www.ictiva.com Open in urlscan Pro
46.183.117.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://agsenglo.com/cdc/XaWRfaz0zODAmaWRfYz0yMjcmaWRfZT1lbGVuYS5jYXN0ZWxsb0BzdWV6LmNvbSZpZF9hPTEmaWRfbD0zNzQ1LTBlZGV...
Effective URL:
https://www.ictiva.com/usuarios/login/
Submission: On May 17 via manual (May 17th 2021, 10:04:19 am UTC) from SN

Summary HTTP 62 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 23 domains to perform 62 HTTP transactions. The main IP is 46.183.117.49, located in Barcelona, Spain and belongs to CLOUDING, ES. The main domain is www.ictiva.com.
TLS certificate: Issued by R3 on May 7th 2021. Valid for: 3 months.

This is the only time www.ictiva.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	94.127.191.191 94.127.191.191	50926 (AXARNET-AS) (AXARNET-AS)
14	46.183.117.49 46.183.117.49	49635 (CLOUDING) (CLOUDING)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:3e00:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::ac43:4b3f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.111.230.79 104.111.230.79	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	99.86.2.29 99.86.2.29	16509 (AMAZON-02) (AMAZON-02)
1	13.224.95.70 13.224.95.70	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f03... 2a03:2880:f030:13:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::6815:57ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	144.76.91.199 144.76.91.199	24940 (HETZNER-AS) (HETZNER-AS)
1	212.83.50.108 212.83.50.108	47447 (TTM) (TTM)
2	104.109.83.200 104.109.83.200	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f13... 2a03:2880:f130:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	13.32.25.19 13.32.25.19	16509 (AMAZON-02) (AMAZON-02)
1	13.224.95.8 13.224.95.8	16509 (AMAZON-02) (AMAZON-02)
4	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
2 3	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
1	37.157.6.234 37.157.6.234	198622 (ADFORM) (ADFORM)
2 4	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
62	27

3 94.127.191.191 (Spain) 3 redirects

ASN50926 (AXARNET-AS, ES)
PTR: mailsrv30.abseli.net

agsenglo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
marketing.senderglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 46.183.117.49 (Barcelona, Spain)

ASN49635 (CLOUDING, ES)
PTR: f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host

www.ictiva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:3e00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4b3f (United States)

ASN13335 (CLOUDFLARENET, US)

www.artfut.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.230.79 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-79.deploy.static.akamaitechnologies.com

appleid.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.2.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-29.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.95.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-70.zrh50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f030:13:face:b00c:0:3 (France)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:57ae (United States)

ASN13335 (CLOUDFLARENET, US)

www.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.91.199 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.83.50.108 (Germany)

ASN47447 (TTM, DE)

r.adserver01.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.83.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-83-200.deploy.static.akamaitechnologies.com

config1.veinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f130:83:face:b00c:0:25de (France)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.25.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-25-19.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.95.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-8.zrh50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

8622247.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.24 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	ictiva.com www.ictiva.com	43 KB
6	doubleclick.net 3 redirects 8622247.fls.doubleclick.net 5994599.fls.doubleclick.net	3 KB
6	cookielaw.org cdn.cookielaw.org	110 KB
4	adform.net 2 redirects track.adform.net s2.adform.net	30 KB
4	mathtag.com pixel.mathtag.com	3 KB
4	facebook.net connect.facebook.net	161 KB
3	google.de adservice.google.de	789 B
3	google.com adservice.google.com	2 KB
3	gstatic.com fonts.gstatic.com	53 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	61 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	artfut.com www.artfut.com	17 KB
2	facebook.com www.facebook.com	496 B
2	veinteractive.com config1.veinteractive.com	3 KB
2	redintelligence.net 1 redirects hal9000.redintelligence.net	2 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	34 KB
2	senderglobal.com 2 redirects marketing.senderglobal.com	683 B
1	adserver01.de r.adserver01.de	1 KB
1	ad4mat.net www.ad4mat.net	778 B
1	googletagmanager.com www.googletagmanager.com	40 KB
1	cdn-apple.com appleid.cdn-apple.com	17 KB
1	dwin1.com www.dwin1.com	8 KB
1	agsenglo.com 1 redirects agsenglo.com	356 B
62	23

	Domain	Requested by
14	www.ictiva.com	www.ictiva.com
6	cdn.cookielaw.org	www.ictiva.com cdn.cookielaw.org
4	5994599.fls.doubleclick.net	2 redirects hal9000.redintelligence.net
4	pixel.mathtag.com	hal9000.redintelligence.net
4	connect.facebook.net	www.ictiva.com connect.facebook.net
3	adservice.google.de	adservice.google.com
3	adservice.google.com	5994599.fls.doubleclick.net 8622247.fls.doubleclick.net
3	track.adform.net	2 redirects hal9000.redintelligence.net
3	fonts.gstatic.com	fonts.googleapis.com
3	sb.scorecardresearch.com	1 redirects www.ictiva.com
3	www.artfut.com	www.ictiva.com www.artfut.com
2	8622247.fls.doubleclick.net	1 redirects hal9000.redintelligence.net
2	www.facebook.com	www.ictiva.com
2	config1.veinteractive.com	www.dwin1.com config1.veinteractive.com
2	hal9000.redintelligence.net	1 redirects www.dwin1.com
2	marketing.senderglobal.com	2 redirects
1	s2.adform.net	hal9000.redintelligence.net
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	r.adserver01.de	www.dwin1.com
1	www.ad4mat.net	www.dwin1.com
1	www.googletagmanager.com	www.ictiva.com
1	static.hotjar.com	www.ictiva.com
1	appleid.cdn-apple.com	www.ictiva.com
1	www.dwin1.com	www.ictiva.com
1	fonts.googleapis.com	www.ictiva.com
1	ajax.googleapis.com	www.ictiva.com
1	agsenglo.com	1 redirects
62	28

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
instagram.com
onetrust.com

Subject Issuer	Validity	Valid
www.ictiva.com R3	`2021-05-07` - `2021-08-05`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.dwin1.com Amazon	`2020-12-04` - `2022-01-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-09-02` - `2021-09-02`	a year	crt.sh
appleid.cdn-apple.com Apple Public EV Server RSA CA 2 - G1	`2021-01-19` - `2022-02-18`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
redintelligence.net R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
*.adserver01.de Sectigo RSA Domain Validation Secure Server CA	`2020-12-21` - `2022-01-12`	a year	crt.sh
*.veinteractive.com DigiCert SHA2 Secure Server CA	`2020-04-14` - `2021-07-14`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh

This page contains 12 frames:

Primary Page: https://www.ictiva.com/usuarios/login/
Frame ID: C4A0FA20A420B1A235DE58853A1FD36A
Requests: 46 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1
Frame ID: E68A47BB970665980DD5CD87EDBFDF5F
Requests: 7 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: 96E26769FC587A06C9167BB9A0AF02CE
Requests: 1 HTTP requests in this frame

Frame: https://8622247.fls.doubleclick.net/activityi;dc_pre=CK_xubK70PACFYSCewodV-ED8A;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2608019844585.2363
Frame ID: 98406CBA944971789DBB7B04183A4837
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CP2XubK70PACFeDUEQgdfwoJvw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6312123900118.66
Frame ID: 146FD650A8563A931D43AA447D789244
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIyUubK70PACFcSUewodtSMMYQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7873251637695.122
Frame ID: E8D660D71D7ABCE154454CB0C5EFF73A
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CP2XubK70PACFeDUEQgdfwoJvw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6312123900118.66;~oref=https://hal9000.redintelligence.net/
Frame ID: B0CC7A0A5D8119B9067A3D78D4DE7BD3
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIyUubK70PACFcSUewodtSMMYQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7873251637695.122;~oref=https://hal9000.redintelligence.net/
Frame ID: 354AFBA36CEAF5A91BB818B4CB98054C
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CK_xubK70PACFYSCewodV-ED8A;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2608019844585.2363;~oref=https://hal9000.redintelligence.net/
Frame ID: 01FBA6C1B8D1FA06C3503FA66805B603
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CP2XubK70PACFeDUEQgdfwoJvw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6312123900118.66;~oref=https://hal9000.redintelligence.net/
Frame ID: 021727F7CDF298EF8E4D697B467B99A5
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CIyUubK70PACFcSUewodtSMMYQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7873251637695.122;~oref=https://hal9000.redintelligence.net/
Frame ID: EA12170D0D60FEEAFE63D7DA32C48ABC
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CK_xubK70PACFYSCewodV-ED8A;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2608019844585.2363;~oref=https://hal9000.redintelligence.net/
Frame ID: CC5A37726AB84D43C236387E9F62569A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://agsenglo.com/cdc/XaWRfaz0zODAmaWRfYz0yMjcmaWRfZT1lbGVuYS5jYXN0ZWxsb0BzdWV6LmNvbSZpZF9hPTE... HTTP 301
http://marketing.senderglobal.com/cdc/XaWRfaz0zODAmaWRfYz0yMjcmaWRfZT1lbGVuYS5jYXN0ZWxsb0BzdWV6LmNvbSZpZF9hPTE... HTTP 302
http://marketing.senderglobal.com/sgtrack.php?id_k=380&id_c=227&id_e=elena.castello@suez.com&id_a=1&id_l=3745 HTTP 302
https://www.ictiva.com/usuarios/login/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

62
Requests

100 %
HTTPS

44 %
IPv6

23
Domains

28
Subdomains

27
IPs

5
Countries

594 kB
Transfer

1996 kB
Size

8
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/ictivatugimnasioencasa/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/ictiva
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ictiva
Title: YouTube

Search URL Search Domain Scan URL

URL: https://instagram.com/ictiva/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://agsenglo.com/cdc/XaWRfaz0zODAmaWRfYz0yMjcmaWRfZT1lbGVuYS5jYXN0ZWxsb0BzdWV6LmNvbSZpZF9hPTEmaWRfbD0zNzQ1LTBlZGVlYw,, HTTP 301
http://marketing.senderglobal.com/cdc/XaWRfaz0zODAmaWRfYz0yMjcmaWRfZT1lbGVuYS5jYXN0ZWxsb0BzdWV6LmNvbSZpZF9hPTEmaWRfbD0zNzQ1LTBlZGVlYw,, HTTP 302
http://marketing.senderglobal.com/sgtrack.php?id_k=380&id_c=227&id_e=elena.castello@suez.com&id_a=1&id_l=3745 HTTP 302
https://www.ictiva.com/usuarios/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://sb.scorecardresearch.com/b?c1=2&c2=8731705&ns__t=1621245838269&ns_c=UTF-8&cv=3.5&c8=Inicia%20sesi%C3%B3n%20-%20ictiva&c7=https%3A%2F%2Fwww.ictiva.com%2Fusuarios%2Flogin%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=8731705&ns__t=1621245838269&ns_c=UTF-8&cv=3.5&c8=Inicia%20sesi%C3%B3n%20-%20ictiva&c7=https%3A%2F%2Fwww.ictiva.com%2Fusuarios%2Flogin%2F&c9=

Request Chain 31

https://hal9000.redintelligence.net/retarget?a=25611&version=1 HTTP 302
https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1

Request Chain 48

https://8622247.fls.doubleclick.net/activityi;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2608019844585.2363 HTTP 302
https://8622247.fls.doubleclick.net/activityi;dc_pre=CK_xubK70PACFYSCewodV-ED8A;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2608019844585.2363

Request Chain 49

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 50

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6312123900118.66 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CP2XubK70PACFeDUEQgdfwoJvw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6312123900118.66

Request Chain 51

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7873251637695.122 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIyUubK70PACFcSUewodtSMMYQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7873251637695.122

Request Chain 57

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=608032220855&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ictiva.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D25611%26version%3D1%26redirected%3D1 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=608032220855&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ictiva.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D25611%26version%3D1%26redirected%3D1

62 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ictiva.com/usuarios/login/
Redirect Chain

http://agsenglo.com/cdc/XaWRfaz0zODAmaWRfYz0yMjcmaWRfZT1lbGVuYS5jYXN0ZWxsb0BzdWV6LmNvbSZpZF9hPTEmaWRfbD0zNzQ1LTBlZGVlYw,,
http://marketing.senderglobal.com/cdc/XaWRfaz0zODAmaWRfYz0yMjcmaWRfZT1lbGVuYS5jYXN0ZWxsb0BzdWV6LmNvbSZpZF9hPTEmaWRfbD0zNzQ1LTBlZGVlYw,,
http://marketing.senderglobal.com/sgtrack.php?id_k=380&id_c=227&id_e=elena.castello@suez.com&id_a=1&id_l=3745
https://www.ictiva.com/usuarios/login/

18 KB
6 KB

121ms
52ms

Document
text/html

46.183.117.49
CLOUDING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ictiva.com/usuarios/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES),
Reverse DNS: f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host
Software: nginx /
Resource Hash: 3fa61e28ea2792ea7773314b49ff644149162432d5d548769f95b8014ad751ca

Request headers

:method: GET
:authority: www.ictiva.com
:scheme: https
:path: /usuarios/login/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Mon, 17 May 2021 10:03:58 GMT
content-type: text/html; charset=UTF-8
content-length: 5919
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: PHPSESSID=8d367ff7341eb53aef29deb0f1f030ad; expires=Mon, 17-May-2021 12:50:38 GMT; Max-Age=10000; path=/
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

Date: Mon, 17 May 2021 10:03:57 GMT
Server: Apache
X-Powered-By: PHP/5.6.40 PleskLin
Location: https://www.ictiva.com/usuarios/login/
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 screen.css
www.ictiva.com/css/ 157 KB
20 KB 61ms
61ms Stylesheet
text/css 46.183.117.49
CLOUDING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ictiva.com/css/screen.css
Requested by: Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES),
Reverse DNS: f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host
Software: nginx /
Resource Hash: f7152bb587e00561d78dd73a68a79d62f71cfbf986001f6d7dba0e752ac2071f

Request headers

:path: /css/screen.css
pragma: no-cache
cookie: PHPSESSID=8d367ff7341eb53aef29deb0f1f030ad
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.ictiva.com
referer: https://www.ictiva.com/usuarios/login/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ictiva.com/usuarios/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: gzip
last-modified: Wed, 16 Dec 2020 09:41:55 GMT
server: nginx
etag: "274b3-5b691af88bfd0-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 20576

GET
H2 200 auxiliar.css
www.ictiva.com/css/ 18 B
149 B 40ms
39ms Stylesheet
text/css 46.183.117.49
CLOUDING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ictiva.com/css/auxiliar.css
Requested by: Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES),
Reverse DNS: f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host
Software: nginx /
Resource Hash: 1adeb028e615a654ebf218f188ad6bc841ad3851da01b28dc4af82ea77179108

Request headers

:path: /css/auxiliar.css
pragma: no-cache
cookie: PHPSESSID=8d367ff7341eb53aef29deb0f1f030ad
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.ictiva.com
referer: https://www.ictiva.com/usuarios/login/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ictiva.com/usuarios/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
last-modified: Wed, 14 Oct 2020 06:15:11 GMT
server: nginx
accept-ranges: bytes
etag: "12-5b19b74391e70"
content-length: 18
content-type: text/css

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
33 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 14:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 587464
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33593
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 May 2022 14:52:54 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
909 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@500;700&family=Open+Sans:wght@400;600;800&display=swap

Requested by

Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c1ddb3c890d7501f7aef0764dfe059820391a42c20911cfde0c7d839282702c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 May 2021 10:03:58 GMT
server: ESF
date: Mon, 17 May 2021 10:03:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 May 2021 10:03:58 GMT

GET
H2 200 11118.js Show response
www.dwin1.com/ 31 KB
8 KB 27ms
7ms Script
application/javascript 2600:9000:206f:3e00:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/11118.js
Requested by: Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a5ee03a6e23c1b86982bc2cd9b0cd716853a4d511eb07e3723ce42fa502fbe7

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4AFZQGuUCyhdfyQk7NRuELz7whvLUOYw
content-encoding: gzip
etag: W/"4750054f14ea335034f3da0b25ae899d"
age: 182
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 04 May 2021 09:43:57 GMT
server: AmazonS3
date: Mon, 17 May 2021 10:01:18 GMT
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
cache-control: max-age=600, s-maxage=600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ayPVD7uq2ZhRt49az-dtm3iZwbd2RWBlY_sfaMJprRkodqsIt-zJ_w==

GET
H2 200 tagtag.min.js Show response
www.artfut.com/static/ 3 KB
2 KB 77ms
55ms Script
application/javascript 2606:4700:20::ac43:4b3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.artfut.com/static/tagtag.min.js?campaign_code=7129a02e64

Requested by

Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::ac43:4b3f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edfc75726cf71265dd903eeb0f37bd74534194e42a0e6db6894beb6987023454

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 160
cf-request-id: 0a1b615b8000004e148d812000000001
pragma: public
last-modified: Mon, 21 Sep 2020 11:48:27 GMT
server: cloudflare
etag: W/"5f68930b-cb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z7FW6O2cADIW80AlnJb5xT%2Fe9Rsx3bHIxvNNj16AsgCSEeluEgkpuBT8gjfR8l29DVKA5C6%2BFylNmdn%2Fg4s35lg6hskaq4kbT0SKxbLHVgFsgCpyoRYpisbHjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1200, public
cf-ray: 650c04d8ad184e14-FRA
expires: Mon, 17 May 2021 10:21:18 GMT

GET
H2 200 logo_ictiva.svg
www.ictiva.com/img/ 7 KB
2 KB 46ms
44ms Image
image/svg+xml 46.183.117.49
CLOUDING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ictiva.com/img/logo_ictiva.svg
Requested by: Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES),
Reverse DNS: f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host
Software: nginx /
Resource Hash: e34002a4a90dc95d243621498abd551ad357bd93efbacfb2954038de119bbc36

Request headers

:path: /img/logo_ictiva.svg
pragma: no-cache
cookie: PHPSESSID=8d367ff7341eb53aef29deb0f1f030ad
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ictiva.com
referer: https://www.ictiva.com/usuarios/login/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ictiva.com/usuarios/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: br
last-modified: Thu, 01 Oct 2020 05:12:24 GMT
server: nginx
etag: W/"1d9b-5b0950fc041dc"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 logo_ictiva_white.svg
www.ictiva.com/img/ 7 KB
2 KB 49ms
47ms Image
image/svg+xml 46.183.117.49
CLOUDING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ictiva.com/img/logo_ictiva_white.svg
Requested by: Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES),
Reverse DNS: f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host
Software: nginx /
Resource Hash: 9d4908fd57cf83084ce3e3ff24ad40d3e8560ba1ec138dbb2ef822ad5732bc85

Request headers

:path: /img/logo_ictiva_white.svg
pragma: no-cache
cookie: PHPSESSID=8d367ff7341eb53aef29deb0f1f030ad
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ictiva.com
referer: https://www.ictiva.com/usuarios/login/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ictiva.com/usuarios/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: br
last-modified: Thu, 01 Oct 2020 05:12:24 GMT
server: nginx
etag: W/"1cda-5b0950fc041dc"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 perception-technologies.svg
www.ictiva.com/img/ 9 KB
3 KB 47ms
46ms Image
image/svg+xml 46.183.117.49
CLOUDING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ictiva.com/img/perception-technologies.svg
Requested by: Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES),
Reverse DNS: f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host
Software: nginx /
Resource Hash: a92bb4258e62097ba682743427e60b4d323cd4b613c01181d58ffb59a546f443

Request headers

:path: /img/perception-technologies.svg
pragma: no-cache
cookie: PHPSESSID=8d367ff7341eb53aef29deb0f1f030ad
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ictiva.com
referer: https://www.ictiva.com/usuarios/login/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ictiva.com/usuarios/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: br
last-modified: Mon, 02 Jan 2017 11:06:09 GMT
server: nginx
etag: W/"22fc-5451a89ed002e"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 modernizr.js Show response
www.ictiva.com/js/ 7 KB
3 KB 40ms
40ms Script
application/javascript 46.183.117.49
CLOUDING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ictiva.com/js/modernizr.js
Requested by: Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES),
Reverse DNS: f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host
Software: nginx /
Resource Hash: 885e0937e29c76f4559af0cb767d10c8d705838fcc2a47badb37ebcc9d75decb

Request headers

:path: /js/modernizr.js
pragma: no-cache
cookie: PHPSESSID=8d367ff7341eb53aef29deb0f1f030ad
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ictiva.com
referer: https://www.ictiva.com/usuarios/login/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ictiva.com/usuarios/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: gzip
last-modified: Mon, 02 Jan 2017 11:06:09 GMT
server: nginx
etag: "1db4-5451a89ed4e4e-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3069

GET
H2 200 fluidvids.js Show response
www.ictiva.com/js/ 1 KB
771 B 40ms
39ms Script
application/javascript 46.183.117.49
CLOUDING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ictiva.com/js/fluidvids.js
Requested by: Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES),
Reverse DNS: f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host
Software: nginx /
Resource Hash: 3767ff8dcebc558a1109e37dca37e47c4b26cbb3cb5c1d3040e150a0832782d9

Request headers

:path: /js/fluidvids.js
pragma: no-cache
cookie: PHPSESSID=8d367ff7341eb53aef29deb0f1f030ad
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ictiva.com
referer: https://www.ictiva.com/usuarios/login/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ictiva.com/usuarios/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: gzip
last-modified: Mon, 02 Jan 2017 11:06:09 GMT
server: nginx
etag: "459-5451a89ed4e4e-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 589

GET
H2 200 js.cookie.js Show response
www.ictiva.com/js/ 3 KB
2 KB 43ms
40ms Script
application/javascript 46.183.117.49
CLOUDING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ictiva.com/js/js.cookie.js
Requested by: Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES),
Reverse DNS: f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host
Software: nginx /
Resource Hash: 9df6e8c4bc8ea670d2f4da40a35a41772cc8857aca288a77acfa891cf1a54c36

Request headers

:path: /js/js.cookie.js
pragma: no-cache
cookie: PHPSESSID=8d367ff7341eb53aef29deb0f1f030ad
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ictiva.com
referer: https://www.ictiva.com/usuarios/login/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ictiva.com/usuarios/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: gzip
last-modified: Mon, 02 Jan 2017 11:06:09 GMT
server: nginx
etag: "d60-5451a89ed4e4e-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1387

GET
H2 200 jquery.placeholder.min.js Show response
www.ictiva.com/js/ 3 KB
1 KB 50ms
48ms Script
application/javascript 46.183.117.49
CLOUDING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ictiva.com/js/jquery.placeholder.min.js
Requested by: Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES),
Reverse DNS: f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host
Software: nginx /
Resource Hash: 380fd24db43b138332d8b904d3009051e30fadec1616e3ef2853e0a9dc010ee3

Request headers

:path: /js/jquery.placeholder.min.js
pragma: no-cache
cookie: PHPSESSID=8d367ff7341eb53aef29deb0f1f030ad
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ictiva.com
referer: https://www.ictiva.com/usuarios/login/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ictiva.com/usuarios/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: gzip
last-modified: Mon, 02 Jan 2017 11:06:09 GMT
server: nginx
etag: "a9f-5451a89ed4e4e-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1157

GET
H/1.1 200
OK appleid.auth.js Show response
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 42 KB
17 KB 133ms
35ms Script
application/javascript 104.111.230.79
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js

Requested by

Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.230.79 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-230-79.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

dc63b766a90c33d4c847743e12e55f2050403bfa26151e261104186aa5a035f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Thu, 13 May 2021 21:52:49 GMT
Server: Apple
ETag: W/"42671-1620942769639"
Vary: accept-encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400,stale-while-revalidate=86400
Date: Mon, 17 May 2021 10:03:58 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17246

GET
H2 200 print.css
www.ictiva.com/css/ 3 KB
753 B 47ms
46ms Stylesheet
text/css 46.183.117.49
CLOUDING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ictiva.com/css/print.css
Requested by: Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES),
Reverse DNS: f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host
Software: nginx /
Resource Hash: 1896e0509fcd440361382e116e018c02a116a5a88e5330352236a47e063d3b63

Request headers

:path: /css/print.css
pragma: no-cache
cookie: PHPSESSID=8d367ff7341eb53aef29deb0f1f030ad
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.ictiva.com
referer: https://www.ictiva.com/usuarios/login/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ictiva.com/usuarios/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 05:12:24 GMT
server: nginx
etag: "af4-5b0950fbff3bc-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 581

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 79ms
24ms Script
application/javascript 99.86.2.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-29.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:36:45 GMT
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1633
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: plj3KrjXlVnmPS28bXCRX83_GyOGrbPfgKCZnNUhVCf3x8mHMnNnCA==

GET
H2 200 hotjar-126493.js Show response
static.hotjar.com/c/ 6 KB
2 KB 154ms
74ms Script
application/javascript 13.224.95.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-126493.js?sv=5

Requested by

Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.95.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-95-70.zrh50.r.cloudfront.net

Software

Resource Hash

8a0fc361e5a8551ef9e7bb27a2541e2fa4d77b256c7f1ddf06842149f4aa5cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: ZRH50-C1
etag: W/473a8bf20baf91dd64cd56c77346ec4e
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1808
via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
x-amz-cf-id: Ewf0m9SR5-mzwODwEMprSLz6nZ9Gps3sk0YpVaOf94OuRELUrvi1nQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 50ms
16ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: fkHbRQQa80LgnkzZcM3Davl4YMh1diXcvgE+dfqdjm2s0USF7xdtGXcBZODGz/GMeyn+N1a4Y/5lNjpDnKACmQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 17 May 2021 10:03:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 128 KB
40 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PRF3HL

Requested by

Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1cb7a56010078ae0cd255d20bdf33ca01f156dc7b6491ca4997b50ecf97f1c4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41089
x-xss-protection: 0
last-modified: Mon, 17 May 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 May 2021 10:03:58 GMT

GET
H2 200 icon-cross.svg
www.ictiva.com/img/ 1 KB
756 B 47ms
46ms Image
image/svg+xml 46.183.117.49
CLOUDING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ictiva.com/img/icon-cross.svg
Requested by: Host: www.ictiva.com
URL: https://www.ictiva.com/css/screen.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES),
Reverse DNS: f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host
Software: nginx /
Resource Hash: a055f096d096c43bf118a01fd406311b32a9fe88b26ecb9a72815eb04fc7e690

Request headers

:path: /img/icon-cross.svg
pragma: no-cache
cookie: PHPSESSID=8d367ff7341eb53aef29deb0f1f030ad
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ictiva.com
referer: https://www.ictiva.com/css/screen.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ictiva.com/css/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: br
last-modified: Thu, 01 Oct 2020 05:12:24 GMT
server: nginx
etag: W/"582-5b0950fc0323c"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;700&family=Open+Sans:wght@400;600;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ictiva.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:03 GMT
server: sffe
age: 86420
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19272
x-xss-protection: 0
expires: Mon, 16 May 2022 10:03:38 GMT

GET
H2 200 icon-access-facebook.svg
www.ictiva.com/img/ 2 KB
909 B 40ms
39ms Image
image/svg+xml 46.183.117.49
CLOUDING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ictiva.com/img/icon-access-facebook.svg
Requested by: Host: www.ictiva.com
URL: https://www.ictiva.com/css/screen.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES),
Reverse DNS: f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host
Software: nginx /
Resource Hash: 9453ba396933b14c1ac7e64c6c1cc814c1c991e1f5bcf0a00d2c84dd0de87054

Request headers

:path: /img/icon-access-facebook.svg
pragma: no-cache
cookie: PHPSESSID=8d367ff7341eb53aef29deb0f1f030ad
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ictiva.com
referer: https://www.ictiva.com/css/screen.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ictiva.com/css/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: br
last-modified: Thu, 01 Oct 2020 05:12:24 GMT
server: nginx
etag: W/"841-5b0950fc0229c"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 icon-circle.svg
www.ictiva.com/img/ 707 B
505 B 39ms
38ms Image
image/svg+xml 46.183.117.49
CLOUDING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ictiva.com/img/icon-circle.svg
Requested by: Host: www.ictiva.com
URL: https://www.ictiva.com/css/screen.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.183.117.49 Barcelona, Spain, ASN49635 (CLOUDING, ES),
Reverse DNS: f570eb3c-d3a1-4077-8739-2316586c245b.clouding.host
Software: nginx /
Resource Hash: 21fd5ce97157e45922b40c154bed21462ce4f9fb0762fc64005fdcd549c1bafb

Request headers

:path: /img/icon-circle.svg
pragma: no-cache
cookie: PHPSESSID=8d367ff7341eb53aef29deb0f1f030ad
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ictiva.com
referer: https://www.ictiva.com/css/screen.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ictiva.com/css/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: br
last-modified: Thu, 01 Oct 2020 05:12:24 GMT
server: nginx
etag: W/"2c3-5b0950fc0229c"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 18ms
15ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;700&family=Open+Sans:wght@400;600;800&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ictiva.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 04:11:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 107548
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
expires: Mon, 16 May 2022 04:11:30 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 23ms
20ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;700&family=Open+Sans:wght@400;600;800&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75db69592337280529fdc6448185b1cb88a50dbe9b498718f45ba52907e8aba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ictiva.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:00:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:38 GMT
server: sffe
age: 302614
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15088
x-xss-protection: 0
expires: Fri, 13 May 2022 22:00:24 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 17 KB
6 KB 12ms
12ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40f12e335914950b4f2058dbcbbee727f3f7542399ec6b2e98256480ea91aa49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: pE7xqZRyx6XQkryUB7ni+A==
age: 2341
vary: Accept-Encoding
content-length: 5801
cf-request-id: 0a1b615bb200004e4fc83df000000001
x-ms-lease-status: unlocked
last-modified: Fri, 14 May 2021 01:47:06 GMT
server: cloudflare
etag: 0x8D9167A2E5FD52B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: fa14a1d8-401e-0177-4670-481bf2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 650c04d91f244e4f-FRA

GET
H3-29 200 1726290627612934 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 18ms
17ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1726290627612934?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ffe9e3c51bf3a2d26fecb5573fdf1f941817428f6d9b036454f74f09c8b8917

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74109
x-fb-rlafr: 0
pragma: public
x-fb-debug: gy60KDB7LDkrKLq/AeFKdW1beLUzGlEKMNboYfff7rMmEpCOoyi5dcx3vnmMC4nhyjyfI+xeNBWUpPywgsITtw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 17 May 2021 10:03:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=8731705&ns__t=1621245838269&ns_c=UTF-8&cv=3.5&c8=Inicia%20sesi%C3%B3n%20-%20ictiva&c7=https%3A%2F%2Fwww.ictiva.com%2Fusuarios%2Flogin%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=8731705&ns__t=1621245838269&ns_c=UTF-8&cv=3.5&c8=Inicia%20sesi%C3%B3n%20-%20ictiva&c7=https%3A%2F%2Fwww.ictiva.com%2Fusuarios%2Flogin%2F&c9=

64 B
329 B

26ms
25ms

Image
image/gif

99.86.2.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=8731705&ns__t=1621245838269&ns_c=UTF-8&cv=3.5&c8=Inicia%20sesi%C3%B3n%20-%20ictiva&c7=https%3A%2F%2Fwww.ictiva.com%2Fusuarios%2Flogin%2F&c9=
Requested by: Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-29.fra6.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: KGBA9kH6pAkMLLJ--W4YW88ZtG5ZpaWdyft65yiZ1DQglfgrjEyDjA==

Redirect headers

date: Mon, 17 May 2021 10:03:58 GMT
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=8731705&ns__t=1621245838269&ns_c=UTF-8&cv=3.5&c8=Inicia%20sesi%C3%B3n%20-%20ictiva&c7=https%3A%2F%2Fwww.ictiva.com%2Fusuarios%2Flogin%2F&c9=
content-length: 206
x-amz-cf-id: 80yQVkwHnkWiQTCJ_0UvF9hjayyaIA4hcqrfJsECZsv95Zx9-boE4A==

GET
H2 200 52585c03-5407-4ad2-a7b9-16896987ff12.json Show response
cdn.cookielaw.org/consent/52585c03-5407-4ad2-a7b9-16896987ff12/ 3 KB
2 KB 47ms
46ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/52585c03-5407-4ad2-a7b9-16896987ff12/52585c03-5407-4ad2-a7b9-16896987ff12.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89726ef1d879db62d7af754c765150dbaaef992f97294032d073a0591897199d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: xgkmZPIWxgkBF5GiaahTCg==
age: 4946
vary: Accept-Encoding
content-length: 1211
cf-request-id: 0a1b615bc200004aa90c839000000001
x-ms-lease-status: unlocked
last-modified: Thu, 13 May 2021 10:01:26 GMT
server: cloudflare
etag: 0x8D915F61280DD5C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8a4b2b4f-801e-0047-5156-48078d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 650c04d93fb64aa9-FRA

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 16ms
15ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ac678db61154e1cb5f6956e365061c481f81cdb167bdfb7cc3891608a55be275

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: AkJTApKs+cu2RSaaWgZuxw==
cross-origin-resource-policy: cross-origin
expires: Mon, 17 May 2021 10:21:25 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: oTXf8xh/UCue6x3glpMAAguwHKG4LjpDRgtyIdE8bquOYaXSDyOyt/XmMS2OySR/pjaWxOu2mWFFnuclpwfeEQ==
x-fb-content-md5: 4e7b765015ed309788280467a92ecc9a
date: Mon, 17 May 2021 10:03:58 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "21b38553b64d2bcb0beeb8dcde434e33"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 ck_tracker.php Show response
www.ad4mat.net/ads/js/ 408 B
778 B 61ms
36ms Script
text/html 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ad4mat.net/ads/js/ck_tracker.php?adspaceId=15668&mt=1&country=es.ad4mat.net&sprd=false
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/11118.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1250793c3aaff385ddfdfcf824e5b40852b21ff0c6ac5d55192e23295bebeac7

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 650c04d99acac2d1-FRA
x-cache: HIT
p3p: CP="NOI CUR OUR STP", policyref="/w3c/p3p.ad4mat.xml
content-type: text/html
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TZ5WPBZy89viLiHsmRmd3KtPQwzRcP47SvrLZDZbdMt1DCzFvq4WpkS7F7g0l4lnil4v0n8Zy9EvRynwAtLas6JGTsXj%2Bv2UlwaAs0pUxlm9ilI753%2Ffv3Zzow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1b615bfb0000c2d168157000000001

GET
H/1.1

200
OK

Cookie set retarget Show response
hal9000.redintelligence.net/ Frame E68A
Redirect Chain

https://hal9000.redintelligence.net/retarget?a=25611&version=1
https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1

3 KB
1 KB

146ms
76ms

Document
text/html

144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/11118.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 5a1d5180a291f8fb06b8e040d43b13715ce02b436486fc7161dafd9cc0af2785

Request headers

Host: hal9000.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ictiva.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=bf4ec1cc8ce3aefe
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ictiva.com/

Response headers

Date: Mon, 17 May 2021 10:03:58 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=bf4ec1cc8ce3aefe; expires=Sun, 15-Aug-2021 10:03:58 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 836
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Mon, 17 May 2021 10:03:58 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=bf4ec1cc8ce3aefe; expires=Sun, 15-Aug-2021 10:03:58 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: ?a=25611&version=1&redirected=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK data.php Show response
r.adserver01.de/znsa/ 948 B
1 KB 80ms
28ms Script
application/javascript 212.83.50.108
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://r.adserver01.de/znsa/data.php?url=&page=generic&token=ictiva_es&value=
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/11118.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.83.50.108 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: nginx /
Resource Hash: d19a703e7771165be006db017566145856e23a5f0aae0598eab9cff707ff3d56

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 10:03:58 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK tag.js Show response
config1.veinteractive.com/tags/AFDC348F/FCE0/4152/B0F4/9958F7500D4D/ 4 KB
2 KB 83ms
24ms Script
application/javascript 104.109.83.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://config1.veinteractive.com/tags/AFDC348F/FCE0/4152/B0F4/9958F7500D4D/tag.js
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/11118.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.83.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-83-200.deploy.static.akamaitechnologies.com
Software: VeGlobal /
Resource Hash: d50ce003678da9eb8d428547c5cd299a622a8aab98f82279d9893bdcf8d37d81

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Mon, 17 May 2021 10:03:58 GMT
Content-Encoding: gzip
Content-MD5: kpoDDABSmjW0jsUL791obA==
Connection: keep-alive
Content-Length: 1401
x-ms-lease-status: unlocked
Last-Modified: Tue, 19 Sep 2017 12:08:03 GMT
Server: VeGlobal
ETag: 0x8D4FF5714A98D49
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-ms-request-id: 7cdbd1fe-301e-00a7-2363-3b5276000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: max-age=1640, s-maxage=1800
x-ms-version: 2009-09-19

GET
DATA 200
OK truncated
/ 5 KB
5 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0735a748bf70ad519969fbf64f7c8ef3072a1bdda68b420aee14dc43e5e080cd

Request headers

Origin: https://www.ictiva.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 tracking.min.js Show response
www.artfut.com/static/ 26 KB
7 KB 18ms
17ms Script
application/javascript 2606:4700:20::ac43:4b3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.artfut.com/static/tracking.min.js

Requested by

Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=7129a02e64

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::ac43:4b3f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d4e3bd1621e63bb4bfbae3c3275134b26016bb76175fefe9c5998f8ade1009c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1152
cf-request-id: 0a1b615bf600004e14a019c000000001
pragma: public
last-modified: Mon, 21 Sep 2020 11:48:28 GMT
server: cloudflare
etag: W/"5f68930c-686e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lA0R88iNI1dEqhN66newu8V556KjNkaU%2FF8y%2FJDClPjrcgFNfUDOPKp%2FMg3x6vTNA5AQkHorpNwp6smzmANGUBF9u26B9r%2BL5yZY7L5SvXZoWIss6cxqcyFTfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1200, public
cf-ray: 650c04d98f8d4e14-FRA
expires: Mon, 17 May 2021 10:04:46 GMT

GET
H2 200 crossdevice.min.js Show response
www.artfut.com/static/ 25 KB
8 KB 20ms
20ms Script
application/javascript 2606:4700:20::ac43:4b3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.artfut.com/static/crossdevice.min.js

Requested by

Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=7129a02e64

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::ac43:4b3f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cd07e6c64768b866c81e2e1cc61f88f631f377a3afc426d7b0c9de3875e65ae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1189
cf-request-id: 0a1b615bfb00004e14642b8000000001
pragma: public
last-modified: Mon, 21 Sep 2020 11:48:27 GMT
server: cloudflare
etag: W/"5f68930b-655c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cTQOKvg3kZVjg5aYn%2BxoaHSC6RG%2BVhzZaz33hvV0T2lf248bEWUEFiVcx9LaWQotDy7t90nb%2FdardDmvuB2I5R%2BkB0TjQTUVAnn5FQjB845n1o2dyEESmdpOmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1200, public
cf-ray: 650c04d98f8f4e14-FRA
expires: Mon, 17 May 2021 10:04:09 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.10.0/ 356 KB
78 KB 17ms
16ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Bh9exWOPGIwRshWljrtlEw==
age: 4799234
vary: Accept-Encoding
content-length: 79698
cf-request-id: 0a1b615bff00004e4fe9aa1000000001
x-ms-lease-status: unlocked
last-modified: Thu, 03 Dec 2020 02:43:00 GMT
server: cloudflare
etag: 0x8D89735260901BC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d2c8b7b7-501e-00a0-685d-1f1780000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 650c04d998224e4f-FRA
expires: Tue, 25 May 2021 10:03:58 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 52ms
16ms Image
image/gif 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1726290627612934&ev=PageView&dl=https%3A%2F%2Fwww.ictiva.com%2Fusuarios%2Flogin%2F&rl=&if=false&ts=1621245838356&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1621245838354.1692992631&it=1621245838266&coo=false&exp=l0&rqm=GET

Requested by

Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 17 May 2021 10:03:58 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 213 KB
63 KB 18ms
17ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=d56621faee32508b67132f4589cae7df&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fc570a3950016fbb0b473907bae62cada3db9ce22dd0d0b130eb04c8f46c429e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.ictiva.com
Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: VQfOsxvUOS5tPbsFdxYeng==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 64606
x-fb-rlafr: 0
x-fb-debug: C0KJo9+2Y52wY20BRCiNQ6RZbAqrMz/FMxnXpDh68jF/AOx+y0smURWD8hreQ/aiaXPjOW1u/GTRbAeV6+0Usw==
x-fb-content-md5: 4cbb6d051e0cc81404d8642141cf5566
x-frame-options: DENY
date: Mon, 17 May 2021 10:03:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "16263aa3f99538c983ff058e93178394"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 17 May 2022 08:24:19 GMT

GET
H2 200 modules.0fd8b750824023792fba.js Show response
script.hotjar.com/ 220 KB
58 KB 80ms
30ms Script
application/javascript 13.32.25.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0fd8b750824023792fba.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-126493.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.25.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-25-19.fra56.r.cloudfront.net

Software

Resource Hash

65cef8a94d8a09cac56b85e15c92c37ea129d38a094fa8e1f3fd812a550b74be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:37:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 440813
x-cache: Hit from cloudfront
content-length: 59191
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 07:37:04 GMT
etag: "cd11ca1a90eced753504203f173db976"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 8e83c42d247a31c5b365c08a0352d8f9.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: MzyoYHaGTwD2-VKsFgQZyVx9oRfP9LI_FQXU6G6HFL4kQDYDL9WfjA==

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/52585c03-5407-4ad2-a7b9-16896987ff12/fd68d806-fa03-4eb7-b277-6f2fe5d38860/ 45 KB
10 KB 12ms
12ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/52585c03-5407-4ad2-a7b9-16896987ff12/fd68d806-fa03-4eb7-b277-6f2fe5d38860/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a062bba36d43bfbf68bd41b858d306d1847f3689c6e93339a7f09556eb1de70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ria5g1fn3Ewv/W3TdUNLVg==
age: 159
vary: Accept-Encoding
content-length: 9911
cf-request-id: 0a1b615c2f00004aa916bb2000000001
x-ms-lease-status: unlocked
last-modified: Thu, 13 May 2021 10:01:27 GMT
server: cloudflare
etag: 0x8D915F612DE0345
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: fcb19289-301e-0178-5f07-49f604000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 650c04d9e9bf4aa9-FRA

GET
H/1.1 200
OK capture-apps-5.0.0.js Show response
config1.veinteractive.com/scripts/5.0-empty/ 0
631 B 85ms
35ms Script
application/javascript 104.109.83.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://config1.veinteractive.com/scripts/5.0-empty/capture-apps-5.0.0.js

Requested by

Host: config1.veinteractive.com
URL: https://config1.veinteractive.com/tags/AFDC348F/FCE0/4152/B0F4/9958F7500D4D/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.83.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-83-200.deploy.static.akamaitechnologies.com

Software

VeGlobal /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Origin: https://www.ictiva.com
Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 17 May 2021 10:03:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Sep 2017 13:24:39 GMT
Server: VeGlobal
ETag: 0x8D4F91874446411
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-ms-request-id: f2ffd5e2-701e-010e-7535-48c1cb000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1;mode=block

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.10.0/assets/ 9 KB
3 KB 16ms
16ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

452ee2471448cc6b716090a014cf7fc9cc515998bda9dcc334aa073a72a591e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: SH1nUCPouc1JVrHnvxpQbg==
age: 294346
vary: Accept-Encoding
content-length: 2857
cf-request-id: 0a1b615c4400004aa90a16d000000001
x-ms-lease-status: unlocked
last-modified: Thu, 03 Dec 2020 02:42:51 GMT
server: cloudflare
etag: 0x8D89735210A49EB
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6ec8ff85-c01e-0122-2c56-48f085000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 650c04da0a0d4aa9-FRA
expires: Tue, 25 May 2021 10:03:58 GMT

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/ 46 KB
11 KB 17ms
16ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b27f686e9c39188ff63e191cc3efb6500a6c6d06f2d1d2ec27ceb623a2ecacc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ydfMbMpHX/N/aS5YhkXXwQ==
age: 400856
vary: Accept-Encoding
content-length: 11336
cf-request-id: 0a1b615c4400004aa9db912000000001
x-ms-lease-status: unlocked
last-modified: Thu, 03 Dec 2020 02:42:53 GMT
server: cloudflare
etag: 0x8D89735220FDD9F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3070b8ae-b01e-004f-745e-471cfe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 650c04da0a114aa9-FRA
expires: Tue, 25 May 2021 10:03:58 GMT

GET
H2 200 box-5e3cec51ed8e99df6977c199d27812d7.html Show response
vars.hotjar.com/ Frame 96E2 1 KB
1 KB 117ms
40ms Document
text/html 13.224.95.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-126493.js?sv=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-8.zrh50.r.cloudfront.net
Software: /
Resource Hash: 486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-5e3cec51ed8e99df6977c199d27812d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ictiva.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ictiva.com/

Response headers

content-type: text/html
content-length: 684
date: Tue, 30 Mar 2021 16:10:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "4e332edbbc3b46800c87f197cc7d3bb6"
last-modified: Tue, 30 Mar 2021 14:48:51 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: ho4CxaybxADWVwYPtYgggy2WIQ4V_YEQBZvGsB_BYllkC1SCHBnz4g==
age: 4125206

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame E68A 597 B
1 KB 126ms
65ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1406081&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3736 915c305 master zrh-pixel-x31 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 10:03:58 GMT
Server: MT3 3736 915c305 master zrh-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Mon, 17 May 2021 10:03:50 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame E68A 597 B
1 KB 111ms
48ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1393997&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3736 915c305 master zrh-pixel-x3 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 10:03:58 GMT
Server: MT3 3736 915c305 master zrh-pixel-x3
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Mon, 17 May 2021 10:03:50 GMT

GET
H3-29

200

activityi;dc_pre=CK_xubK70PACFYSCewodV-ED8A;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2608019844585.2363 Show response
8622247.fls.doubleclick.net/ Frame 9840
Redirect Chain

https://8622247.fls.doubleclick.net/activityi;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2608019844585.2363?
https://8622247.fls.doubleclick.net/activityi;dc_pre=CK_xubK70PACFYSCewodV-ED8A;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2608019844585.2363?

504 B
419 B

67ms
34ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8622247.fls.doubleclick.net/activityi;dc_pre=CK_xubK70PACFYSCewodV-ED8A;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2608019844585.2363?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

78eae5cc8d219a192d47068049e7cf4c0d5fc5294f16a3e0921e65bd3600caba

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8622247.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CK_xubK70PACFYSCewodV-ED8A;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2608019844585.2363?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hal9000.redintelligence.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hal9000.redintelligence.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 17 May 2021 10:03:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 394
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 17-May-2021 10:18:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 17 May 2021 10:03:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8622247.fls.doubleclick.net/activityi;dc_pre=CK_xubK70PACFYSCewodV-ED8A;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2608019844585.2363?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame E68A
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

80 KB
28 KB

116ms
37ms

Script
application/x-javascript

37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5addb050e7fe474684bcb62d5bc8717ab681735dce2d2539631a08d570cf81a5

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: gzip
last-modified: Mon, 17 May 2021 07:34:29 GMT
server: nginx
etag: W/"60a21c85-13e2b"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Mon, 17 May 2021 10:03:58 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H3-29

200

activityi;dc_pre=CP2XubK70PACFeDUEQgdfwoJvw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6312123900118.66 Show response
5994599.fls.doubleclick.net/ Frame 146F
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6312123900118.66?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CP2XubK70PACFeDUEQgdfwoJvw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6312123900118.66?

502 B
414 B

66ms
34ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CP2XubK70PACFeDUEQgdfwoJvw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6312123900118.66?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

e719673592da8694008d40610ab065d9b90fb31192595b6e76998c61c5dfc0aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CP2XubK70PACFeDUEQgdfwoJvw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6312123900118.66?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hal9000.redintelligence.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hal9000.redintelligence.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 17 May 2021 10:03:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 389
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 17-May-2021 10:18:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 17 May 2021 10:03:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CP2XubK70PACFeDUEQgdfwoJvw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6312123900118.66?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

activityi;dc_pre=CIyUubK70PACFcSUewodtSMMYQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7873251637695.122 Show response
5994599.fls.doubleclick.net/ Frame E8D6
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7873251637695.122?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIyUubK70PACFcSUewodtSMMYQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7873251637695....

512 B
421 B

73ms
42ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CIyUubK70PACFcSUewodtSMMYQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7873251637695.122?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

9ed70ea370d5f6ebdf8685e9dcaf4600282be4125f8571f622e82fc5b92ee2ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIyUubK70PACFcSUewodtSMMYQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7873251637695.122?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hal9000.redintelligence.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hal9000.redintelligence.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 17 May 2021 10:03:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 396
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 17-May-2021 10:18:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 17 May 2021 10:03:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIyUubK70PACFcSUewodtSMMYQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7873251637695.122?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame E68A 43 B
480 B 48ms
47ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3736 915c305 master zrh-pixel-x24 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 10:03:58 GMT
Server: MT3 3736 915c305 master zrh-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 17 May 2021 10:03:50 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CP2XubK70PACFeDUEQgdfwoJvw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6312123900118.66;~oref=https://hal9000... Frame B0CC 501 B
621 B 43ms
42ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CP2XubK70PACFeDUEQgdfwoJvw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6312123900118.66;~oref=https://hal9000.redintelligence.net/

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CP2XubK70PACFeDUEQgdfwoJvw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6312123900118.66?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

faa1a83e9e91bdb426fbdceb128d31ec19b98dc7ba285fe261a3a7333bf4a899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CP2XubK70PACFeDUEQgdfwoJvw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6312123900118.66;~oref=https://hal9000.redintelligence.net/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5994599.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5994599.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 17 May 2021 10:03:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 388
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CIyUubK70PACFcSUewodtSMMYQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7873251637695.122;~oref=https... Frame 354A 511 B
465 B 191ms
191ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIyUubK70PACFcSUewodtSMMYQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7873251637695.122;~oref=https://hal9000.redintelligence.net/

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIyUubK70PACFcSUewodtSMMYQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7873251637695.122?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2c77cbf0625285ff1d723e8e30b6d820a4f31787873d8bd5ec3464018c284ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CIyUubK70PACFcSUewodtSMMYQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7873251637695.122;~oref=https://hal9000.redintelligence.net/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5994599.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5994599.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 17 May 2021 10:03:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 395
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CK_xubK70PACFYSCewodV-ED8A;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2608019844585.2363;~oref=https://hal90... Frame 01FB 503 B
463 B 196ms
196ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CK_xubK70PACFYSCewodV-ED8A;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2608019844585.2363;~oref=https://hal9000.redintelligence.net/

Requested by

Host: 8622247.fls.doubleclick.net
URL: https://8622247.fls.doubleclick.net/activityi;dc_pre=CK_xubK70PACFYSCewodV-ED8A;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2608019844585.2363?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

522f8c63d9f8b59b81da9d0724be85c9649571aed92c5de4879ec9e3cbcd5a44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CK_xubK70PACFYSCewodV-ED8A;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2608019844585.2363;~oref=https://hal9000.redintelligence.net/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://8622247.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://8622247.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 17 May 2021 10:03:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 393
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CP2XubK70PACFeDUEQgdfwoJvw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6312123900118.66;~oref=https://hal9000.... Frame 0217 194 B
391 B 43ms
42ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CP2XubK70PACFeDUEQgdfwoJvw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6312123900118.66;~oref=https://hal9000.redintelligence.net/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CP2XubK70PACFeDUEQgdfwoJvw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6312123900118.66;~oref=https://hal9000.redintelligence.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CP2XubK70PACFeDUEQgdfwoJvw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6312123900118.66;~oref=https://hal9000.redintelligence.net/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 17 May 2021 10:03:58 GMT
expires: Mon, 17 May 2021 10:03:58 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/ Frame E68A
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=608032220855&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ictiva.com%2F&ADFtpmod...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=608032220855&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ictiva.com%2F&ADF...

111 B
592 B

39ms
39ms

Script
text/javascript

37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=608032220855&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ictiva.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D25611%26version%3D1%26redirected%3D1

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=25611&version=1&redirected=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 10:03:58 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 186
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 17 May 2021 10:03:58 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=608032220855&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ictiva.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D25611%26version%3D1%26redirected%3D1
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 18ms
17ms Image
image/gif 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1726290627612934&ev=Microdata&dl=https%3A%2F%2Fwww.ictiva.com%2Fusuarios%2Flogin%2F&rl=&if=false&ts=1621245838860&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20%20%20%20Inicia%20sesi%C3%B3n%5Cn%20-%20ictiva%22%2C%22meta%3Adescription%22%3A%22Usuarios%20de%20ictiva%2C%20tu%20gimnasio%20en%20casa%22%2C%22meta%3Akeywords%22%3A%22usuarios%2C%20ictiva%2C%20gimnasio%20en%20casa%2C%20gimnasia%20en%20casa%2C%20gimnasio%20online%2C%20gimnasio%20virtual%2C%20clases%20virtuales%2C%20videos%20de%20ejercicios%20fisiscos%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22ictiva%2C%20tu%20gimnasio%20online%22%2C%22og%3Adescription%22%3A%22Tu%20gimnasio%20online%20con%2021%20disciplinas%20donde%20escoger%2C%20m%C3%A1s%20de%20400%20sesiones%2C%20disponibles%2024h%20los%20365%20d%C3%ADas%20al%20a%C3%B1o%2C%20%20evoluci%C3%B3n%20con%20gr%C3%A1ficos%20y%20estad%C3%ADsticas%2C%20planes%20de%20entrenamiento%2C%20dietas%20de%20expertos%20nutricionistas%2C%20tarifas%20a%20tu%20medida%22%2C%22og%3Aurl%22%3A%22%2F%2Fwww.ictiva.com%2F%22%2C%22og%3Asite_name%22%3A%22ictiva%2C%20tu%20gimnasio%20online%22%2C%22og%3Aimage%22%3A%22%2F%2Fwww.ictiva.com%2Fbase%2Fvar%2Fsites%2Fictivate%2Fdissenys%2Fimg%2Flogo.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1621245838354.1692992631&it=1621245838266&coo=false&es=automatic&tm=3&exp=l0&rqm=GET

Requested by

Host: www.ictiva.com
URL: https://www.ictiva.com/usuarios/login/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ictiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:03:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 17 May 2021 10:03:58 GMT

GET
H3-29 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CIyUubK70PACFcSUewodtSMMYQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7873251637695.122;~oref=https:... Frame EA12 194 B
199 B 89ms
74ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CIyUubK70PACFcSUewodtSMMYQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7873251637695.122;~oref=https://hal9000.redintelligence.net/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIyUubK70PACFcSUewodtSMMYQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7873251637695.122;~oref=https://hal9000.redintelligence.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CIyUubK70PACFcSUewodtSMMYQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7873251637695.122;~oref=https://hal9000.redintelligence.net/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 17 May 2021 10:03:59 GMT
expires: Mon, 17 May 2021 10:03:59 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CK_xubK70PACFYSCewodV-ED8A;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2608019844585.2363;~oref=https://hal900... Frame CC5A 194 B
199 B 80ms
75ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CK_xubK70PACFYSCewodV-ED8A;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2608019844585.2363;~oref=https://hal9000.redintelligence.net/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CK_xubK70PACFYSCewodV-ED8A;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2608019844585.2363;~oref=https://hal9000.redintelligence.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CK_xubK70PACFYSCewodV-ED8A;src=8622247;type=invmedia;cat=mbxzy9s1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2608019844585.2363;~oref=https://hal9000.redintelligence.net/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 17 May 2021 10:03:59 GMT
expires: Mon, 17 May 2021 10:03:59 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame E68A 43 B
635 B 55ms
54ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3736 915c305 master zrh-pixel-x24 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 10:04:08 GMT
Server: MT3 3736 915c305 master zrh-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 17 May 2021 10:04:00 GMT

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redintelligence.net/	1970-01-19 20:30:21	Name: 8lcfmzhxc8d6_uid Value: bf4ec1cc8ce3aefe
.ictiva.com/	1970-01-19 18:20:47	Name: _hjFirstSeen Value: 1
.ictiva.com/	1970-01-20 03:06:21	Name: _hjid Value: 9fda0974-dabd-421a-8992-b3f43e6a2577
.ictiva.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.doubleclick.net/	1970-01-19 18:20:46	Name: test_cookie Value: CheckForPermission
www.ictiva.com/	1970-01-19 18:20:55	Name: PHPSESSID Value: 8d367ff7341eb53aef29deb0f1f030ad
.ictiva.com/	1970-01-20 03:06:21	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Mon+May+17+2021+12%3A03%3A58+GMT%2B0200+(Central+European+Summer+Time)&version=6.10.0&hosts=&landingPath=https%3A%2F%2Fwww.ictiva.com%2Fusuarios%2Flogin%2F&groups=C0004%3A0%2CC0003%3A0%2CC0002%3A0%2CC0001%3A1
.ictiva.com/	1970-01-19 20:30:21	Name: _fbp Value: fb.1.1621245838354.1692992631

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
8622247.fls.doubleclick.net
adservice.google.com
adservice.google.de
agsenglo.com
ajax.googleapis.com
appleid.cdn-apple.com
cdn.cookielaw.org
config1.veinteractive.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
hal9000.redintelligence.net
marketing.senderglobal.com
pixel.mathtag.com
r.adserver01.de
s2.adform.net
sb.scorecardresearch.com
script.hotjar.com
static.hotjar.com
track.adform.net
vars.hotjar.com
www.ad4mat.net
www.artfut.com
www.dwin1.com
www.facebook.com
www.googletagmanager.com
www.ictiva.com
104.109.83.200
104.111.230.79
13.224.95.70
13.224.95.8
13.32.25.19
142.250.184.230
144.76.91.199
172.217.16.134
2.18.233.201
212.83.50.108
2600:9000:206f:3e00:f:8ce2:fb80:93a1
2606:4700:20::ac43:4b3f
2606:4700:3032::6815:57ae
2606:4700::6810:9440
2a00:1450:4001:808::2008
2a00:1450:4001:810::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a03:2880:f030:13:face:b00c:0:3
2a03:2880:f130:83:face:b00c:0:25de
37.157.4.24
37.157.6.234
46.183.117.49
94.127.191.191
99.86.2.29
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0735a748bf70ad519969fbf64f7c8ef3072a1bdda68b420aee14dc43e5e080cd
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1250793c3aaff385ddfdfcf824e5b40852b21ff0c6ac5d55192e23295bebeac7
1896e0509fcd440361382e116e018c02a116a5a88e5330352236a47e063d3b63
1a5ee03a6e23c1b86982bc2cd9b0cd716853a4d511eb07e3723ce42fa502fbe7
1adeb028e615a654ebf218f188ad6bc841ad3851da01b28dc4af82ea77179108
1cb7a56010078ae0cd255d20bdf33ca01f156dc7b6491ca4997b50ecf97f1c4b
21fd5ce97157e45922b40c154bed21462ce4f9fb0762fc64005fdcd549c1bafb
3767ff8dcebc558a1109e37dca37e47c4b26cbb3cb5c1d3040e150a0832782d9
380fd24db43b138332d8b904d3009051e30fadec1616e3ef2853e0a9dc010ee3
3b27f686e9c39188ff63e191cc3efb6500a6c6d06f2d1d2ec27ceb623a2ecacc
3fa61e28ea2792ea7773314b49ff644149162432d5d548769f95b8014ad751ca
40f12e335914950b4f2058dbcbbee727f3f7542399ec6b2e98256480ea91aa49
452ee2471448cc6b716090a014cf7fc9cc515998bda9dcc334aa073a72a591e7
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
522f8c63d9f8b59b81da9d0724be85c9649571aed92c5de4879ec9e3cbcd5a44
5a1d5180a291f8fb06b8e040d43b13715ce02b436486fc7161dafd9cc0af2785
5addb050e7fe474684bcb62d5bc8717ab681735dce2d2539631a08d570cf81a5
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
65cef8a94d8a09cac56b85e15c92c37ea129d38a094fa8e1f3fd812a550b74be
6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5
75db69592337280529fdc6448185b1cb88a50dbe9b498718f45ba52907e8aba3
78eae5cc8d219a192d47068049e7cf4c0d5fc5294f16a3e0921e65bd3600caba
7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f
7cd07e6c64768b866c81e2e1cc61f88f631f377a3afc426d7b0c9de3875e65ae
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
885e0937e29c76f4559af0cb767d10c8d705838fcc2a47badb37ebcc9d75decb
89726ef1d879db62d7af754c765150dbaaef992f97294032d073a0591897199d
8a0fc361e5a8551ef9e7bb27a2541e2fa4d77b256c7f1ddf06842149f4aa5cbd
8ffe9e3c51bf3a2d26fecb5573fdf1f941817428f6d9b036454f74f09c8b8917
9453ba396933b14c1ac7e64c6c1cc814c1c991e1f5bcf0a00d2c84dd0de87054
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
9d4908fd57cf83084ce3e3ff24ad40d3e8560ba1ec138dbb2ef822ad5732bc85
9d4e3bd1621e63bb4bfbae3c3275134b26016bb76175fefe9c5998f8ade1009c
9df6e8c4bc8ea670d2f4da40a35a41772cc8857aca288a77acfa891cf1a54c36
9ed70ea370d5f6ebdf8685e9dcaf4600282be4125f8571f622e82fc5b92ee2ee
a055f096d096c43bf118a01fd406311b32a9fe88b26ecb9a72815eb04fc7e690
a062bba36d43bfbf68bd41b858d306d1847f3689c6e93339a7f09556eb1de70d
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2
a92bb4258e62097ba682743427e60b4d323cd4b613c01181d58ffb59a546f443
ac678db61154e1cb5f6956e365061c481f81cdb167bdfb7cc3891608a55be275
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c1ddb3c890d7501f7aef0764dfe059820391a42c20911cfde0c7d839282702c2
d19a703e7771165be006db017566145856e23a5f0aae0598eab9cff707ff3d56
d2c77cbf0625285ff1d723e8e30b6d820a4f31787873d8bd5ec3464018c284ce
d50ce003678da9eb8d428547c5cd299a622a8aab98f82279d9893bdcf8d37d81
dc63b766a90c33d4c847743e12e55f2050403bfa26151e261104186aa5a035f7
e34002a4a90dc95d243621498abd551ad357bd93efbacfb2954038de119bbc36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e719673592da8694008d40610ab065d9b90fb31192595b6e76998c61c5dfc0aa
edfc75726cf71265dd903eeb0f37bd74534194e42a0e6db6894beb6987023454
f7152bb587e00561d78dd73a68a79d62f71cfbf986001f6d7dba0e752ac2071f
faa1a83e9e91bdb426fbdceb128d31ec19b98dc7ba285fe261a3a7333bf4a899
fc570a3950016fbb0b473907bae62cada3db9ce22dd0d0b130eb04c8f46c429e

www.ictiva.com Open in urlscan Pro 46.183.117.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

100 %HTTPS

44 %IPv6

23 Domains

28 Subdomains

27 IPs

5 Countries

594 kBTransfer

1996 kBSize

8 Cookies

5 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ictiva.com Open in urlscan Pro
46.183.117.49 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

100 %
HTTPS

44 %
IPv6

23
Domains

28
Subdomains

27
IPs

5
Countries

594 kB
Transfer

1996 kB
Size

8
Cookies

62 HTTP transactions
1 data transactions