57ms Script
application/x-javascript 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.spybriefing.com/assets/lander.js

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

025e4337e3c0b187ad9311ba6245f342852379ba27ea3e0ed63b6ad2d13ceb17

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 675
last-modified: Thu, 26 May 2022 21:54:43 GMT
server: cloudflare
etag: W/"628ff723-238a19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 718a7abf186e5b4a-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 09 Jun 2022 14:35:27 GMT

GET
H2 200 mailcheck.min.js Show response
app.clickfunnels.com/ 3 KB
2 KB 103ms
75ms Script
application/x-javascript 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/mailcheck.min.js

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 5609
last-modified: Thu, 26 May 2022 21:52:55 GMT
server: cloudflare
etag: W/"628ff6b7-a8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 718a7abf591e9963-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 pushcrew.js Show response
cf.spybriefing.com/assets/ 637 B
459 B 38ms
36ms Script
application/x-javascript 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.spybriefing.com/assets/pushcrew.js

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 39
last-modified: Thu, 26 May 2022 21:52:54 GMT
server: cloudflare
etag: W/"628ff6b6-27d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 718a7abf38985b4a-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 09 Jun 2022 14:35:27 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 96ms
61ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://cf.spybriefing.com/
Origin: https://cf.spybriefing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 718a7abf5ac09001-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: +pI25IHsLHZJz9nEashUKRSAn53OuLPtR35CjWT9lDcVpKNzyvUSpbwTahoZ6VvwpQf8Yhkpt/B1RW2srBl+pg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Thu, 09 Jun 2022 14:15:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 a1Rnre.js Show response
tag.segmetrics.io/ 75 KB
26 KB 92ms
17ms Script
application/javascript 13.32.27.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.segmetrics.io/a1Rnre.js
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21c7a27fce9ba250a5907d9af97c2617de9e63ff5495f126322c99743fd4a696

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:33:55 GMT
content-encoding: gzip
last-modified: Sun, 15 May 2022 00:03:05 GMT
server: AmazonS3
age: 42092
etag: W/"d255e66565912d3e5ab61f76a158291b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: Qv-U9Fkb2DuZ85prohXToVAOmrmysS63A7q_3i-2efF2GW-eLoMmvA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 329 KB
112 KB 221ms
130ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9df94f424b937ac31ae0168e18842f8f2488e98629996a3eaf95614f2940cb5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114532
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 14:15:27 GMT

GET
H2 200 main-bg.jpg
cf.spybriefing.com/hosted/images/09/28b200b05911e88deee167a372312d/ 2 KB
2 KB 53ms
53ms Image
image/jpeg 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/09/28b200b05911e88deee167a372312d/main-bg.jpg
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e3a28df51924c57892c425cf0e17f6509339c8c90c86f9aa71279d3295e66b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:27 GMT
cf-cache-status: HIT
age: 1431
cf-polished: status=not_needed
content-length: 1570
last-modified: Tue, 04 Sep 2018 15:41:52 GMT
server: cloudflare
etag: "9de988dd02676a54ff16f31f7a576289"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7abf389b5b4a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 60cqUPxYThY
www.youtube.com/embed/ Frame 16C7 0
0 195ms
94ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 09 Jun 2022 14:15:28 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 130ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cf.spybriefing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 225798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 23:32:09 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.9.0/webfonts/ 74 KB
74 KB 224ms
206ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Origin: https://cf.spybriefing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:28 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GJ7GST7708PVCCJJ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75440
x-amz-id-2: OpT7WNNTKq3hjqDRqJPq0i6eEdcKfi8tp3EhRSEF29J7PE92PYBe39OiJN/kWzqxHsjw3Y29wfw=
last-modified: Wed, 30 Jun 2021 15:48:27 GMT
server: cloudflare
etag: "b5cf8ae26748570d8fb95a47f46b69e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sV5mj0Azu1R1%2FAqUD93DYUkelGguNx9jqR%2BfLKk0t31U5WBDrWJj5ZqlLdotXXxsmBxRg8rNsB5oJWXVNidVvBh3dI2TgAyDS7XeqTUDxKOElgKidKiOfC5kB%2BVsMkVVlWEDVJlahYrJzfpQBPrF7grd"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 718a7abf7a3292c5-FRA

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 16 KB
16 KB 83ms
83ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%7CRoboto%7COpen+Sans%7COpen+Sans%7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cf.spybriefing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 19:06:05 GMT
x-content-type-options: nosniff
age: 241763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16720
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 19:06:05 GMT

GET
H3 200 321845198590810 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 79ms
68ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/321845198590810?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

09ffdb3e6d22186867640de565afd309cde6d1727665826093f161ea4ae0da8e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: /W0ltUmxRiogyLLOt2O2u6aF+6VLOsyCTPfxkCyGGhs8xocY7hG6/YiTsGqBxJcOrPNGDfs2uZllZnsv6H9Dig==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 09 Jun 2022 14:15:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1654784128126
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 vendor.js Show response
cf.spybriefing.com/ 18 KB
6 KB 170ms
169ms Script
application/javascript 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.spybriefing.com/vendor.js

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:28 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 200 OK
strict-transport-security: max-age=0
x-request-id: b773230f29152b13cab0b0c00a94d7fc
x-runtime: 0.014372
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, public
access-control-allow-credentials: true
cf-ray: 718a7ac16b475b4a-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: fresh

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 162 KB
53 KB 50ms
21ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f60126adef3f76bf6db4a26fd70b1c2d7c758d3307866883ac7bcf0a456b9aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93622
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Apr 2022 08:24:39 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"28691-5dce97dc888a0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQ4kKB%2Fhz5FTwTIG3M9j02tO2kjx0mk42iM81y8ErgODZXva2Qm2dzOdcrGeApiIWyPIBU7Dk%2B4e0oda7aw%2FcesgC9dCznQbwUt6VflFv%2BpxPzAsiVHvH0jhVXi%2FAvzOiJP40Kwk8WsdlKde987ifqM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding,User-Agent
cache-control: max-age=2678400
access-control-allow-credentials: true
cf-ray: 718a7ac19ce0925f-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,C$
expires: Fri, 08 Jul 2022 12:15:06 GMT

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
307 B 252ms
223ms XHR
text/html 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=R1NlZ1h4YjB4TFh3T25ucXYzWm5oQT09LS1EY2FNOTJJaFBWdzdTNVp0c0JQL0hRPT0%3D--17ed425227a25116fd086ad6d264666246e82f6c&page_id=RkFRK0tMeXQyMktCWlNnUlU1N25OZz09LS1yeEdvWkhxTnA1bVVtcFlHQXpHNVJ3PT0%3D--ae11c1a261957075f63748a09a37326869a44c8d&funnel_step_id=NW5pamc4VGZXY0dsZVVkd3h2OTZRUT09LS1Kb29ybVErZzY5WHJzK2xoclUyQU13PT0%3D--1c5ea1025c527ee9609df484d170974085a7e00e&user_id=emJWZjZETENBdWk1VnNTVEdEVE5NQT09LS02SE5RdCtCR29oVldYaXYzNmhoKzBnPT0%3D--c6ad58981323a84fdbf90cd08856d8731c556a0f&account_id=MjVTY0FMSHBhdVdsa1FaUWYxNXl0QT09LS0xd1NHQkt3a1lpQlNzNGFoUjRUMUFRPT0%3D--7efd73c4fca8745064d0b03d52793549e070ebbf&page_code=NDk3NzkxNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=a8272d42-649d-43fb-b7af-1c5abc3abc5f&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:28 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: 2283f8fae0901983c5bbef7fd6498a25
x-runtime: 0.031704
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 718a7ac1cd659259-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
331 B 2241ms
2213ms XHR
text/html 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=R1NlZ1h4YjB4TFh3T25ucXYzWm5oQT09LS1EY2FNOTJJaFBWdzdTNVp0c0JQL0hRPT0%3D--17ed425227a25116fd086ad6d264666246e82f6c&page_id=RkFRK0tMeXQyMktCWlNnUlU1N25OZz09LS1yeEdvWkhxTnA1bVVtcFlHQXpHNVJ3PT0%3D--ae11c1a261957075f63748a09a37326869a44c8d&funnel_step_id=NW5pamc4VGZXY0dsZVVkd3h2OTZRUT09LS1Kb29ybVErZzY5WHJzK2xoclUyQU13PT0%3D--1c5ea1025c527ee9609df484d170974085a7e00e&user_id=emJWZjZETENBdWk1VnNTVEdEVE5NQT09LS02SE5RdCtCR29oVldYaXYzNmhoKzBnPT0%3D--c6ad58981323a84fdbf90cd08856d8731c556a0f&account_id=MjVTY0FMSHBhdVdsa1FaUWYxNXl0QT09LS0xd1NHQkt3a1lpQlNzNGFoUjRUMUFRPT0%3D--7efd73c4fca8745064d0b03d52793549e070ebbf&page_code=NDk3NzkxNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=285fed4d-85aa-40ba-846b-5811e84571af&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:30 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: dd62bb6beb1321f8136828ac85c9eeb8
x-runtime: 0.045202
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 718a7ac1cd689259-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
813 B 247ms
219ms XHR
text/html 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=R1NlZ1h4YjB4TFh3T25ucXYzWm5oQT09LS1EY2FNOTJJaFBWdzdTNVp0c0JQL0hRPT0%3D--17ed425227a25116fd086ad6d264666246e82f6c&page_id=RkFRK0tMeXQyMktCWlNnUlU1N25OZz09LS1yeEdvWkhxTnA1bVVtcFlHQXpHNVJ3PT0%3D--ae11c1a261957075f63748a09a37326869a44c8d&funnel_step_id=NW5pamc4VGZXY0dsZVVkd3h2OTZRUT09LS1Kb29ybVErZzY5WHJzK2xoclUyQU13PT0%3D--1c5ea1025c527ee9609df484d170974085a7e00e&user_id=emJWZjZETENBdWk1VnNTVEdEVE5NQT09LS02SE5RdCtCR29oVldYaXYzNmhoKzBnPT0%3D--c6ad58981323a84fdbf90cd08856d8731c556a0f&account_id=MjVTY0FMSHBhdVdsa1FaUWYxNXl0QT09LS0xd1NHQkt3a1lpQlNzNGFoUjRUMUFRPT0%3D--7efd73c4fca8745064d0b03d52793549e070ebbf&page_code=NDk3NzkxNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=37b754e3-28bb-4b63-b79f-e409c009ba92&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:28 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: f6dc3cd56992381aa088f9f6c9bb7ce8
x-runtime: 0.032250
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 718a7ac1cd6a9259-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H3 200 iframe_api Show response
www.youtube.com/ 980 B
514 B 138ms
58ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/lander.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46f9d86045547e75575813d1014a355655ea9428ceea6df6ece84a9d6ff30c26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 09 Jun 2022 14:15:28 GMT

GET
H3 200 60cqUPxYThY Show response
www.youtube.com/embed/ Frame 1EA3 57 KB
25 KB 170ms
98ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/lander.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a75430816a2fece641d3a899cde981419e436bd532f7fddfa06da700cda20171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 09 Jun 2022 14:15:28 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET /
track.addevent.com/atc/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 22ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=321845198590810&ev=PageView&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&rl=&if=false&ts=1654784128465&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1654784128464.766849069&it=1654784128052&coo=false&exp=p1&rqm=GET

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 09 Jun 2022 14:15:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 122ms
36ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-164010868-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2442
date: Thu, 09 Jun 2022 13:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 09 Jun 2022 15:34:46 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 131ms
52ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-459873033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15069
x-xss-protection: 0
server: cafe
etag: 11223643544955582496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Jun 2022 14:15:28 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 198 KB
70 KB 148ms
66ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1YZK2FN9X9&l=cDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8757603bc119b7e908c740d0bfd6aa494f5a51f417f02da96da525d863b05727

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71919
x-xss-protection: 0
expires: Thu, 09 Jun 2022 14:15:28 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 33ms
7ms Script
application/javascript 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:28 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 16 Jun 2022 14:15:28 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 205ms
111ms Script
application/javascript 2a02:26f0:3500:887::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:887::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 C4F968F0-90C1-4C34-89CF-15D8B4DE20B8.js Show response
ndn.statistinamics.com/cstnxtm/ 498 B
631 B 326ms
98ms Script
application/javascript 67.205.176.157
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ndn.statistinamics.com/cstnxtm/C4F968F0-90C1-4C34-89CF-15D8B4DE20B8.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.205.176.157 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: statistinamics.com
Software: openresty /
Resource Hash: d093eeff8b86d94c0f65ea0b61fe2d1e84a43c99e3a3d0d1c8a683933c768e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:28 GMT
cache-control: max-age=0
server: openresty
content-type: application/javascript
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK tag_gen.js Show response
a.exoclick.com/ 1 KB
935 B 84ms
15ms Script
application/javascript 2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.exoclick.com/tag_gen.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 07d5e5f440ca5ac95ca64e9e9bfd61f0feece6a0e7c3c0f5a42d673da490c7d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:15:28 GMT
Content-Encoding: gzip
Server: nginx
etag: W/"599a9242165611ea099e1938f18"
X-HW: 1654784128.dop125.am5.t,1654784128.cds220.am5.shn,1654784128.cds220.am5.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 521

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 15 KB
5 KB 163ms
118ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1654784128509
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8098c6938d10947bf06e59e59b684daf1ef70c1e520bd7e6d4d85e28ee94f00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: e570c0e7-7023-4340-9db6-332f37ff5b43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 718a7ac37e669969-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare

GET
H2 200 mgsensor.js Show response
a.adskeeper.co.uk/ 15 KB
5 KB 198ms
154ms Script
application/javascript 104.18.27.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.adskeeper.co.uk/mgsensor.js?d=1654784128509
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2132a4328a5491a19eaa05be8842450315c338ed54cbcf4009c77e10fd56307

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:28 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 09 Jun 2022 14:15:28 GMT
x-mg-request-uuid: 0036272c-139f-4a2f-bc3e-3e4b0d12ac20
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 718a7ac3788b68fe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expires: Thu, 09 Jun 2022 18:15:28 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 21 KB
8 KB 52ms
24ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 9fe8a8e2261e527d5b294b5cd8781b93cecf8223e22ba45630345578599cf308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:28 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 7452
via: 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-id: vG9GRuZd-mwFSPbQ_97V5ZUmPD2tNXxF0P34J0f3g9e0blO5tJtQ6g==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 146 KB
42 KB 125ms
98ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 216164d79ec2c38d34fd4e09557abc30fb551386332a294cbdf48b8a0225f44c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:28 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202206091415280100020060050050060030000FE36941
vary: Accept-Encoding
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 91,23.36.161.200
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba56eda303ee4d4c48701a9a92d1f0badb0e33b9ae11f0061df508774ffa507468c62a5f636eb0585fe732c13a46e833fec0fa83959ec08a57f94c1b55cdfdcedb4671068fbb7cb7f6d4a403dc679ea69c
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=91
x-akamai-request-id: c3acc86e
expires: Thu, 09 Jun 2022 14:15:28 GMT

GET
H2 200 conv.js Show response
web.adblade.com/js/ads/async/ 565 B
509 B 312ms
101ms Script
application/javascript 3.214.237.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://web.adblade.com/js/ads/async/conv.js
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/lander.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.237.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-237-192.compute-1.amazonaws.com
Software: /
Resource Hash: 116e677ce1f72ac9525e2e6cd8d26a005c4dd4ba515fb8309023b2f0a2b3397a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:28 GMT
content-encoding: gzip
content-type: application/javascript; charset=UTF-8

GET
H/1.1 400
Bad Request postback
visit.prayfashion.com/ 0
0 181ms
14ms Image
application/json 85.17.54.17
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visit.prayfashion.com/postback?clickid=undefined&type=RT_View_Content
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 85.17.54.17 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H/1.1 404
Not Found postback
visit.prayfashion.com/ 0
0 157ms
15ms Image
application/json 85.17.54.17
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visit.prayfashion.com/postback?clickid=null&type=RT_View_Content&gtmcb=45933141
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 85.17.54.17 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H2 200 imps.php
pixel.adblade.com/ 43 B
362 B 318ms
108ms Image
image/gif 52.45.50.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.adblade.com/imps.php?sgms=18028

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.50.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-50-106.compute-1.amazonaws.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="http://www.adblade.com/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-vendor: Adiant LLC | Adiant | http://www.adiant.com
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
x-xss-protection: 1; mode=block

GET
H2 200 beacon
r.turn.com/r/ 43 B
398 B 122ms
33ms Image
image/gif 2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?b2=KPANJjDjVHhDAfytnJEyTA8FukT5N393lmvJwNpKK7_6hJpIghfb409_LNc9xlydBXybU_N7H6Fx2I53UJoQfQ&cid=
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:27 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

blank.gif
rdcdn.com/images/
Redirect Chain

https://rdcdn.com/rt?aid=19177&e=1&img=1
https://rdcdn.com/eow
https://rdcdn.com/images/blank.gif

42 B
198 B

96ms
96ms

Image
image/gif

44.196.167.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdcdn.com/images/blank.gif
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Server: 44.196.167.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-167-20.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:29 GMT
last-modified: Thu, 23 Dec 2021 21:40:22 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "0e70b045f8d71:0"
content-length: 42
content-type: image/gif

Redirect headers

date: Thu, 09 Jun 2022 14:15:29 GMT
x-aspnetmvc-version: 4.0
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-type: text/html; charset=utf-8
location: https://rdcdn.com/images/blank.gif
cache-control: private
content-length: 151

GET
H2 200 rev.js Show response
assets.revcontent.com/master/ 26 KB
10 KB 76ms
18ms Script
application/x-javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/rev.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 894694eee28fc463a83875d519e70afaf5f40ac7c042d6114c4ee86d156b4067

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:28 GMT
content-encoding: gzip
last-modified: Wed, 09 Oct 2019 15:23:49 GMT
server: AmazonS3
x-amz-request-id: R8Q7ENC3391KEWPD
etag: "46482d4733f3f6c1f93601a6274bc264"
x-hw: 1654784128.cds299.am5.hn,1654784128.cds128.am5.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 9617
x-amz-id-2: /5y0iCVM8uRb6LFilxY48ZiRiO7sNtRXOaNpyaAK4yC4rfm5NYEihz5mCqUyOYVEuG91wIs0yQ4=

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/d97f25df/www-widgetapi.vflset/ 158 KB
51 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d97f25df/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29fcbc25a1308651702f73d6d3b4d8c2c303ae8305e9bcae3ddf2ecad32e144d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 13:57:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1055
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52368
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 00:20:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 09 Jun 2023 13:57:53 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/d97f25df/ Frame 1EA3 338 KB
46 KB 39ms
38ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d97f25df/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a8aed2402fa5b8c06158b9712611bcb35bfa05512e69dca5647fd43a712c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 15:52:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80577
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47569
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 00:20:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 08 Jun 2023 15:52:31 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/d97f25df/www-embed-player.vflset/ Frame 1EA3 303 KB
94 KB 76ms
74ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d97f25df/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc5861e1b68d39ff2658b154db037e0ab20aeb049bfb251221afee115ea54c31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 15:52:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80577
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95976
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 00:20:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 08 Jun 2023 15:52:31 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/d97f25df/player_ias.vflset/de_DE/ Frame 1EA3 2 MB
533 KB 92ms
90ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d97f25df/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49ceed1873b2c802ce86b551569c99ad4000f63a197a991d1521514ecbd84ca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 15:52:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80577
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 546126
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 00:20:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 08 Jun 2023 15:52:31 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d97f25df/fetch-polyfill.vflset/ Frame 1EA3 9 KB
3 KB 91ms
89ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d97f25df/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 15:52:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80577
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 00:20:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 08 Jun 2023 15:52:31 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1EA3 15 KB
15 KB 116ms
38ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 183443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Jun 2023 11:18:05 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 128ms
56ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1663961050&t=pageview&_s=1&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&ul=en-us&de=UTF-8&dt=Carfighting%20Video&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1513669930&gjid=1835012520&cid=645995395.1654784129&tid=UA-164010868-2&_gid=679945168.1654784129&_r=1&gtm=2ou660&z=1328097678

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cf.spybriefing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 122ms
56ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1663961050&t=pageview&_s=1&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&ul=en-us&de=UTF-8&dt=Carfighting%20Video&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=396762334&gjid=1794943572&cid=645995395.1654784129&tid=UA-217947897-1&_gid=679945168.1654784129&_r=1&gtm=2wg660KP3XJLJ&z=955406267

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cf.spybriefing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10864675517/ 2 KB
2 KB 136ms
53ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10864675517/?random=1654784128738&cv=9&fst=1654784128738&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&tiba=Carfighting%20Video&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42a4d0131b2ef66f4ed10e40b454c71c277e62f5f1c920dc7b413ad80ec7bb7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1044
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/459873033/ 2 KB
1 KB 135ms
53ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/459873033/?random=1654784128741&cv=9&fst=1654784128741&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&tiba=Carfighting%20Video&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

079f102ce0b917d17ffa6681bb830b0c03a2185bffdafd1c6dbdfe290f77beaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1064
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-N9U2JGvJG8HTY.js Show response
rules.quantcount.com/ 2 B
354 B 40ms
10ms Script
application/javascript 2600:9000:223e:0:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-N9U2JGvJG8HTY.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:0:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 13:51:37 GMT
via: 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
server: AmazonS3
age: 1430
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 2
x-amz-cf-id: eFCysFh-Ln76AoplxkCnddzCx_GZqhCiLQF9KygqX8YCOzwbMg9rXg==

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 120ms
119ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:28 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022060914152801000200600500500600301401AD83BA
vary: Accept-Encoding
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 112,23.36.161.200
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba56eda303ee4d4c48701a9a92d1f0badb2d9967feb00a26e22f0e0ad9d9dcbbd941d7c61177e280699cce18d5ebd55042d7acea0e4101f2f12653abfa648f203c7d6e8f83d8eb9da7e44320a172483029
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=112
x-akamai-request-id: c3accc12
expires: Thu, 09 Jun 2022 14:15:28 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
580 B 133ms
133ms Ping
application/octet-stream 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:28 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202206091415280100020076370040050060030060A7C06B1
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 116,23.36.161.200
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba56eda303ee4d4c48701a9a92d1f0badb91af3c502e9ef5df4d11be37d2287a32a4099633614884997c68c26503e3cbb9ce3de980dcd10b1fab6867d9dee932a5e46c630fbfb50f1af9f555077fde6498
server-timing: inner; dur=21, cdn-cache; desc=MISS, edge; dur=0, origin; dur=116
x-akamai-request-id: c3acccac
content-length: 0
expires: Thu, 09 Jun 2022 14:15:28 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
719 B 134ms
133ms Ping
application/octet-stream 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 49677306.c3acccb6
date: Thu, 09 Jun 2022 14:15:28 GMT
x-cache-remote: TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 118,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=31, inner; dur=25
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202206091415280100020076370040050060030170CBA5C02
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 31,23.220.104.8
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cbacf7f5be9b9a2fc19a5408cca7115c51e6ac326ad4189da6b7542f39075529bbecd40a94a397440665947df8aab03afa0f501be009cce69cc21543cb7fd3b5fc8aaba4886db12e3f70fb598250e72358e7744cd79726f1db8945dc5d6802190c7
expires: Thu, 09 Jun 2022 14:15:28 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
716 B 136ms
135ms Ping
application/octet-stream 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 77e81d10.c3acccb9
date: Thu, 09 Jun 2022 14:15:28 GMT
x-cache-remote: TCP_MISS from a23-220-104-11.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 125,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=36, inner; dur=34
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220609141528010002006005005006003028127D0F70
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 36,23.220.104.11
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cbacf7f5be9b9a2fc19a5408cca7115c51eecf9fd28433056b26f7d639fa15cbad4c0f6eb376f7131205e6fa47ea0b2ba7798418e2eaebbf5b20f56beca8b8699c8e8ba9be149628a089d2a2fb0dbf16afb59572e9200514925a52391c8c4fb20d3
expires: Thu, 09 Jun 2022 14:15:28 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
724 B 173ms
172ms Ping
application/octet-stream 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5d4fe5c2.c3acccc5
date: Thu, 09 Jun 2022 14:15:28 GMT
x-cache-remote: TCP_MISS from a104-96-220-135.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 158,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=70, inner; dur=69
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202206091415280100020076370040050060030220ECD4E7D
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 70,104.96.220.135
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cbacf7f5be9b9a2fc19a5408cca7115c51e6de36fff590b172fbf93403df8a2aa238b63e40ad731a38c0b778adb64473ee57cc814f1095f8b3510ef5e1717dc296f993497b2a4e70ba5ee56960576bbdf876fa738bdfe604aceb83823dd56bd6fde
expires: Thu, 09 Jun 2022 14:15:28 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
718 B 148ms
148ms Ping
application/octet-stream 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5d4fe377.c3acccc9
date: Thu, 09 Jun 2022 14:15:28 GMT
x-cache-remote: TCP_MISS from a104-96-220-135.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 134,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=33, inner; dur=16
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202206091415280100040030077350020650F77A392
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 33,104.96.220.135
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cbacf7f5be9b9a2fc19a5408cca7115c51e6de36fff590b172fbf93403df8a2aa2312d1f5cae16e2941fcc8f7be133b3605a3097e8a0cc7988a9c9ff90cd3001f6f1b1120f1501dcaadc35a437686a24dd75a6e38a22f7cfe9513515bde3d8203be
expires: Thu, 09 Jun 2022 14:15:28 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
573 B 143ms
143ms Ping
application/octet-stream 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:28 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022060914152801000400500600302310CE493A
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 129,23.36.161.200
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba56eda303ee4d4c48701a9a92d1f0badb6e7cac3e84794a85b6e5560a546daeb0333c13360662370ca31deb50cef07a458707fd837df8aa7fe1156325a6f57c63f1001e0b25ec75d163855c1fe4740e6e
server-timing: inner; dur=41, cdn-cache; desc=MISS, edge; dur=0, origin; dur=129
x-akamai-request-id: c3accccc
content-length: 0
expires: Thu, 09 Jun 2022 14:15:28 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 868 B
1 KB 119ms
118ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C86L4GL8U2K62KB9IPVG&hostname=cf.spybriefing.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2e08628dfbdeb5fe6ccc883c071f5fc3da5b9f94f2747d9352d2ae91261bb9cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-akamai-request-id: c3acccd2
date: Thu, 09 Jun 2022 14:15:28 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=95
content-length: 346
pragma: no-cache
server: nginx
x-tt-logid: 202206091415280100040030077350020641277A6D4
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 95,23.36.161.200
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba56eda303ee4d4c48701a9a92d1f0badbb35c4dfa2acff96e6ade62e32d1ed4bb6818ecc4c2c61fff6f89e7a2326a493737579948cd21a86b1395d8f841294ec97abf0514b0f2013bacbf6cf583f8641b
expires: Thu, 09 Jun 2022 14:15:28 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
577 B 139ms
139ms Ping
application/octet-stream 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:28 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202206091415280100020060050050060030240901623E
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 125,23.36.161.200
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba56eda303ee4d4c48701a9a92d1f0badb23132177b0d0f964fbf3a637311517b13449a1043251ecc0c4496ad7bcabefe7a3c8079c45a7f3d9dbdf7bd78ee0d95c379667d4905772e086f49d8e3e915305
server-timing: inner; dur=32, cdn-cache; desc=MISS, edge; dur=0, origin; dur=125
x-akamai-request-id: c3acccd7
content-length: 0
expires: Thu, 09 Jun 2022 14:15:28 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
715 B 166ms
166ms Ping
application/octet-stream 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7391c18f.c3acccda
date: Thu, 09 Jun 2022 14:15:28 GMT
x-cache-remote: TCP_MISS from a23-220-104-5.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 152,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=59, inner; dur=38
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022060914152801000200300500600300604D4DA66
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 59,23.220.104.5
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cbacf7f5be9b9a2fc19a5408cca7115c51e826f05f909c2735e2f2f43f085b6b7b7ad28aa86646b876c0e14913d7d7b6cbe2c6064211288bd06081dc4cd36593873e64459cfd0338dcd7eb073ab22aba98cfa7e5203bf02aa0f45cbd4495f6691ed
expires: Thu, 09 Jun 2022 14:15:28 GMT

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 112ms
112ms Script
application/javascript 2a02:26f0:3500:887::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:887::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18298
access-control-expose-headers: X-CDN

GET
H3 200 1x1.gif
a.mgid.com/ 43 B
273 B 135ms
116ms Image
image/gif 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=697885&type=c&tg=&r=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1654784128826
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 718a7ac54fb69a0b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
191 B 141ms
25ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=dcac7434-c37f-428b-b940-285ccbce8757

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

40c5a0b55c7388ca4e499a0d3b42fc8c1895c9a3bbd4968f4c9d0d6ec2774b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:28 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://cf.spybriefing.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 64 B
439 B 140ms
24ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=dcac7434-c37f-428b-b940-285ccbce8757&tld=com

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

58a1eb62728fc1e7bd7ad259d095189c0c4707b2d9077eacb11c36bf5886e6b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:28 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://cf.spybriefing.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H3 200 1x1.gif
a.adskeeper.co.uk/ 43 B
358 B 263ms
232ms Image
image/gif 104.18.27.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.adskeeper.co.uk/1x1.gif?id=697873&type=c&tg=&r=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1654784128872
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.27.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:29 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Jun 2022 14:15:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 718a7ac5bf329950-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 09 Jun 2022 18:15:29 GMT

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 1766 0
294 B 85ms
26ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=dcac7434-c37f-428b-b940-285ccbce8757

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 09 Jun 2022 14:15:28 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 77ms
18ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-217947897-1&cid=645995395.1654784129&jid=396762334&gjid=1794943572&_gid=679945168.1654784129&_u=YEDAAUABAAAAAC~&z=1438793553

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 09 Jun 2022 14:15:28 GMT
content-type: text/plain
access-control-allow-origin: https://cf.spybriefing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 77ms
18ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-164010868-2&cid=645995395.1654784129&jid=1513669930&gjid=1835012520&_gid=679945168.1654784129&_u=YEBAAUAAAAAAAC~&z=780065586

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 09 Jun 2022 14:15:28 GMT
content-type: text/plain
access-control-allow-origin: https://cf.spybriefing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 C4F968F0-90C1-4C34-89CF-15D8B4DE20B8.js Show response
ndn.statistinamics.com/cstnxtm/ 114 B
432 B 118ms
118ms Script
application/javascript 67.205.176.157
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ndn.statistinamics.com/cstnxtm/C4F968F0-90C1-4C34-89CF-15D8B4DE20B8.js?_uuid=53f3c7cf-d888-44cf-b64e-c73499a0c6e7&lsgrg=&l=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&r=
Requested by: Host: ndn.statistinamics.com
URL: https://ndn.statistinamics.com/cstnxtm/C4F968F0-90C1-4C34-89CF-15D8B4DE20B8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.205.176.157 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: statistinamics.com
Software: openresty /
Resource Hash: fb35a034a4ff7503c18a34b0d51b486451f688bcf99e24760c27fa7ce0dff02d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:28 GMT
cache-control: max-age=0
server: openresty
content-type: application/javascript
etag: 4FC60FEC-F512-45E7-806C-2E897F109E99
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 orders_t.php
web.adblade.com/ 43 B
361 B 101ms
100ms Image
image/gif 3.214.237.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.adblade.com/orders_t.php?id=63904&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&rnd=1654784128935

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.214.237.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-214-237-192.compute-1.amazonaws.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="http://www.adblade.com/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-vendor: Adiant LLC | Adiant | http://www.adiant.com
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
x-xss-protection: 1; mode=block

GET
H2 200 773c9580-7340-013a-c4ab-06a60fe5fe77 Show response
tag.simpli.fi/sifitag/ 3 KB
4 KB 80ms
30ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/773c9580-7340-013a-c4ab-06a60fe5fe77?referer=

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/lander.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

b5027926c44361f7719bdbbd6a0fb781e13842229b6ca68e38732b6fa40c6aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Thu, 09 Jun 2022 14:15:29 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3101
x-request-id: Fvb5Zd1tX9xF6kELuF0h
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pixel;r=1546749561;source=gtm;rf=0;a=p-N9U2JGvJG8HTY;url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778;uht=2;fpan=1;fpa=P0-1985166819-1654784128939;pbc=;ns=0;ce=1...
pixel.quantserve.com/ 35 B
371 B 40ms
18ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1546749561;source=gtm;rf=0;a=p-N9U2JGvJG8HTY;url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778;uht=2;fpan=1;fpa=P0-1985166819-1654784128939;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=spybriefing.com;je=0;sr=1600x1200x24;dst=0;et=1654784128939;tzo=0;ogl=image.%2Ctitle.Carfighting%20Video%2Cdescription.description%20for%20your%20awesome%20landing%20page%2Curl.https%3A%2F%2Fcf%252Espybriefing%252Ecom%2Fsales-page-4977917816267594971791630527983778%2Ctype.website

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 200 p Show response
tr.snapchat.com/ Frame 5A62 0
228 B 31ms
30ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://cf.spybriefing.com
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://cf.spybriefing.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Thu, 09 Jun 2022 14:15:28 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 1

GET
H2 200 /
www.google.com/pagead/1p-user-list/10864675517/ 42 B
108 B 553ms
52ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10864675517/?random=1654784128738&cv=9&fst=1654783200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&frm=0&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&tiba=Carfighting%20Video&async=1&fmt=3&is_vtc=1&random=3176088178&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10864675517/ 42 B
548 B 578ms
91ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10864675517/?random=1654784128738&cv=9&fst=1654783200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&frm=0&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&tiba=Carfighting%20Video&async=1&fmt=3&is_vtc=1&random=3176088178&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/459873033/ 42 B
548 B 551ms
51ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/459873033/?random=1654784128741&cv=9&fst=1654783200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&tiba=Carfighting%20Video&async=1&fmt=3&is_vtc=1&random=3085563340&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/459873033/ 42 B
108 B 578ms
92ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/459873033/?random=1654784128741&cv=9&fst=1654783200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&tiba=Carfighting%20Video&async=1&fmt=3&is_vtc=1&random=3085563340&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
574 B 117ms
117ms Ping
application/octet-stream 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:29 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220609141529010002003005006003009090FDA1E
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 109,23.36.161.200
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba56eda303ee4d4c48701a9a92d1f0badb2f5797e8c43bf7985a28a772b91b8f155c21cf06271c0078e492ec9dba17a1c63da9918532f449b94452d95c25e739818fc8fdd531129ac1ce5b09867cf487be
server-timing: inner; dur=7, cdn-cache; desc=MISS, edge; dur=0, origin; dur=109
x-akamai-request-id: c3accf43
content-length: 0
expires: Thu, 09 Jun 2022 14:15:29 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
582 B 447ms
446ms Ping
application/octet-stream 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:29 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220609141529010002007637004005006003000009D8B38
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 439,23.36.161.200
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba56eda303ee4d4c48701a9a92d1f0badb897ed472593f98efcdf8f8a20f45e30da6f87d4329449be1f8189b67e443ea316c59460f5f8a03715e0d641f721c99dced009b025b35459c00ff642f8ca31250
server-timing: inner; dur=347, cdn-cache; desc=MISS, edge; dur=0, origin; dur=439
x-akamai-request-id: c3accf67
content-length: 0
expires: Thu, 09 Jun 2022 14:15:29 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
715 B 132ms
128ms Ping
application/octet-stream 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4d968ebd.c3accf96
date: Thu, 09 Jun 2022 14:15:29 GMT
x-cache-remote: TCP_MISS from a104-96-220-46.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 117,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=16, inner; dur=12
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220609141529010002007735002015057FF3E9
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,104.96.220.46
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cbacf7f5be9b9a2fc19a5408cca7115c51edce9bb3cee46ca35026f06ecd107fe5096ac920bd98b339721eb82d1805b3c426cabbf3abbe3eb52af7bae86d5afcaea4809ea3a3cac31c4518a225365adbb748412127449258e727e81860f79d48a49
expires: Thu, 09 Jun 2022 14:15:29 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 488 B
835 B 491ms
43ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613287533480&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&cb=1654784128999

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:29 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.8d6656b8.1654784129.3c6bf496
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1102772554922645
pin-unauth: dWlkPU56ZGlPRGd6WldRdFl6TTRaaTAwTVRZM0xXSXlPREl0WVdFM1lUWTRPVFUyTlRCaA
access-control-allow-origin: https://cf.spybriefing.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 350
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 15ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=321845198590810&ev=Microdata&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&rl=&if=false&ts=1654784129002&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Carfighting%20Video%22%2C%22meta%3Adescription%22%3A%22description%20for%20your%20awesome%20landing%20page%22%2C%22meta%3Akeywords%22%3A%22nodo%2C%20landing%20page%2C%20editor%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%22%2C%22og%3Atitle%22%3A%22Carfighting%20Video%22%2C%22og%3Adescription%22%3A%22description%20for%20your%20awesome%20landing%20page%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=1&o=30&fbp=fb.1.1654784128464.766849069&it=1654784128052&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 09 Jun 2022 14:15:29 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 1002ms
559ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-217947897-1&cid=645995395.1654784129&jid=396762334&_u=YEDAAUABAAAAAC~&z=935592722

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 577ms
148ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-217947897-1&cid=645995395.1654784129&jid=396762334&_u=YEDAAUABAAAAAC~&z=935592722

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 742ms
301ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-164010868-2&cid=645995395.1654784129&jid=1513669930&_u=YEBAAUAAAAAAAC~&z=1460620327

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 575ms
149ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-164010868-2&cid=645995395.1654784129&jid=1513669930&_u=YEBAAUAAAAAAAC~&z=1460620327

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 1EA3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

46ms
45ms

XHR
application/json

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00a0af3c12c8cf9208ab5735ce66621e2608c90d3fbada93495764cc57ca13cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 09 Jun 2022 14:15:29 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 1EA3 29 B
588 B 456ms
39ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d97f25df/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:09:58 GMT
x-content-type-options: nosniff
age: 331
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Jun 2022 14:24:58 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 455ms
44ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613287533480&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1654784129035

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:29 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.8d6656b8.1654784129.3c6bf4aa
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
content-length: 35
x-pinterest-rid: 1723447640623547
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1EA3 62 KB
29 KB 126ms
52ms XHR
application/json+protobuf 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d97f25df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30d7e291d204fa3b7c9aca71bbfa5799b9413c8189b6967b952ec18419622be7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 09 Jun 2022 14:15:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 29545
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 1EA3 0
19 B 48ms
47ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?cpn=STeWg65gtSuFnuD3&el=embedded&ns=yt&fexp=23748147%2C23940247%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24027691%2C24080738%2C24082661%2C24135310%2C24167177%2C24169501&cl=453540898&seq=1&event=streamingstats&docid=60cqUPxYThY&cbr=Chrome&cbrver=102.0.5005.61&c=WEB_EMBEDDED_PLAYER&cver=1.20220607.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d97f25df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
X-YouTube-Client-Version: 1.20220607.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtmMGVwbE1zaWNEcyiAgYiVBg%3D%3D
X-YouTube-Ad-Signals: dt=1654784128985&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:29 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/d97f25df/player_ias.vflset/de_DE/ Frame 1EA3 27 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d97f25df/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d97f25df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a831d3198216e96fc92c2e6b702c90fdb0e325e599e1f139176004654183a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 15:52:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8050
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 00:20:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 08 Jun 2023 15:52:33 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 523 B
634 B 230ms
18ms Script
application/javascript 178.250.2.140
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=94432

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/lander.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.140 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bd3e45dfb07a6cd3921b569d6d4dbcdb9b2141f7edc082873f1264d085aaace8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:28 GMT
content-encoding: br
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 200 collect
track.segmetrics.io/ 43 B
634 B 168ms
125ms Ping
image/gif 2606:4700:20::ac43:4839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.segmetrics.io/collect?t=view&r=&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&v=2&a=a1Rnre&i=5374&uid=01G54D3Y3BT28AAAH5VW2E3SJ2&fp=3140b01e4c735b2eb3cbfc1f9a617e47&mt=%7B%22fbp%22%3A%22fb.1.1654784128464.766849069%22%2C%22ga%22%3A%22GA1.2.645995395.1654784129%22%7D
Requested by: Host: tag.segmetrics.io
URL: https://tag.segmetrics.io/a1Rnre.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4839 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:29 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lwvt%2FuijW9MRZCkg2DZbyxd0REcLZYJ4w%2FfObjm%2FZ60duZznaEyExzrs%2F4fmk9oKNDiJSDJMB8%2FTb%2BT9qJ1WDkzcydKr3%2FpbRSB69bkPRzmGrQ0Vinv8Cow6CYg607pcDU%2F1CzLMahOppBUgp0gjcUY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
cf-ray: 718a7ac96e069bbf-FRA
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 433ms
48ms Preflight
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 09 Jun 2022 14:15:29 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 48ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=94432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

dfc6678e3b812f3097334f84e4f7ed816c8339cd0f1a5e5b90281e8c3374d463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:29 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 05:07:22 GMT
server: nginx
etag: W/"6295a28a-a708"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Jun 2022 14:15:29 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/LIAFGQD4BJCQNANH5CBFII/ 61 KB
19 KB 41ms
13ms Script
text/javascript 2600:9000:206f:3c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/LIAFGQD4BJCQNANH5CBFII/roundtrip.js
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b86f968c4fa9d19bf131438f816036b7accf12cd726ab2ed05d04a96869b6010

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Amz-Version-Id: OTD4ochIc0HBVTZa.v4EPSzNs3CR4.OW
Content-Encoding: gzip
Etag: W/"33f658a1fb2efb35727c4dbf54cceb51"
Age: 1431
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Jun 2022 22:29:06 GMT
Server: AmazonS3
Date: Thu, 09 Jun 2022 14:15:29 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 5kdV26O2vMie8ZBPaToy0JVes_4sBqjYiv_8I86rnn_92MekQsHsAw==

GET
H2 200 357-22803.js Show response
m.revmizer.com/ 0
0 394ms
38ms Script
text/html 91.195.240.87
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.revmizer.com/357-22803.js?id=22803&m=357
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.195.240.87 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 64ms
16ms Script
application/x-javascript 104.102.29.173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-173.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:15:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Feb 2022 12:30:38 GMT
Server: AkamaiNetStorage
ETag: "23b34d08f648c3f51b232443afced826:1644409863.170279"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Thu, 09 Jun 2022 14:35:29 GMT

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 17 KB
6 KB 397ms
98ms Script
text/javascript 18.205.229.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.205.229.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-229-183.compute-1.amazonaws.com
Software: /
Resource Hash: e3cf1a92fb54f3d317bcbf1e119fbb30001894516565b01b6730fe9f10ede235

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 09 Jun 2022 14:15:29 GMT
Content-Encoding: gzip
Cache-Control: max-age=5
Content-Length: 5401
Connection: keep-alive
Content-Type: text/javascript

GET
H/1.1 200
OK uniclick.js Show response
visit.prayfashion.com/ 5 KB
5 KB 43ms
16ms Script
text/plain 85.17.54.17
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://visit.prayfashion.com/uniclick.js?defaultcampaignid=61320f755617cb0001db7600&attribution=lastclick&regviewonce=false&cookiedomain=prayfashion.com&cookieduration=30
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/lander.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 85.17.54.17 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 536fac39003de603f6c241901f38840138347a972922dba26a673b022d39e7e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:15:29 GMT
Server: nginx/1.21.3
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/LIAFGQD4BJCQNANH5CBFII/index.js
https://s.adroll.com/j/exp/index.js

28 B
762 B

8ms
8ms

Script
application/javascript

2600:9000:206f:3c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: HTTP/1.1
Server: 2600:9000:206f:3c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Amz-Version-Id: QCXe6z8Ijv28a3Z6pj7cPKMX4fdClAik
Via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 32563
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Wed, 18 May 2022 19:09:46 GMT
Server: AmazonS3
Date: Thu, 09 Jun 2022 05:13:07 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: jjszhqD8WlnaQC_EDq_neDfIjN1mD-CuBCyyc0oHU2SSDhkBUJ3_EA==

Redirect headers

Date: Thu, 09 Jun 2022 04:00:21 GMT
Via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
Age: 36908
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: wwwa9ngDjf23KEevIgGGFW5pU4RBxUx7rgIk28V13hLfirtRTktlyg==

GET
H/1.1 200
OK 61320f755617cb0001db7600 Show response
visit.prayfashion.com/ 570 B
1 KB 75ms
45ms XHR
application/json 85.17.54.17
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://visit.prayfashion.com/61320f755617cb0001db7600?format=json&referrer=&&sub19=fb.1.1654784128464.766849069&sub20=undefined
Requested by: Host: visit.prayfashion.com
URL: https://visit.prayfashion.com/uniclick.js?defaultcampaignid=61320f755617cb0001db7600&attribution=lastclick&regviewonce=false&cookiedomain=prayfashion.com&cookieduration=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 85.17.54.17 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 726b3e743b71c366a086508fcf423bb5635d55e4939caf8e7948eb570929f3c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:15:29 GMT
Server: nginx/1.21.3
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 570

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 363ms
87ms Script
application/javascript 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00b2c266a43b639ea810e3a99bdf26fa4d
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:15:29 GMT
content-encoding: gzip
X-TraceId: 90cd2c4b3bb947bbc026a4c0d1045ae6
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 204
No Content view Show response
visit.prayfashion.com/ 0
306 B 220ms
220ms XHR
text/plain 85.17.54.17
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://visit.prayfashion.com/view?clickid=62a200813eb86700017cca29&referrer=
Requested by: Host: visit.prayfashion.com
URL: https://visit.prayfashion.com/uniclick.js?defaultcampaignid=61320f755617cb0001db7600&attribution=lastclick&regviewonce=false&cookiedomain=prayfashion.com&cookieduration=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 85.17.54.17 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 09 Jun 2022 14:15:29 GMT
Server: nginx/1.21.3
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H2 200 LIAFGQD4BJCQNANH5CBFII Show response
d.adroll.com/consent/check/ 439 B
532 B 91ms
28ms Script
application/javascript 54.220.99.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/LIAFGQD4BJCQNANH5CBFII?arrfrr=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&_s=1ff6c5b1c145f927a268e3d234b5d74e&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/LIAFGQD4BJCQNANH5CBFII/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.99.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-99-25.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: c812fe49a8e2d3566560c4a1526e150f21ddc5179c05bca844d719eb4fe5d9ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:29 GMT
server: nginx/1.20.0
content-length: 439
content-type: application/javascript

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1EA3 98 B
142 B 47ms
47ms XHR
application/json+protobuf 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d97f25df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe3b329d66373545c65aafb1164336442f7b2a5c3204c6ddbf5a22e1f34a7f3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 09 Jun 2022 14:15:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 45ms
44ms Preflight
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 09 Jun 2022 14:15:29 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 410 KB
55 KB 9ms
8ms Script
application/javascript 2600:9000:206f:3c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/LIAFGQD4BJCQNANH5CBFII/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Amz-Version-Id: 44sIT20LqRj70wQHqyIoOw7etYYdjkbK
Content-Encoding: gzip
Etag: W/"0a7d0ea8d7d31b07e925fe340acf431b"
Age: 147
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
Last-Modified: Wed, 04 May 2022 19:41:48 GMT
Server: AmazonS3
Date: Thu, 09 Jun 2022 14:13:04 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 4MSEJA0Doow8u8rxNfTwBjb9trLACbrGHe_QXc11LNZmxIg99ntDVg==

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 11ms
11ms Image
image/png 2600:9000:206f:3c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Age: 78346
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Date: Thu, 09 Jun 2022 01:10:41 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: KQRYE9aFl8WM20fVAnDUQfjAuoK53d7RKtns2lROi6DJd8Y3q-WoSQ==

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 65 B
292 B 104ms
104ms Stylesheet
text/css 18.205.229.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.205.229.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-229-183.compute-1.amazonaws.com
Software: /
Resource Hash: 9f2b5bd69d2708aecce6a7c75a2b76433e6caa72f72ce25bc3a785a53b1d15b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 09 Jun 2022 14:15:29 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 393ms
96ms Fetch
image/jpeg 18.205.229.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.205.229.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-229-183.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 09 Jun 2022 14:15:30 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H2 200 websiteTriggerIframe Show response
kw493.infusionsoft.app/app/webTracking/ Frame 8595 1 KB
1008 B 173ms
173ms Document
text/html 2606:4700:4400::6812:24d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kw493.infusionsoft.app/app/webTracking/websiteTriggerIframe

Requested by

Host: kw493.infusionsoft.app
URL: https://kw493.infusionsoft.app/app/webTracking/getTrackingCode

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

982efa0c3317d59612a9e97a4eef00d6453c1cf4aa93d8b7c51c07947a7880d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 718a7accdbd55c4a-FRA
content-encoding: gzip
content-language: de-DE
content-type: text/html;charset=UTF-8
date: Thu, 09 Jun 2022 14:15:30 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 09 Jun 2022 14:15:30 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000;includeSubDomains
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 26ms
6ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: DQXVECYYH26T8XA2
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: eALUuukJzB4ucStWKbHKE0iJ4pHw1jEWf2JkWgG6tOJtELdAqipD0ZP+vGohR4HC654nDcLzXqg=
x-served-by: cache-hhn4060-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1654784130.093412,VS0,VE0
date: Thu, 09 Jun 2022 14:15:30 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5062

POST
H2 200 rum Show response
cf.spybriefing.com/cdn-cgi/ 0
201 B 24ms
24ms XHR
text/plain 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.spybriefing.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type: application/json

Response headers

date: Thu, 09 Jun 2022 14:15:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://cf.spybriefing.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 718a7acd0b8a5b4a-FRA
vary: Origin

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 82ms
82ms Image
image/gif 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00b2c266a43b639ea810e3a99bdf26fa4d&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&optOut=false&bust=07455627869323427
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:15:30 GMT
Cache-Control: no-cache
X-TraceId: e0169b245d3df281f89fa40d959e8c62
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK NRJS-fc902efb332119fff33 Show response
bam.nr-data.net/1/ 49 B
720 B 515ms
474ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4271&ck=1&ref=https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778&ap=232&be=1789&fe=4238&dc=2390&perf=%7B%22timing%22:%7B%22of%22:1654784125834,%22n%22:0,%22f%22:1349,%22dn%22:1349,%22dne%22:1349,%22c%22:1349,%22ce%22:1349,%22rq%22:1349,%22rp%22:1760,%22rpe%22:1768,%22dl%22:1762,%22di%22:2388,%22ds%22:2389,%22de%22:2512,%22dc%22:4217,%22l%22:4238,%22le%22:4244%7D,%22navigation%22:%7B%7D%7D&fp=2156&fcp=2156&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:15:30 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 718a7acd691068ef-FRA

GET
H2 200 api.js Show response
kw493.infusionsoft.app/cdn-cgi/bm/cv/669835187/ Frame 8595 35 KB
9 KB 19ms
19ms Script
text/javascript 2606:4700:4400::6812:24d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kw493.infusionsoft.app/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: kw493.infusionsoft.app
URL: https://kw493.infusionsoft.app/app/webTracking/websiteTriggerIframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kw493.infusionsoft.app/app/webTracking/websiteTriggerIframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 718a7ace0dc65c4a-FRA

GET
H2

200

spacer.gif
kw493.infusionsoft.app/slices/
Redirect Chain

https://kw493.infusionsoft.app/app/webTracking/contact/1654784127844?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=cf.spybriefing.com&location=https://cf.spybriefing.com/...
https://kw493.infusionsoft.app/slices/spacer.gif

43 B
230 B

26ms
26ms

Image
image/gif

2606:4700:4400::6812:24d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kw493.infusionsoft.app/slices/spacer.gif

Protocol

Server

2606:4700:4400::6812:24d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1427
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Jun 2022 10:31:53 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"43-1654770713639"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: image/gif;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=31552573
cf-ray: 718a7acf38375c4a-FRA
expires: Fri, 09 Jun 2023 18:51:43 GMT

Redirect headers

pragma: no-cache, no-cache
date: Thu, 09 Jun 2022 14:15:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
location: /slices/spacer.gif
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
via: 1.1 google
cache-control: no-cache, no-store, no-cache, no-store
cf-ray: 718a7ace2dfe5c4a-FRA
vary: accept-encoding
x-xss-protection: 1; mode=block
expires: Thu, 09 Jun 2022 14:15:30 GMT, -1

POST
H2 204 result Show response
kw493.infusionsoft.app/cdn-cgi/bm/cv/ Frame 8595 0
325 B 18ms
18ms XHR
text/plain 2606:4700:4400::6812:24d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kw493.infusionsoft.app/cdn-cgi/bm/cv/result?req_id=718a7accdbd55c4a
Requested by: Host: kw493.infusionsoft.app
URL: https://kw493.infusionsoft.app/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:24d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kw493.infusionsoft.app/app/webTracking/websiteTriggerIframe
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Jun 2022 14:15:30 GMT
server: cloudflare
cf-ray: 718a7ace7eb35c4a-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
400 B 97ms
97ms XHR
text/plain 18.205.229.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=0xk6fdszdQvg5B_Yx1_8QQ&is_js=true&landing_url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&t=Carfighting%20Video&tip=JFqVaq76mf7_v40EbRR3W-RKgL4NYQgrPzPeppVv9Y4&host=https://cf.spybriefing.com&sa_conv_data_css_value=%20%220-99eb7e13-8adc-418b-6ed6-c9afacb2b45c%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd93f7d2b9c803c4da76cc197e9377b5b7bb9d59bb0&sa-user-id-v2=s%253A0-99eb7e13-8adc-418b-6ed6-c9afacb2b45c%2524ip%2524185.213.155.176.7JOPOi2p%252FasFDk7ZWaumqvNjqB6IlmCE7MdWQMKxLCE&sa-user-id=s%253A0-99eb7e13-8adc-418b-6ed6-c9afacb2b45c.us2iszYIehy0ReMuX47ZOhijFjT3e3PYQSPN6kWj6vo
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.205.229.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-229-183.compute-1.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:15:30 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://cf.spybriefing.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 94

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2DCA 15 KB
6 KB 49ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=cf.spybriefing.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9ddc14d2bf861fce028506087fa64c31045712254bb719941fd4c84921b9f7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6123
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Jun 2022 14:15:30 GMT
server-processing-duration-in-ticks: 2111
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2DCA
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=spybriefing.com&sn=ChromeSyncframe&so=0&topUrl=cf.spybriefing.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=ItmNlXw3RDlINnV6bFNtRUdxd295bDRLMkc2KzZQWVJPMEtoL3RvK1Z2ME4ybTlrZXVRZzlsQnVDaGhoczF5ZXZXYkdMSENhRTBQbTk4Vmx0aThVT1FFVHQxYm5hQmlBdnh6SFFvamVFUDJnbWJEMGpNZlcwUzRPSlQ1U1...

428 B
634 B

167ms
18ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ItmNlXw3RDlINnV6bFNtRUdxd295bDRLMkc2KzZQWVJPMEtoL3RvK1Z2ME4ybTlrZXVRZzlsQnVDaGhoczF5ZXZXYkdMSENhRTBQbTk4Vmx0aThVT1FFVHQxYm5hQmlBdnh6SFFvamVFUDJnbWJEMGpNZlcwUzRPSlQ1U1VxSUZNL2tvWkp4aDZ2Q3Nmem1ORmNJTEgzK1VBR2JTRzNyTjRtS2pUNjI0WUthWEZobEVRZE9xbzhkd1dSeVhkQk96UWw1NGdaamZHdWV6cWFPVHVzT2UxS0R5cnVYN0phTkRCRG1QSjRpWjc4MTJFTTZZRis1bVIvTEpJSXM5QkRPcktoa3ZEcWFWaWJFOEZqR2lPZklPZGhUWjhFdz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

91f997c8979a98be7a99ed8baee60f1878f6d99517ceccd9f68e77281e4e120f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:29 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4855
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:29 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=ItmNlXw3RDlINnV6bFNtRUdxd295bDRLMkc2KzZQWVJPMEtoL3RvK1Z2ME4ybTlrZXVRZzlsQnVDaGhoczF5ZXZXYkdMSENhRTBQbTk4Vmx0aThVT1FFVHQxYm5hQmlBdnh6SFFvamVFUDJnbWJEMGpNZlcwUzRPSlQ1U1VxSUZNL2tvWkp4aDZ2Q3Nmem1ORmNJTEgzK1VBR2JTRzNyTjRtS2pUNjI0WUthWEZobEVRZE9xbzhkd1dSeVhkQk96UWw1NGdaamZHdWV6cWFPVHVzT2UxS0R5cnVYN0phTkRCRG1QSjRpWjc4MTJFTTZZRis1bVIvTEpJSXM5QkRPcktoa3ZEcWFWaWJFOEZqR2lPZklPZGhUWjhFdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1381
content-length: 541
expires: 0

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=94432&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=Fcq...
https://widget.us.criteo.com/event?a=94432&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=Fcq...

9 KB
9 KB

433ms
234ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=94432&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=FcqTk18xRGs2WXlJNFRGZHpoUWpRdnpkRFMxbkMlMkJtMkZ5Y1dqZ2JFQVlNVHlOYjM5ZSUyRlJrcjMyZ1Q2NHRRQWNleTV5ZG1Va3VyMHJoVFRXQmt4TWpzb2V2UFVmQ0clMkIwYk9Ud0piOE1TemNGNG9BblhIM3ZPU0V0YkZnemtyd3M0WVBmUiUyQktueDFhYVlGbGhUeXQzTW8zWGxMdyUzRCUzRA&tld=spybriefing.com&dy=1&fu=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&dtycbr=34019

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1d2ed9d60fa856aeb6dcbe19cfaa678ef799318f40292c21c00df301a427f445

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:31 GMT
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 135132645
content-type: application/x-javascript
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:30 GMT
server: Kestrel
location: https://widget.us.criteo.com/event?a=94432&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=FcqTk18xRGs2WXlJNFRGZHpoUWpRdnpkRFMxbkMlMkJtMkZ5Y1dqZ2JFQVlNVHlOYjM5ZSUyRlJrcjMyZ1Q2NHRRQWNleTV5ZG1Va3VyMHJoVFRXQmt4TWpzb2V2UFVmQ0clMkIwYk9Ud0piOE1TemNGNG9BblhIM3ZPU0V0YkZnemtyd3M0WVBmUiUyQktueDFhYVlGbGhUeXQzTW8zWGxMdyUzRCUzRA&tld=spybriefing.com&dy=1&fu=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&dtycbr=34019
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 9900994
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 4558
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-CLiWya1Po2NVU3f3Mgm0cFK1OQ4G9NxHzsj_jQ&google_cm&google_hm=ay1DTGlXeWExUG8yTlZVM2YzTWdtMGNGSzFPUTRHOU54S...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-CLiWya1Po2NVU3f3Mgm0cFK1OQ4G9NxHzsj_jQ&google_gid=CAESEL7wf69QiRo5jjXPACoo6XY&google_cver=1&google_ula=913071,0

43 B
370 B

53ms
15ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-CLiWya1Po2NVU3f3Mgm0cFK1OQ4G9NxHzsj_jQ&google_gid=CAESEL7wf69QiRo5jjXPACoo6XY&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:30 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 680977
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-CLiWya1Po2NVU3f3Mgm0cFK1OQ4G9NxHzsj_jQ&google_gid=CAESEL7wf69QiRo5jjXPACoo6XY&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

451

397596.gif
idsync.rlcdn.com/ Frame 4558
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=YRTt4rWg9WkgBr5hO1EklaBZNUxCOH4H

0
42 B

96ms
42ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=YRTt4rWg9WkgBr5hO1EklaBZNUxCOH4H
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=YRTt4rWg9WkgBr5hO1EklaBZNUxCOH4H
date: Thu, 09 Jun 2022 14:15:31 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2752
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1 204
NO CONTENT /
partner.mediawallahscript.com/ Frame 4558 0
232 B 141ms
30ms Image
text/html 52.209.107.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-CLiWya1Po2NVU3f3Mgm0cFK1OQ4G9NxHzsj_jQ&custom=&tag_format=img&tag_action=sync&custom=&cb=405064ae-30d8-4cb8-8d43-008754d10b6b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.107.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-107-65.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Jun 2022 14:15:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Server: nginx/1.20.0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

GET
H2 451 362338.gif
idsync.rlcdn.com/ Frame 4558 0
98 B 117ms
42ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-CLiWya1Po2NVU3f3Mgm0cFK1OQ4G9NxHzsj_jQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 4558 0
194 B 73ms
20ms Image
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:31 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame 4558 43 B
631 B 117ms
38ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:31 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 09 Jun 2022 14:15:31 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 4558
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-gUBura1Po2NVU3f3Mgm0cFK1OQ4gZhkcVWRUhg
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-gUBura1Po2NVU3f3Mgm0cFK1OQ4gZhkcVWRUhg&verify=true

0
121 B

11ms
11ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-gUBura1Po2NVU3f3Mgm0cFK1OQ4gZhkcVWRUhg&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:31 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-gUBura1Po2NVU3f3Mgm0cFK1OQ4gZhkcVWRUhg&verify=true
date: Thu, 09 Jun 2022 14:15:31 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 4558 0
476 B 332ms
87ms Image
text/plain 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-U4zwAa1Po2NVU3f3Mgm0cFK1OQ45Rf3yhtnBJQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:15:31 GMT
Cache-Control: no-cache
X-TraceId: c9146d54fe50951844601760a9319c52
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame 4558 0
428 B 438ms
112ms Image
text/plain 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-UyGy9q1Po2NVU3f3Mgm0cFK1OQ61oJ1WnS5g4Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:31 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 09 Jun 2022 14:15:31 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 4558 0
239 B 43ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-UyGy9q1Po2NVU3f3Mgm0cFK1OQ61oJ1WnS5g4Q&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 4558
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-QwjWyq1Po2NVU3f3Mgm0cFK1OQ4FYIt845WMuA&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-QwjWyq1Po2NVU3f3Mgm0cFK1OQ4FYIt845WMuA%26seg%3D95287

43 B
1 KB

13ms
13ms

Image
image/gif

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-QwjWyq1Po2NVU3f3Mgm0cFK1OQ4FYIt845WMuA%26seg%3D95287

Protocol

HTTP/1.1

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Jun 2022 14:15:31 GMT
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6ef14637-0760-48e5-beba-387287191258
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Jun 2022 14:15:31 GMT
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a72ec076-46dc-40b5-a38c-d254373caaf6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-QwjWyq1Po2NVU3f3Mgm0cFK1OQ4FYIt845WMuA%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 4558
Redirect Chain

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fa...
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7931250822918471892

43 B
370 B

58ms
17ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7931250822918471892

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:31 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2620627
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Jun 2022 14:15:31 GMT
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a6408334-098b-4391-b9ab-83d5ac6fac39
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7931250822918471892
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 4558 42 B
578 B 66ms
16ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-gQkx_61Po2NVU3f3Mgm0cFK1OQ7rgTSmbQI-BQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:31 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 xuid
eb2.3lift.com/ Frame 4558 37 B
140 B 30ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-RDLDL61Po2NVU3f3Mgm0cFK1OQ5JAtBWP5Mnbw&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 cksync.php
contextual.media.net/ Frame 4558 45 B
798 B 75ms
34ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-U0nmAK1Po2NVU3f3Mgm0cFK1OQ6KgRI9uoE7gA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Thu, 09 Jun 2022 14:15:31 GMT
vary: Accept-Encoding
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Thu, 09 Jun 2022 14:15:31 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 4558
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-KFWTg61Po2NVU3f3Mgm0cFK1OQ6-W-QMPFXyLQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-KFWTg61Po2NVU3f3Mgm0cFK1OQ6-W-QMPFXyLQ&C=1

43 B
1 KB

17ms
17ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-KFWTg61Po2NVU3f3Mgm0cFK1OQ6-W-QMPFXyLQ&C=1
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Jun 2022 14:15:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 09 Jun 2022 14:15:31 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Jun 2022 14:15:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-KFWTg61Po2NVU3f3Mgm0cFK1OQ6-W-QMPFXyLQ&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Thu, 09 Jun 2022 14:15:31 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 4558
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-h4iY8q1Po2NVU3f3Mgm0cFK1OQ4r2cMlLJOzbA&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-h4iY8q1Po2NVU3f3Mgm0cFK1OQ4r2cMlLJOzbA&expires=30&user_group=5

43 B
495 B

9ms
9ms

Image
image/gif

18.195.192.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-h4iY8q1Po2NVU3f3Mgm0cFK1OQ4r2cMlLJOzbA&expires=30&user_group=5
Protocol: HTTP/1.1
Server: 18.195.192.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-192-101.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:15:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-h4iY8q1Po2NVU3f3Mgm0cFK1OQ4r2cMlLJOzbA&expires=30&user_group=5
Date: Thu, 09 Jun 2022 14:15:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame 4558 35 B
336 B 107ms
34ms Image
image/gif 54.77.142.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-vYjB061Po2NVU3f3Mgm0cFK1OQ5o6FkCgwle2w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.142.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-142-93.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:31 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame 4558 23 B
172 B 86ms
37ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-lSW2ma1Po2NVU3f3Mgm0cFK1OQ6_egl7F7hMRg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:31 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 09 Jun 2022 14:15:31 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 4558 0
99 B 121ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-vDA8W61Po2NVU3f3Mgm0cFK1OQ5FjMmL-4_iTA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:31 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13597

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 4558 43 B
163 B 62ms
16ms Image
image/gif 185.86.139.57
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-7WlgYq1Po2NVU3f3Mgm0cFK1OQ52q6lwFUnTIQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:30 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 4558 68 B
261 B 68ms
8ms Image
image/png 3.120.204.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-_Q4GNq1Po2NVU3f3Mgm0cFK1OQ7B-iBGHDeBSw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.204.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-204-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:31 GMT
content-length: 68
content-type: image/png

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 4558
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-baIdg61Po2NVU3f3Mgm0cFK1OQ6Y8NC8tDGGhw
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-baIdg61Po2NVU3f3Mgm0cFK1OQ6Y8NC8tDGGhw

43 B
446 B

33ms
33ms

Image
image/gif

52.210.108.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-baIdg61Po2NVU3f3Mgm0cFK1OQ6Y8NC8tDGGhw
Protocol: H2
Server: 52.210.108.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-108-30.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Jun 2022 14:15:31 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-baIdg61Po2NVU3f3Mgm0cFK1OQ6Y8NC8tDGGhw
date: Thu, 09 Jun 2022 14:15:31 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame 4558
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-T1x_T61Po2NVU3f3Mgm0cFK1OQ69DKdC9hW_bA
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-T1x_T61Po2NVU3f3Mgm0cFK1OQ69DKdC9hW_bA&_li_chk=true&previous_uuid=ed06c5e18d7b4b47be4ed87edfc90b9c
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-T1x_T61Po2NVU3f3Mgm0cFK1OQ69DKdC9hW_bA

43 B
419 B

413ms
124ms

Image
image/gif

2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-T1x_T61Po2NVU3f3Mgm0cFK1OQ69DKdC9hW_bA

Protocol

HTTP/1.1

Server

2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:15:32 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-T1x_T61Po2NVU3f3Mgm0cFK1OQ69DKdC9hW_bA
Date: Thu, 09 Jun 2022 14:15:31 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 4558 43 B
428 B 308ms
100ms Image
image/gif 52.203.231.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-Ii5J461Po2NVU3f3Mgm0cFK1OQ62tO3S5Qsm8A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.231.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-231-62.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:31 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 4558 43 B
183 B 381ms
123ms Image
image/gif 2600:1f18:612b:4232:6e00:7b23:6545:3513
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-HrMT1a1Po2NVU3f3Mgm0cFK1OQ761EKkZ5lefw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:6e00:7b23:6545:3513 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:31 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H/1.1

200
OK

empty.gif
cdn.stickyadstv.com/one-shot/ Frame 4558
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-bSXZ7a1Po2NVU3f3Mgm0cFK1OQ7YAmK4TvOV2g&redirectId=69
https://cdn.stickyadstv.com/one-shot/empty.gif?

43 B
462 B

87ms
17ms

Image
image/gif

2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.stickyadstv.com/one-shot/empty.gif?
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:15:31 GMT
Last-Modified: Thu, 28 Feb 2013 15:45:35 GMT
ETag: "1362066335"
X-HW: 1654784131.dop232.am5.t,1654784131.cds305.am5.shn,1654784131.dop232.am5.t,1654784131.cds142.am5.c
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 09 Jun 2022 14:15:31 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1654784131790023-427
Expires: Thu, 09 Jun 2022 14:15:31 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 4558 40 B
40 B 35ms
10ms Image
text/html 3.120.22.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-kky8q61Po2NVU3f3Mgm0cFK1OQ4pFMPm-4YXMw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.22.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-22-117.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:15:31 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 4558 43 B
220 B 103ms
30ms Image
image/gif 52.49.242.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-IiRVoa1Po2NVU3f3Mgm0cFK1OQ6B7o4TPF_ASg&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.242.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-242-166.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 09 Jun 2022 14:15:31 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 1EA3 28 B
54 B 55ms
54ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d97f25df/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
X-YouTube-Client-Version: 1.20220607.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtmMGVwbE1zaWNEcyiAgYiVBg%3D%3D
X-YouTube-Ad-Signals: dt=1654784128911&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 09 Jun 2022 14:15:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 09 Jun 2022 14:15:31 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 4558
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7931250822918471892

43 B
370 B

16ms
16ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7931250822918471892

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:15:31 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1468201
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Jun 2022 14:15:31 GMT
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b298d1ee-8984-4585-8de8-681a59cde177
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7931250822918471892
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: track.addevent.com
URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=b42c97cd-7b7b-4402-cc63-6dfc3acaa556&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&cache=1654784128342

Verdicts & Comments Add Verdict or Comment

427 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

97 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 03:41:10	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
i.liadm.com/s	1970-01-20 04:22:56	Name: _li_ss Value: MgkI_____wcQvhI
links.spybriefing.com/	1970-01-20 03:40:27	Name: _session_id Value: 962683494823805ba38f8bdfd1e987d3
.cf.spybriefing.com/	1970-01-20 03:39:45	Name: __cf_bm Value: KYAjy2kELcFMevSb8d9j8Qz1947OoblwS2sgLMLU1i4-1654784126-0-AS5t+mNzxMAIezNJthHIerGVTxlaSEQ2e1LwHCjTvNYJC17Pu3zFkAywxA9CzmAs6iJHuOo4L+teuRP709UVP+mRBfVXgg2k3ETM060AXFJa
.infusionsoft.com/	1970-01-20 03:39:45	Name: __cf_bm Value: lEHw.NP71zgupt27sNAAAVZpnCtxDFcFYpJ9PUdB7WQ-1654784127-0-AaDuahKdZWPib0YCBV9F/HZ41gA4ab2L8AO0eDGAVJcj5ZmOWQ3oGJX0Fg68oWhTlpjpXaEQ64W5utueh5LFW/k=
.clickfunnels.com/	1970-01-20 03:39:45	Name: __cf_bm Value: YRQ_Soi_GEPn9NHJvzUlxtOLYMp3XjlmufeokfzE4JM-1654784127-0-AUHQjjyKgZNcZjPhvJMfJdyxLPk3LnuoUrvNiqEO1hfQP4UNdt34hV+cFk374m1BY296I3h4HzdZvczREbMrAtX/cGFEjCT4Ns8+Ja3t/uyA
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: tj71_bJ3Gvg
.youtube.com/	1970-01-20 07:58:56	Name: VISITOR_INFO1_LIVE Value: f0eplMsicDs
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:aff_sub2 Value:
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:aff_sub3 Value:
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:aff_sub Value:
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:affiliate_id Value:
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:cf_affiliate_id Value:
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:content Value:
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:medium Value:
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:name Value:
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:source Value:
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:term Value:
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:NDk3NzkxNzc Value: :visited=true
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:visitor_id Value: 49a04c9f-9c49-480a-ae24-fb6dc2bf0f4b
cf.spybriefing.com/	1970-01-20 12:25:20	Name: addevent_track_cookie Value: b42c97cd-7b7b-4402-cc63-6dfc3acaa556
.spybriefing.com/	1970-01-20 05:49:20	Name: _fbp Value: fb.1.1654784128464.766849069
.spybriefing.com/	1970-01-20 05:49:20	Name: _gcl_au Value: 1.1.99078314.1654784128
.mgid.com/	1970-01-20 03:39:45	Name: __cf_bm Value: PropR5QfRc38d2_A4.brMSwE5eXL1THvLmrh2a6j..o-1654784128-0-AYp067+LIUcYA12t+XEZTbqHX6x5gRUydvqkgFGJgsfbcTUPQK2qFBE8Ip6VXyhecAXYKz4kW5zYxgky75tuc4o=
.spybriefing.com/	1970-01-20 21:10:56	Name: _ga Value: GA1.2.645995395.1654784129
.spybriefing.com/	1970-01-20 03:41:10	Name: _gid Value: GA1.2.679945168.1654784129
.spybriefing.com/	1970-01-20 03:39:44	Name: _gat_gtag_UA_164010868_2 Value: 1
.spybriefing.com/	1970-01-20 03:39:44	Name: _gat_UA-217947897-1 Value: 1
.turn.com/	1970-01-20 07:58:56	Name: uid Value: 2400695611468236206
cf.spybriefing.com/	1970-01-20 05:49:20	Name: MgidSensorNVis Value: 1
cf.spybriefing.com/	1970-01-20 05:49:20	Name: MgidSensorHref Value: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
cf.spybriefing.com/	1970-01-20 05:49:20	Name: AdskeeperSensorNVis Value: 1
cf.spybriefing.com/	1970-01-20 05:49:20	Name: AdskeeperSensorHref Value: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
.spybriefing.com/	1970-01-20 13:09:30	Name: _scid Value: 9db22537-c862-4516-ae90-298a8b7285b8
.tiktok.com/	1970-01-20 13:01:20	Name: _ttp Value: 2ALLsxma766Jnrwh6VhmpF1TSaW
.spybriefing.com/	1970-01-20 13:01:20	Name: _tt_enable_cookie Value: 1
.spybriefing.com/	1970-01-20 13:01:20	Name: _ttp Value: 69b70ad2-01bb-4750-bb3a-ade841aadbc6
.snapchat.com/	1970-01-20 13:01:20	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ3AMAgDsIuQAg2UnrNF6xUcP5sro3DDsnCMqmVH/pnAfhp6r/aMV3I3PXrwA/P6WT0yAAAA
.quantserve.com/	1970-01-20 13:09:58	Name: mc Value: 62a20080-ec9af-589b4-b94e8
.simpli.fi/	1970-01-20 12:26:46	Name: suid Value: C32EAB855AD045FAB019A78CEC674EC4
rdcdn.com/	1970-01-25 20:05:38	Name: aid Value: 19177
rdcdn.com/	1970-01-25 20:05:38	Name: ref Value: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
rdcdn.com/	1970-01-25 20:05:38	Name: img Value: http://rdcdn.com/rt?aid=19177&e=1&img=1
.spybriefing.com/	1970-01-20 13:04:12	Name: __qca Value: P0-1985166819-1654784128939
.statistinamics.com/	1970-01-21 23:27:44	Name: scgrg Value: %7B%22grg%22%3A%224B27259A-FEE7-EC11-B656-0003FFCA8DF83D3E7B12-367B-46C5-AA12-0C387BDBFC1C%22%7D
.spybriefing.com/	1970-01-20 12:25:20	Name: _seg_uid_5374 Value: 01G54D3Y3BT28AAAH5VW2E3SJ2
.spybriefing.com/	1970-01-20 12:25:20	Name: _seg_uid Value: 01G54D3Y3BT28AAAH5VW2E3SJ2
.spybriefing.com/	1970-01-20 12:25:20	Name: _seg_visitor_5374 Value: {"referrer":null}
.cf.spybriefing.com/	1970-01-20 12:25:20	Name: _pin_unauth Value: dWlkPU56ZGlPRGd6WldRdFl6TTRaaTAwTVRZM0xXSXlPREl0WVdFM1lUWTRPVFUyTlRCaA
tags.srv.stackadapt.com/	1970-01-20 12:25:20	Name: sa-user-id Value: s%3A0-99eb7e13-8adc-418b-6ed6-c9afacb2b45c.us2iszYIehy0ReMuX47ZOhijFjT3e3PYQSPN6kWj6vo
.srv.stackadapt.com/	1970-01-20 12:25:20	Name: sa-user-id-v2 Value: s%3Amet-E4rcQYtu1smvrLK0XLnVm7A.eUGk%2FzjExJzviWhtEBfWFd60BcwyVAwKlaV3fbcAGmc
cf.spybriefing.com/	1970-01-20 12:25:20	Name: sa-user-id Value: s%253A0-99eb7e13-8adc-418b-6ed6-c9afacb2b45c.us2iszYIehy0ReMuX47ZOhijFjT3e3PYQSPN6kWj6vo
cf.spybriefing.com/	1970-01-20 12:25:20	Name: sa-user-id-v2 Value: s%253A0-99eb7e13-8adc-418b-6ed6-c9afacb2b45c%2524ip%2524185.213.155.176.7JOPOi2p%252FasFDk7ZWaumqvNjqB6IlmCE7MdWQMKxLCE
cf.spybriefing.com/	1970-01-20 03:39:44	Name: outbrain_cid_fetch Value: true
.infusionsoft.app/	1970-01-20 03:39:45	Name: __cf_bm Value: N5amhlDruCu.63ZkM_ttMpLQApFuM2IPGHEuPYxvhsw-1654784130-0-AUhNglIVNWI6sU/xOSREBT8VvVcVF0NPphxEUnEWuujlcBDmqllZFqq/bxACe2ihyVXoxnwhmGNFwxbFirBnr+1A9CBPY1qhsbxfHlZWYpe+/PzDMTGR6B8+rZ4KQplg+ig9SwWF+X3TnmaYfYm9E6Yr7jcw18neT35kJYG1DgSGwgNKIHkPAWa2urfwfztRhg==
kw493.infusionsoft.app/	1970-01-20 12:25:20	Name: InfusionsoftTrackingCookie Value: b89011415d7ca872775f3f0885921c60
.criteo.com/	1970-01-20 13:01:20	Name: uid Value: 1ff0bb0b-68d4-4116-8b15-5e2b6c12f745
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 2756a72a066ac646
.spybriefing.com/	1970-01-20 13:09:08	Name: cto_bundle Value: FcqTk18xRGs2WXlJNFRGZHpoUWpRdnpkRFMxbkMlMkJtMkZ5Y1dqZ2JFQVlNVHlOYjM5ZSUyRlJrcjMyZ1Q2NHRRQWNleTV5ZG1Va3VyMHJoVFRXQmt4TWpzb2V2UFVmQ0clMkIwYk9Ud0piOE1TemNGNG9BblhIM3ZPU0V0YkZnemtyd3M0WVBmUiUyQktueDFhYVlGbGhUeXQzTW8zWGxMdyUzRCUzRA
.analytics.yahoo.com/	1970-01-20 12:25:20	Name: IDSYNC Value: 18zh~25d2
.adnxs.com/	1970-01-20 05:49:20	Name: uuid2 Value: 7931250822918471892
.yahoo.com/	1970-01-20 12:25:41	Name: A3 Value: d=AQABBIMAomICEMxAbJ44JkAKAuGT1o_1FUAFEgEBAQFSo2KrYgAAAAAA_eMAAA&S=AQAAAox9xMPd13xHJz9VOTiHX60
.doubleclick.net/	1970-01-20 13:01:20	Name: IDE Value: AHWqTUkE3XVddqouJ5KMBPC0JCpavPDtFYtmutUKdREPU5GPaWToamw0x_oec1KvEmA
.pubmatic.com/	1970-01-20 04:22:56	Name: KRTBCOOKIE_97 Value: 3385-uid:k-gQkx_61Po2NVU3f3Mgm0cFK1OQ7rgTSmbQI-BQ&KRTB&23144-uid:k-gQkx_61Po2NVU3f3Mgm0cFK1OQ7rgTSmbQI-BQ&KRTB&23286-uid:k-gQkx_61Po2NVU3f3Mgm0cFK1OQ7rgTSmbQI-BQ&KRTB&23287-uid:k-gQkx_61Po2NVU3f3Mgm0cFK1OQ7rgTSmbQI-BQ
.pubmatic.com/	1970-01-20 04:22:56	Name: PugT Value: 1654784131
.casalemedia.com/	1970-01-20 12:25:20	Name: CMID Value: YqIAg6hKfsVSNCpbUJ3CQQAA
.casalemedia.com/	1970-01-20 05:49:20	Name: CMPS Value: 3276
.bidswitch.net/	1970-01-20 12:25:20	Name: tuuid Value: 0e06dd3d-d945-40bd-a408-411ef295e39b
.bidswitch.net/	1970-01-20 12:25:20	Name: c Value: 1654784131
.bidswitch.net/	1970-01-20 12:25:20	Name: tuuid_lu Value: 1654784131
.media.net/	1970-01-20 12:25:20	Name: visitor-id Value: 2977857318398402000V10
.media.net/	1970-01-20 04:22:56	Name: data-c-ts Value: 1654784131
.media.net/	1970-01-20 04:22:56	Name: data-c Value: k-U0nmAK1Po2NVU3f3Mgm0cFK1OQ6KgRI9uoE7gA~~3
.casalemedia.com/	1970-01-20 05:49:20	Name: CMPRO Value: 1111
.casalemedia.com/	1970-01-20 12:25:20	Name: CMRUM3 Value: 1462a200832760k-KFWTg61Po2NVU3f3Mgm0cFK1OQ6-W-QMPFXyLQ
.casalemedia.com/	1970-01-20 03:41:10	Name: CMST Value: YqIAg2KiAIMA
.revcontent.com/	1970-02-07 09:39:44	Name: __ID Value: 54ac293f0e034706b8beb15c4201d507
.revcontent.com/	1970-01-20 04:22:56	Name: v1_151 Value: 1
.sharethrough.com/	1970-01-20 04:22:56	Name: stx_user_id Value: 2ddcccba-a6ca-42f4-b191-0ba5fbca32a1
exchange.mediavine.com/	1970-01-20 03:59:53	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%229f0299e0-e7fe-11ec-b216-03645b766768%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 03:59:53	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%229f0299e0-e7fe-11ec-b216-03645b766768%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 03:59:53	Name: criteo Value: %7B%22id%22%3A%22k-kky8q61Po2NVU3f3Mgm0cFK1OQ4pFMPm-4YXMw%22%2C%22version%22%3A%22criteo%22%7D
.adnxs.com/	1970-01-20 05:49:20	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2Hb^4lv/`!4<zRTC+=<+/ev2+ZQbUobYU0Osb]:]jiBegIL/q.'$CHZl0MNP8<xWlB1!Z[$:hR[VMg-I4[>bpRzqF1`bd9#+E[?U
.360yield.com/	1970-01-20 05:49:20	Name: tuuid Value: aff4af2d-5507-4c6b-8965-2b952b9f9d86
.360yield.com/	1970-01-20 05:49:20	Name: tuuid_lu Value: 1654784131
.outbrain.com/	1970-01-20 05:49:20	Name: obuid Value: e20b07ab-4600-434f-be39-58a53fafb898
.outbrain.com/	1970-01-20 04:08:32	Name: criteo Value: k-U4zwAa1Po2NVU3f3Mgm0cFK1OQ45Rf3yhtnBJQ
.360yield.com/	1970-01-20 05:49:20	Name: um Value: !38,jnB5cpN1WrLD9V3up4b0IyOxgMEUi1Fhfi2lHMuRNGpZViXZrSmXeoybUqtDlwt-swyMF7FZ,1662560131
.360yield.com/	1970-01-20 05:49:20	Name: umeh Value: !38,0,1716992131,-1
ads.stickyadstv.com/	1970-01-20 04:22:56	Name: UID Value: c02efe4f23acaa79b81d50e77f7039d4
ads.stickyadstv.com/	1970-01-20 04:22:56	Name: uid-bp-11554 Value: k-bSXZ7a1Po2NVU3f3Mgm0cFK1OQ7YAmK4TvOV2g
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: f24ca65f48a2acd7b2534d4ec3f7ce16
.addthis.com/	1970-01-20 13:01:20	Name: ouid Value: 62a2008300019b6243be85540c1765f464618151c49b13baa3a6
.addthis.com/	1970-01-20 13:01:20	Name: uid Value: 62a2008334e01b98
.addthis.com/	1970-01-20 13:01:20	Name: na_id Value: 2022060914153183800572517943
.postrelease.com/	1970-01-20 12:25:20	Name: opt_out Value: 1
.liadm.com/	1970-01-20 21:10:56	Name: lidid Value: ed06c5e1-8d7b-4b47-be4e-d87edfc90b9c

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=b42c97cd-7b7b-4402-cc63-6dfc3acaa556&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&cache=1654784128342 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://visit.prayfashion.com/postback?clickid=undefined&type=RT_View_Content Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://visit.prayfashion.com/postback?clickid=null&type=RT_View_Content&gtmcb=45933141 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://static.criteo.net/js/ld/ld.js Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-CLiWya1Po2NVU3f3Mgm0cFK1OQ4G9NxHzsj_jQ Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/397596.gif?partner_uid=YRTt4rWg9WkgBr5hO1EklaBZNUxCOH4H Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.adskeeper.co.uk
a.exoclick.com
a.mgid.com
ad.360yield.com
ads.stickyadstv.com
ads.yahoo.com
amplify.outbrain.com
analytics.tiktok.com
app.clickfunnels.com
assets.clickfunnels.com
assets.revcontent.com
bam.nr-data.net
cdn.stickyadstv.com
cf.spybriefing.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
ct.pinterest.com
cw.addthis.com
d.adroll.com
dis.criteo.com
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
jadserve.postrelease.com
jnn-pa.googleapis.com
js-agent.newrelic.com
kw493.infusionsoft.app
kw493.infusionsoft.com
links.spybriefing.com
m.revmizer.com
match.sharethrough.com
mug.criteo.com
ndn.statistinamics.com
partner.mediawallahscript.com
pixel.adblade.com
pixel.quantserve.com
pixel.rubiconproject.com
r.casalemedia.com
r.turn.com
rdcdn.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.adroll.com
s.pinimg.com
sc-static.net
secure.adnxs.com
secure.quantserve.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.cloudflareinsights.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tag.segmetrics.io
tag.simpli.fi
tags.srv.stackadapt.com
tr.outbrain.com
tr.snapchat.com
track.addevent.com
track.segmetrics.io
trends.revcontent.com
ups.analytics.yahoo.com
use.fontawesome.com
visit.prayfashion.com
web.adblade.com
widget.us.criteo.com
www.clickcease.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
x.bidswitch.net
track.addevent.com
104.102.29.173
104.18.27.174
104.19.134.78
104.75.88.126
104.75.88.209
13.248.245.213
13.32.27.12
141.226.228.48
142.250.185.66
143.204.207.250
151.101.130.137
151.139.128.11
162.247.241.14
169.50.137.179
172.217.18.2
178.250.0.157
178.250.0.163
178.250.2.140
178.250.2.151
18.156.0.31
18.195.192.101
18.205.229.183
185.33.220.100
185.33.221.14
185.64.190.80
185.86.139.57
2001:4de0:ac19::1:b:2b
2001:678:cb4:bbbb::11
212.82.100.181
23.35.228.23
23.35.229.117
23.35.236.247
23.35.237.56
23.36.163.228
2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5
2600:1f18:612b:4232:6e00:7b23:6545:3513
2600:9000:206f:3c00:6:9280:1080:93a1
2600:9000:223e:0:6:44e3:f8c0:93a1
2606:4700:20::ac43:4839
2606:4700:4400::6812:24d6
2606:4700:4400::ac40:946f
2606:4700:440e::6812:2fe6
2606:4700::6810:ec2
2606:4700::6810:fc2
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1288:80:807::2
2a00:1450:4001:800::2002
2a00:1450:4001:801::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2004
2a00:1450:4001:827::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82b::200e
2a00:1450:400c:c07::9c
2a02:2638::1c
2a02:2638::3
2a02:26f0:3500:887::1931
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3120::3
3.120.204.202
3.120.22.117
3.214.237.192
34.206.247.163
35.190.43.134
35.238.129.105
35.244.174.68
44.196.167.20
52.203.231.62
52.209.107.65
52.210.108.30
52.45.50.106
52.49.242.166
54.220.99.25
54.77.142.93
67.205.176.157
69.173.144.165
70.42.32.95
74.119.119.150
85.17.54.17
91.195.240.87
004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158
00a0af3c12c8cf9208ab5735ce66621e2608c90d3fbada93495764cc57ca13cb
00d334a19d88f3d2e38b960842f66f72cac7859e75c77374445bd592cc75dfcf
025e4337e3c0b187ad9311ba6245f342852379ba27ea3e0ed63b6ad2d13ceb17
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
079f102ce0b917d17ffa6681bb830b0c03a2185bffdafd1c6dbdfe290f77beaa
07d5e5f440ca5ac95ca64e9e9bfd61f0feece6a0e7c3c0f5a42d673da490c7d1
09ffdb3e6d22186867640de565afd309cde6d1727665826093f161ea4ae0da8e
0a006127f3ac3af107355ede29826abfa058fd2bf97f5ab9e49e38c36884af8f
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0e7db8a58e717a428cc1ef7503bc697bef2e68751f79e09ecef3bb03599fe747
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
116e677ce1f72ac9525e2e6cd8d26a005c4dd4ba515fb8309023b2f0a2b3397a
19e30a7d52bf395dc0ab88b8d1fc9f969923c23d3099ab5749a924d6218509dc
1d2ed9d60fa856aeb6dcbe19cfaa678ef799318f40292c21c00df301a427f445
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1fb3605148bef5e3a620bb845ed7883d8431f4fb95e15203b9451d243ebb28ac
2095855bb7d7234482f92598b097576fe0cd42a6145e38d3d1ece32a76433add
216164d79ec2c38d34fd4e09557abc30fb551386332a294cbdf48b8a0225f44c
21c7a27fce9ba250a5907d9af97c2617de9e63ff5495f126322c99743fd4a696
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
29fcbc25a1308651702f73d6d3b4d8c2c303ae8305e9bcae3ddf2ecad32e144d
2a831d3198216e96fc92c2e6b702c90fdb0e325e599e1f139176004654183a64
2a8aed2402fa5b8c06158b9712611bcb35bfa05512e69dca5647fd43a712c2ce
2d879cce1d3b8d492e394e9be9e78042509f0d46aac16250c43cace3782a5a55
2e08628dfbdeb5fe6ccc883c071f5fc3da5b9f94f2747d9352d2ae91261bb9cb
2e2885606820de818f23a4d95e72051f4b025951e38578740dac202462cf7dfd
30d7e291d204fa3b7c9aca71bbfa5799b9413c8189b6967b952ec18419622be7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40c5a0b55c7388ca4e499a0d3b42fc8c1895c9a3bbd4968f4c9d0d6ec2774b99
42a4d0131b2ef66f4ed10e40b454c71c277e62f5f1c920dc7b413ad80ec7bb7b
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46f9d86045547e75575813d1014a355655ea9428ceea6df6ece84a9d6ff30c26
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49ceed1873b2c802ce86b551569c99ad4000f63a197a991d1521514ecbd84ca2
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50ef2ba0ac1df3b199f3363b5870074528cda342a6ecead079a0e973705e554d
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
536fac39003de603f6c241901f38840138347a972922dba26a673b022d39e7e0
540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559f7cd9a09fd3e5fecd298149ea6c2cf70a1082e391af9ffe6e70b133ce16c7
58a1eb62728fc1e7bd7ad259d095189c0c4707b2d9077eacb11c36bf5886e6b4
5e3a28df51924c57892c425cf0e17f6509339c8c90c86f9aa71279d3295e66b4
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
63ff3865a7ab8198634191b854c998bf9a867246ffb4329900f751ec95089fd3
65fe5c0c5a06bbf5841f03219a3cb5c120928a84ba31242b21357a0d466426a3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
726b3e743b71c366a086508fcf423bb5635d55e4939caf8e7948eb570929f3c7
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
7b4337c676312e00f11b5e884489a3d9e4ded93e334ce3ddb551fbf94b22f6e6
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d
8276765a27484dcb04805218f99cfdbaa5256ae24350382f1b187798ff16f75f
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8757603bc119b7e908c740d0bfd6aa494f5a51f417f02da96da525d863b05727
894694eee28fc463a83875d519e70afaf5f40ac7c042d6114c4ee86d156b4067
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b
91f997c8979a98be7a99ed8baee60f1878f6d99517ceccd9f68e77281e4e120f
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
982efa0c3317d59612a9e97a4eef00d6453c1cf4aa93d8b7c51c07947a7880d5
9ddc14d2bf861fce028506087fa64c31045712254bb719941fd4c84921b9f7ec
9df94f424b937ac31ae0168e18842f8f2488e98629996a3eaf95614f2940cb5d
9f2b5bd69d2708aecce6a7c75a2b76433e6caa72f72ce25bc3a785a53b1d15b6
9fe8a8e2261e527d5b294b5cd8781b93cecf8223e22ba45630345578599cf308
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a36500e83ddd457e5e41c712041085e300b4f4bb1776488a6393433895ae05ac
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a75430816a2fece641d3a899cde981419e436bd532f7fddfa06da700cda20171
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b5027926c44361f7719bdbbd6a0fb781e13842229b6ca68e38732b6fa40c6aa5
b86f968c4fa9d19bf131438f816036b7accf12cd726ab2ed05d04a96869b6010
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bd3e45dfb07a6cd3921b569d6d4dbcdb9b2141f7edc082873f1264d085aaace8
c2132a4328a5491a19eaa05be8842450315c338ed54cbcf4009c77e10fd56307
c2698cf6eb70b05240ee1df469915d4c4c33bc653bd4b4427b7c776c9c8c69bb
c812fe49a8e2d3566560c4a1526e150f21ddc5179c05bca844d719eb4fe5d9ba
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
cc5861e1b68d39ff2658b154db037e0ab20aeb049bfb251221afee115ea54c31
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cec2a729182e5d96055c73654d17990a0543ffa9134159a1b0b1c0d4dec02099
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d093eeff8b86d94c0f65ea0b61fe2d1e84a43c99e3a3d0d1c8a683933c768e40
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dab3de50e1ddfa138a0572ae7f02067f29b23ddead6fcd446114e23cbe558249
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfc6678e3b812f3097334f84e4f7ed816c8339cd0f1a5e5b90281e8c3374d463
e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cf1a92fb54f3d317bcbf1e119fbb30001894516565b01b6730fe9f10ede235
e8098c6938d10947bf06e59e59b684daf1ef70c1e520bd7e6d4d85e28ee94f00
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f60126adef3f76bf6db4a26fd70b1c2d7c758d3307866883ac7bcf0a456b9aa5
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
f784e4a8bb0cee3ec5be0a59c80631ce8375c1070a7b7b3d9924df6dcbe006f3
fb35a034a4ff7503c18a34b0d51b486451f688bcf99e24760c27fa7ce0dff02d
fbafd37b04603f38be311dca28a3e5ff54b8117a0bf6b56ba37674367c863dd7
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe3b329d66373545c65aafb1164336442f7b2a5c3204c6ddbf5a22e1f34a7f3d

cf.spybriefing.com Open in urlscan Pro 2606:4700::6810:fc2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

181 Requests

90 %HTTPS

37 %IPv6

67 Domains

90 Subdomains

79 IPs

9 Countries

6762 kBTransfer

13030 kBSize

97 Cookies

3 Outgoing links

Page URL History

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cf.spybriefing.com Open in urlscan Pro
2606:4700::6810:fc2 Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

90 %
HTTPS

37 %
IPv6

67
Domains

90
Subdomains

79
IPs

9
Countries

6762 kB
Transfer

13030 kB
Size

97
Cookies

181 HTTP transactions
0 data transactions