Submitted URL: https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPK...
Effective URL: https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
Submission: On August 18 via manual from US — Scanned from US

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 38 HTTP transactions. The main IP is 104.18.24.40, located in and belongs to CLOUDFLARENET, US. The main domain is bcv3.palilaliaethnogenesis.com.
TLS certificate: Issued by E6 on July 18th 2024. Valid for: 3 months.
This is the only time bcv3.palilaliaethnogenesis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 1 172.67.188.104 13335 (CLOUDFLAR...)
1 13 104.18.24.40 13335 (CLOUDFLAR...)
1 151.101.194.137 54113 (FASTLY)
4 172.217.165.138 15169 (GOOGLE)
38 7
Apex Domain
Subdomains
Transfer
17 adperformancemonitor.com
caxofi.adperformancemonitor.com
502 KB
13 palilaliaethnogenesis.com
bcv3.palilaliaethnogenesis.com
51 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
maps.googleapis.com — Cisco Umbrella Rank: 567
195 KB
2 gstatic.com
fonts.gstatic.com
30 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
30 KB
1 tracknshosp.com
tracknshosp.com
1 KB
1 trialecommercedealshub.com
trialecommercedealshub.com
646 B
38 7
Domain Requested by
17 caxofi.adperformancemonitor.com caxofi.adperformancemonitor.com
13 bcv3.palilaliaethnogenesis.com 1 redirects caxofi.adperformancemonitor.com
bcv3.palilaliaethnogenesis.com
4 maps.googleapis.com bcv3.palilaliaethnogenesis.com
maps.googleapis.com
2 fonts.gstatic.com fonts.googleapis.com
1 code.jquery.com bcv3.palilaliaethnogenesis.com
1 tracknshosp.com 1 redirects
1 trialecommercedealshub.com caxofi.adperformancemonitor.com
1 fonts.googleapis.com caxofi.adperformancemonitor.com
38 8

This site contains no links.

Subject Issuer Validity Valid
adperformancemonitor.com
WE1
2024-07-31 -
2024-10-29
3 months crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
trialecommercedealshub.com
WE1
2024-07-26 -
2024-10-24
3 months crt.sh
*.gstatic.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
palilaliaethnogenesis.com
E6
2024-07-18 -
2024-10-16
3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh

This page contains 2 frames:

Primary Page: https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
Frame ID: 7A5ED47DE7195741967FB654FDD45A77
Requests: 36 HTTP requests in this frame

Frame: https://bcv3.palilaliaethnogenesis.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js
Frame ID: 231914135E840D4B164D6A7AC382A9CE
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350... Page URL
  2. https://tracknshosp.com/15c5a561-ea64-438e-9645-409b12ddadb6?offerId=f844620d-9ad4-424f-8d46-5ccd277... HTTP 302
    https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

97 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

808 kB
Transfer

1895 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284 Page URL
  2. https://tracknshosp.com/15c5a561-ea64-438e-9645-409b12ddadb6?offerId=f844620d-9ad4-424f-8d46-5ccd277a8863|166dc080-e43c-439a-a909-2c709708331c|||&c=|764&k=&v=&s=1817&t=&cr=&src=&lp=&id=wmps2bkdpcoa6ph3jn0v8g5a HTTP 302
    https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://bcv3.palilaliaethnogenesis.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://bcv3.palilaliaethnogenesis.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
index.php
caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/
70 KB
14 KB
Document
General
Full URL
https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f91b9386adefe6cdfe8384dc0ad69631e6fee4a5fe3ac5335f90d601d1a81616

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Linux"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8b53cdc04bba4384-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 18 Aug 2024 18:00:30 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nr6GHGxtlmtJ5%2BJdBpe6bD1j7TvO858q4luoAkienOrMRy7U0z7MCwYlJWVRs6JZ96kcOCJA50G%2FdjrHOUA03NzWEPpjT7k%2BvjBDnHF4yf5qeckoXWQ4KdqRJKvR16ksScKS%2Fel3rFJR8yDiBVoBDGtpc7C%2BDPgUOQy95XAJ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
css2
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap
Requested by
Host: caxofi.adperformancemonitor.com
URL: https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
21d154e4d18d2e518902d2b314490ef3bd70ac80c4fdb84c1593a0c633843eb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://caxofi.adperformancemonitor.com/
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 18 Aug 2024 18:00:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 18 Aug 2024 16:32:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 18 Aug 2024 18:00:30 GMT
bootstrap.min.css
caxofi.adperformancemonitor.com/nfxbd/files/
228 KB
29 KB
Stylesheet
General
Full URL
https://caxofi.adperformancemonitor.com/nfxbd/files/bootstrap.min.css
Requested by
Host: caxofi.adperformancemonitor.com
URL: https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74cbe81783fc23ed32a140544578579855861be089571415d5b6b9c36ea0ef6f

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:30 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82
alt-svc
h3=":443"; ma=86400
content-length
29490
last-modified
Thu, 04 Jan 2024 19:26:57 GMT
server
cloudflare
etag
"390fe-60e23b6fde240-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2beTH5wiiQ%2BhCfMgzrnmHl3rffLHUYqrQjmEKXpbRStX0cJyFrJOCK3OayoK5CfG%2BPQPy4FlbdurI%2BgVqBS47Qioixcmbh47QI3tBCOtLsoT%2BpwgAkzOILhhSHnFd8FQwLGEw9VjwZhL8hu9oQ9R%2BQ38FvD5JZmdm%2B55UO3T"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b53cdc558634384-EWR
ab4e97aff26a1d14b5d59dabe76a8348.css
caxofi.adperformancemonitor.com/nfxbd/
3 KB
1 KB
Stylesheet
General
Full URL
https://caxofi.adperformancemonitor.com/nfxbd/ab4e97aff26a1d14b5d59dabe76a8348.css?rexo=ZXlKeWIyOTBJam9pWEM5dVpuaGlaRnd2SWl3aVptbHNaU0k2SWk1Y0wyWnBiR1Z6WEM5emRIbHNaUzVqYzNNaUxDSjBlWEJsSWpvaVkzTnpJaXdpZGlJNklqSWlmUT09aaIiaKjaseS
Requested by
Host: caxofi.adperformancemonitor.com
URL: https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
defbc2663255590edf113f0b206b85909bf6098a19b37f94c36ecbe9472835af

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 18 Aug 2024 17:59:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
82
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jkG9b%2B8xKZT%2F9lxwV6FyBFrfDLtRDkJcRK4yrkq2tYpi29T0tbp18tWMD5ipDOQoO41Z2lU7tLSTqn8NjeNy99EC4r2JKNIeaCacfb4EHZ%2FwlerfTYagCzhfvVr2RnaJBgDgoBSjRVxVQI7KhqKlSZ2ab6C0YOovXMQc5zvD"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8b53cdc558644384-EWR
alt-svc
h3=":443"; ma=86400
jquery-3.6.0.min.js
caxofi.adperformancemonitor.com/nfxbd/files/
114 KB
35 KB
Script
General
Full URL
https://caxofi.adperformancemonitor.com/nfxbd/files/jquery-3.6.0.min.js
Requested by
Host: caxofi.adperformancemonitor.com
URL: https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
094a4ea27365548b01c750c02b461dc1bda204e627bae5b4cb80d18d7272940b

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:30 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82
alt-svc
h3=":443"; ma=86400
content-length
34963
last-modified
Thu, 04 Jan 2024 19:28:40 GMT
server
cloudflare
etag
"1c95e-60e23bd218a00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ol1e9VxxlmLwKJ0f8%2Bld1llMm4x3lMV1Qy8Mbb7CD5A%2BhNGS7Ze6Wmm6sFZonNGFRIjUhCR6LgLJxReY5uKw1IRS%2BdH4N2qky8YSLSrIM4%2F1VMFuWJrvWNZRJWN%2BVOrd1e9kH4g2aqu%2F2%2Fp9bnWkmQpGUkpyd38KCm7TK17U"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b53cdc558664384-EWR
4f6498a60a6bdf2c3564c7bf70b24d15.js
caxofi.adperformancemonitor.com/nfxbd/
804 B
640 B
Script
General
Full URL
https://caxofi.adperformancemonitor.com/nfxbd/4f6498a60a6bdf2c3564c7bf70b24d15.js?rexo=ZXlKeWIyOTBJam9pWEM5dVpuaGlaRnd2SWl3aVptbHNaU0k2SWk1Y0wyWnBiR1Z6WEM5elkzSnBjSFF1YW5NaUxDSjBlWEJsSWpvaWFuTWlMQ0oySWpvaU1pSjk=aaIiaKjaseS
Requested by
Host: caxofi.adperformancemonitor.com
URL: https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a16bf14f3622d514daee00976f7627bf6c7fda1557d90ebf256baddde7b0ae4

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 18 Aug 2024 17:59:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
82
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dUzbaAuiHhIREE8A4ci5XZO5Wcm%2BUwQsSRdx2TIfUK9fWRATaaeeUy9FY%2FvGoBhVBqB3Y58XC3u6aJNxyyLInEt6Ljwsll73VBEPno9IYwrIj0mWDSU2IcoLkQ8wuYSbetBQoBavbhYBMj20a3P9xqgbuiJrSjuG8iwZCKOC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8b53cdc558684384-EWR
alt-svc
h3=":443"; ma=86400
854fb730c9d2abd7b0de91c1175ad71a.js
caxofi.adperformancemonitor.com/nfxbd/
1 KB
996 B
Script
General
Full URL
https://caxofi.adperformancemonitor.com/nfxbd/854fb730c9d2abd7b0de91c1175ad71a.js?659704ca0b558&rexo=ZXlKeWIyOTBJam9pWEM5dVpuaGlaRnd2SWl3aVptbHNaU0k2SWk1Y0wyWnBiR1Z6WEM5dGMyY3Vkak11YW5NaUxDSjBlWEJsSWpvaWFuTWlMQ0oySWpvaU1pSjk=aaIiaKjaseS
Requested by
Host: caxofi.adperformancemonitor.com
URL: https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bfca99954f9e98f4aa228151e8c2add1d01fb36f5e25021710db0e916529c62

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 18 Aug 2024 17:59:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
82
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TP18iZKXAnVWtKubrK%2BraWReLb5Ggw1g%2Br%2BMH1cVVSzkp8Z3R7VnLMN0cDrzvPr4eSpnm4sh1I9An%2BE7FQerwfsBu5v8B5TfzoccIhhTImfOooD4I%2F%2FM23yJxdIER1pZdh5alraWwwweNGgPfRFY4EKoa1Z7VcFaI%2Fqyltrp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8b53cdc558694384-EWR
alt-svc
h3=":443"; ma=86400
98aae12c9b6a00fc8678912eddc0bd8f.png
caxofi.adperformancemonitor.com/nfxbd/
20 KB
20 KB
Image
General
Full URL
https://caxofi.adperformancemonitor.com/nfxbd/98aae12c9b6a00fc8678912eddc0bd8f.png?rexo=ZXlKeWIyOTBJam9pWEM5dVpuaGlaRnd2SWl3aVptbHNaU0k2SWk1Y0wyWnBiR1Z6WEM4eE1EbGlPVGxoTlRZMU1EQTFNalkxTTJReVlqTTRZalZqTkRRM016RTJPUzV3Ym1jaUxDSjBlWEJsSWpvaWFXMWhaMlVpTENKMklqb2lNaUo5aaIiaKjaseS
Requested by
Host: caxofi.adperformancemonitor.com
URL: https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fef565dbab83147e2ff28f7e756dedb3fed06a2b6fd89eb1887047d73c614a37

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:30 GMT
cf-cache-status
HIT
last-modified
Sun, 18 Aug 2024 17:59:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
81
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2F9gFrNhmmIz3LD5F2c3q%2FeulTLKnu9aZtJ4By0oqf7xd2oI4eCH2y4xdjQ53ZAqw%2FP9qr%2BZO2GvVh8aVgQ8mgL1GpPBvGXK3ZQbly6kUmG1thvQjQ8JrGazMiYOsR0dO2mKZfc%2B9aB7YIu%2F63eBx8CVsafk%2BTUc3ThAQhaK"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b53cdc5586a4384-EWR
alt-svc
h3=":443"; ma=86400
content-length
20100
166dc080-e43c-439a-a909-2c709708331c
trialecommercedealshub.com/i/f844620d-9ad4-424f-8d46-5ccd277a8863/
2 B
646 B
Image
General
Full URL
https://trialecommercedealshub.com/i/f844620d-9ad4-424f-8d46-5ccd277a8863/166dc080-e43c-439a-a909-2c709708331c
Requested by
Host: caxofi.adperformancemonitor.com
URL: https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:d4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://caxofi.adperformancemonitor.com/
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
3628800
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2FjJqFfTvCht2HyOTMtdkz%2F9gAUc%2F%2FDhaj6ch%2Fm6uu6dUI5%2BUTeGeO7wlhO0pVV7dtJuDf1K3O4dYZZ09EZbMV3JctcPA2pSjimZXTzRVhnMsFO%2BIlUxp6wDFN8iQ1XtseEmcN9lsXYzrsArCMA4IP7aoX8PyLYm%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8b53cdc5bb444304-EWR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
content-length
2
alt-svc
h3=":443"; ma=86400
4c8972dc50c0f0501b649f7fd9e2623e.png
caxofi.adperformancemonitor.com/nfxbd/
235 KB
235 KB
Image
General
Full URL
https://caxofi.adperformancemonitor.com/nfxbd/4c8972dc50c0f0501b649f7fd9e2623e.png?rexo=ZXlKeWIyOTBJam9pWEM5dVpuaGlaRnd2SWl3aVptbHNaU0k2SWk1Y0wyWnBiR1Z6WEM4NVpEZG1aREZtWVdVME5qYzROREZpWWpBd1pERmpNemN6WTJJME0yRmpaaTV3Ym1jaUxDSjBlWEJsSWpvaWFXMWhaMlVpTENKMklqb2lNaUo5aaIiaKjaseS
Requested by
Host: caxofi.adperformancemonitor.com
URL: https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42f1c14b93907f85399f9066fd7dd7c34fcbdac4b8ed77c9ea65b3cc0ac3ac87

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:30 GMT
cf-cache-status
HIT
last-modified
Sun, 18 Aug 2024 17:59:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
81
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KLe2BtEzcgAJLlNQUe0puYaC156BTmTAZH4UCotVwctl%2BzNQl1%2BrQ%2Bl49G47AphlpWi0ClkxG%2Fj0DUDWn8uAibwUdN%2BMWwVqzE4Tdxcw3beMjpS1vXaaUl25Tn%2B8GzLtjK7%2BuK4GSY725hV7EvK6O0YOo4u2%2FD7%2BWGdApSrC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b53cdc5dc9d5e86-EWR
alt-svc
h3=":443"; ma=86400
content-length
240549
56cf2e773777f4ea50f9173475d69a2a.css
caxofi.adperformancemonitor.com/nfxbd/
8 KB
2 KB
Stylesheet
General
Full URL
https://caxofi.adperformancemonitor.com/nfxbd/56cf2e773777f4ea50f9173475d69a2a.css?rexo=ZXlKeWIyOTBJam9pWEM5dVpuaGlaRnd2SWl3aVptbHNaU0k2SWk1Y0wyWnBiR1Z6WEM5c1lXNWtaWEl1WTNOeklpd2lkSGx3WlNJNkltTnpjeUlzSW5ZaU9pSXlJbjA9aaIiaKjaseS
Requested by
Host: caxofi.adperformancemonitor.com
URL: https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d86a5fa2393620fb6cb4f90fb8b55c0badd84f2ab8fe77e8d13df4b512b42da2

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 18 Aug 2024 17:59:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
82
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w7olPZhWFQ9JfQazaXw7e4w%2FBnku9fJw%2BsHgJU%2BjGoAeET8tmqji166NiDn9yCa9z%2F2RxjSVUhBiQs0TPVe68iIaOOlIBM3EVkCrFdWR%2BPTqOdEKvHFZOMYm2gCQlUYF4LQslYl4rno53za6AH3cIVTIe684Pa3%2FQLXGzHeM"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8b53cdc64cfe5e86-EWR
alt-svc
h3=":443"; ma=86400
jquery.lightbox.css
caxofi.adperformancemonitor.com/nfxbd/files/
5 KB
2 KB
Stylesheet
General
Full URL
https://caxofi.adperformancemonitor.com/nfxbd/files/jquery.lightbox.css
Requested by
Host: caxofi.adperformancemonitor.com
URL: https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
584c1f96efada29b892c43463a36c370bf89774e33bc5d7ff6f176dfe7f6c154

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:30 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82
alt-svc
h3=":443"; ma=86400
content-length
1426
last-modified
Thu, 04 Jan 2024 19:32:52 GMT
server
cloudflare
etag
"13ad-60e23cc26c100-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gbpj6th1gOJkAg%2Bl0CjfQbRHwWf3U9fvB4JxzAZICULivUeajWo%2FKnXq%2BYNFzlQ3LKYK3SZFy6AZfx7u%2BGqyLeof0eV3IlvrVN7nkSxLDy75S%2B5DNQ8ygP4dxHK51YRaXPOIkib6cThTux5TI1hX9GY8a%2BpQf2kWKXH5gY%2Bp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b53cdc68d365e86-EWR
67aec1c1405a958aca5176a0d096cbaf.jpg
caxofi.adperformancemonitor.com/nfxbd/files/
105 KB
106 KB
Image
General
Full URL
https://caxofi.adperformancemonitor.com/nfxbd/files/67aec1c1405a958aca5176a0d096cbaf.jpg
Requested by
Host: caxofi.adperformancemonitor.com
URL: https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f33c40af726f61af3886823d02e0235746e5b4bc786b20fdda5e6c137710d6d1

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:30 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Jan 2024 19:38:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
81
etag
"1a54a-60e23e1fb3acd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a60snAnQKAHwrQvHmlwjBpLRPGHxIasWlyFI4n2hZvcwLoQcu0gUDl%2BK2ha%2BOdneEMR4Xjk8T2lK2R9ZUDKFmSsX3s0AZVgwNSZFG3khBFXrIOesxgW9kmTGkzHPRTetqriAfjdOQgi7zE%2B4B0hES5vkE62MuLun5baWE6Go"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b53cdc73dd75e86-EWR
alt-svc
h3=":443"; ma=86400
content-length
107850
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://fonts.googleapis.com/
Origin
https://caxofi.adperformancemonitor.com
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Fri, 16 Aug 2024 15:25:05 GMT
x-content-type-options
nosniff
age
182125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:53:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Aug 2025 15:25:05 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://fonts.googleapis.com/
Origin
https://caxofi.adperformancemonitor.com
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Fri, 16 Aug 2024 08:33:07 GMT
x-content-type-options
nosniff
age
206843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:53:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Aug 2025 08:33:07 GMT
7ca91526137df892c34eab7ba91fb4f8.js
caxofi.adperformancemonitor.com/nfxbd/
2 KB
1 KB
Script
General
Full URL
https://caxofi.adperformancemonitor.com/nfxbd/7ca91526137df892c34eab7ba91fb4f8.js?rexo=ZXlKeWIyOTBJam9pWEM5dVpuaGlaRnd2SWl3aVptbHNaU0k2SWk1Y0wyWnBiR1Z6WEM5bGJXRnBiQzFrWldOdlpHVXViV2x1TG1weklpd2lkSGx3WlNJNkltcHpJaXdpZGlJNklqSWlmUT09aaIiaKjaseS
Requested by
Host: caxofi.adperformancemonitor.com
URL: https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0068a37bb917fbd5e40263a0771c7d267a83fe1365b4be49574c4437d306ed29

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 18 Aug 2024 17:59:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
82
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nqefSFlSRuHI4O%2FIlRBxMobvS6%2BGJv9arPkk%2BzNE6UxbayPTOLDrD%2BLmxv33bx5CjHqWlYsSJZFxB%2Fq0MtJ7LjrTtK6P6ZbdV%2F169Suwy69X3jzOHXnU69P5sNyzWDeBWjdYq%2F%2B7rq83QIZo93AcvL2YH4RC4yRbsOyULG06"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8b53cdc8df525e86-EWR
alt-svc
h3=":443"; ma=86400
jquery-1.12.0.min.js
caxofi.adperformancemonitor.com/nfxbd/files/
123 KB
37 KB
Script
General
Full URL
https://caxofi.adperformancemonitor.com/nfxbd/files/jquery-1.12.0.min.js
Requested by
Host: caxofi.adperformancemonitor.com
URL: https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bc6e1981687e74f3ef80fe5a5126d959598f4855acce6782ffef02755001c6f

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:30 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82
alt-svc
h3=":443"; ma=86400
content-length
37904
last-modified
Thu, 04 Jan 2024 19:37:48 GMT
server
cloudflare
etag
"1ed55-60e23ddcb5b00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NvJaC8xgHc66DAC99xDhVLGlQ4Rau9eBDknnRkr5%2FgN%2Bt4gXHa1a5soy63RavD7pIA%2BvVX7CVSDRbajP09zFjzhJJRvCMMsymBUjpKo4PO19HeRq1BM84PvgQF4UzFvcRrB6JKx%2B8gQ4Ta54QvyuuNbq6abGihbM33luLt96"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b53cdc8df555e86-EWR
jquery.lightbox.js
caxofi.adperformancemonitor.com/nfxbd/files/
47 KB
14 KB
Script
General
Full URL
https://caxofi.adperformancemonitor.com/nfxbd/files/jquery.lightbox.js
Requested by
Host: caxofi.adperformancemonitor.com
URL: https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cdf9442ba4a67226fc61ac8fe1ce48dc9e52774e814357a53779e66cbcca4f1

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:30 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82
alt-svc
h3=":443"; ma=86400
content-length
13579
last-modified
Thu, 04 Jan 2024 19:36:08 GMT
server
cloudflare
etag
"ba26-60e23d7d57a00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TAYQ7uZGRQwzhLiH4YeitkcdY7Wzk04z3KodlPckkUU4LD5Q04%2FJeGb8iUSv8Esaagmr4OlnSriivMp5OI19ORqdjU3rzm0QJMCdE%2BbHNn6AYRliUYFiGORCBfih%2F2wEIgj2Y4jCqrd8kUKia4pFkwPPnDYifJb%2BOw1HV2b%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b53cdc8df585e86-EWR
a0af8dd45ef519f1ea4b7fdd19de8e0e.js
caxofi.adperformancemonitor.com/nfxbd/
101 B
541 B
Script
General
Full URL
https://caxofi.adperformancemonitor.com/nfxbd/a0af8dd45ef519f1ea4b7fdd19de8e0e.js?rexo=ZXlKeWIyOTBJam9pWEM5dVpuaGlaRnd2SWl3aVptbHNaU0k2SWk1Y0wyWnBiR1Z6WEM5dFlXbHVMbXB6SWl3aWRIbHdaU0k2SW1weklpd2lkaUk2SWpJaWZRPT0=aaIiaKjaseS
Requested by
Host: caxofi.adperformancemonitor.com
URL: https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12285055c7f5a8a1a4cb360c04098e7b179bdd32b0d95ee828f3dd209d818cb9

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 18 Aug 2024 17:59:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
82
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eXq3Uj5y9Sg2dxHwiG9Qm%2B8Rp5%2BujI95xxeNKX1wG8tQX%2FEOO2Ext49vPEIMK%2BH667YH8TyL7OOo6zmkcs%2BOIpYpSyChNjoZh1qAxZLt3CW7z6ezchAMmjPi1XO3L6DKqDFnjzxqD%2Fwf5c5lU%2FkkTVO0CxFNjAyudiKYQ4wY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8b53cdc8df595e86-EWR
alt-svc
h3=":443"; ma=86400
functions2.js
caxofi.adperformancemonitor.com/nfxbd/files/
3 KB
1 KB
Script
General
Full URL
https://caxofi.adperformancemonitor.com/nfxbd/files/functions2.js?v=1704395978
Requested by
Host: caxofi.adperformancemonitor.com
URL: https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79d59a7d49f2a9995524cce0f1b1ff19b7571eba8b9b486d61ee0d78f1245099

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:30 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82
alt-svc
h3=":443"; ma=86400
content-length
1026
last-modified
Mon, 08 Jan 2024 16:04:34 GMT
server
cloudflare
etag
"da1-60e715a997b2d-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K3q5xn2gVKsEXCylu28SalIlInqE%2BhrJW7BsTGJoRYc%2Bl5%2Fo7g0NeM4q3LKdJQC%2FkfG86F8RuSz6dEt3L1QQly5QZNDhJSyrpmh%2F0gsn5SAuG9W%2BZIDMnsc7C1WOFa9Shi%2BZUX4WDx88XrCAa56qC7mxG7P26Is%2BnipEaA6A"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b53cdc8df5a5e86-EWR
favico.png
caxofi.adperformancemonitor.com/nfxbd/files/
2 KB
2 KB
Other
General
Full URL
https://caxofi.adperformancemonitor.com/nfxbd/files/favico.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7341f7b8b0ae3c0da4aea559efc31f0b53d9db9dd291664fdcf7d618fd95ed8a

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:30 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 16:37:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
73
etag
"6db-60e71d01635fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qHDFkEk4nlyspLnLkVWlOFhKCgxvPdGWFuAmwUBAVu7RGyPRIBojXo0JRYXkB8JHe1IBVWRIC%2BPUgPVYgyPPm%2B0%2BYAvqfdO0R2jFui1HxF9BZRgeacCCzoOSk7rora5lGyR0BQUAuzVuQ%2FkWakjH%2BnvkavVOJqQsiuGQa2%2FJ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b53cdc97ff65e86-EWR
alt-svc
h3=":443"; ma=86400
content-length
1755
Primary Request /
bcv3.palilaliaethnogenesis.com/
Redirect Chain
  • https://tracknshosp.com/15c5a561-ea64-438e-9645-409b12ddadb6?offerId=f844620d-9ad4-424f-8d46-5ccd277a8863|166dc080-e43c-439a-a909-2c709708331c|||&c=|764&k=&v=&s=1817&t=&cr=&src=&lp=&id=wmps2bkdpcoa...
  • https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
49 KB
13 KB
Document
General
Full URL
https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
Requested by
Host: caxofi.adperformancemonitor.com
URL: https://caxofi.adperformancemonitor.com/nfxbd/files/functions2.js?v=1704395978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3b574eebb97a6620dda1fb10938b398f65904a79c044dae0d84201d558cc7923
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://caxofi.adperformancemonitor.com/fowimi/figuse/tu/geco/jefe/index.php?rpclk=JKe6fA1ExeUNeRMS1lG7czf6yW3w16350oS1uH8BxmiUrOayWyPPKqorLONDY8T9V%2B3m5siniDvae9dthJs5CGP1zgcorG3PynP6TaCq7wjjg2FI4sRTAcYrJ0f6NWXKM4uN4bZQ6t0oz5052ESpn%2BhPJ1O3MvCDFoaaRAN%2F5NcEbCTmHXMNZ3impNsLvf8aNfNYV%2F5nFMQR6AP3eDwvZPmnSHAryTq7Iuq4scEB9dItY95CswnMFdoCaF%2F6G1QwWwcaJyfxuje6hunPjKtMKXTGJQbi54Dj1ZtKnI07RJSJh%2FneKMCHb%2FjTgTE6N3Hl7%2FtUc7yR8nzlLRQsptXDaddOivgJtsLixvslBlZ8BWn0Nyd3GvWmwU0dgGRLM%2B6tnz9%2Fu8zjnqL5R4YpXbrQv4Kwu3JPhuw7NcqQIuLRdTnc00HhNp0u9VrGnvwG4EGwQ5YvzgbbHo74hxM%2F8ZWWb70vUy3GR9G6qeZu2qbpVoZbV4aHddZbm45dvnBU8RagGlqd27lF6K%2BV0q1p1pyroAsfJPZMR2LrA66KI2OwyGCiGcogHqNoROWLIssHRRv2RxoMKwFd2T7A933GgnVWY2ibFp8L%2BiBkZ15hifdFBzLv4tfRtP0ZKC79wiYEUovuoBt13uVFhOcpbDZgJLahlllEKya23R8qj5ddTLbIJYiQy2TH4FSkqLBU%3A%3A639ca64dee9642eb29a1ee361c160dfd&p=juXMb6%2F5SKS17yeJGcU1%3A%3Aed27a4b6ee335027127eec122313d8d0&oho=t4.swiftmailerhub.com&ptf=26934eb377001f66e37289a5c93fe284
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Linux"

Response headers

access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8b53ce66fdbc8c0b-EWR
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 18 Aug 2024 18:00:56 GMT
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
access-control-allow-origin
*
access-control-max-age
3628800
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b53ce589bb10f81-EWR
content-length
131
content-type
text/plain; charset=utf-8; SameSite=None; Secure
date
Sun, 18 Aug 2024 18:00:55 GMT
location
https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
nrid
2605858711
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lo5n8ZMqixbana8BrSwYAb0OduIl4vqzIocFEoT44I0vA1Hnh8egvm1AAvflR3ijRh4%2BQ4XhoiLt5eDa29SLVckIUU6KsUCqK5RdAZZh0tBJXFL1IxbzWHE%2B46csIaJCg50%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
via
1.1 google
x-eflow-request-id
df92d723-ca8f-4a00-81e2-94ee68780bdc
index.min.css
bcv3.palilaliaethnogenesis.com/~cdn/04bb5057-dd62-4885-a3ac-38fb64fdc3e3/
15 KB
3 KB
Stylesheet
General
Full URL
https://bcv3.palilaliaethnogenesis.com/~cdn/04bb5057-dd62-4885-a3ac-38fb64fdc3e3/index.min.css
Requested by
Host: bcv3.palilaliaethnogenesis.com
URL: https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2d4a4b919a4754ea19693b0c5659ed5145d40515154ecb83801397a82dc11615
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:56 GMT
x-amz-version-id
8gScn.EdT3McrMJxp.PvtVqV6510_Y2k
via
1.1 f194abfb7121bb6ccfc24868a57a10da.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
x-amz-cf-pop
ORD53-C1
age
156100
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
service-worker-allowed
/~cdn
last-modified
Tue, 02 Jan 2024 16:52:31 GMT
server
cloudflare
etag
W/"4e37a6adf37955a1e0d20c75c97f9a11"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8b53ce6c1b1a8c0b-EWR
x-amz-cf-id
8oXwDk73HCTcKeoi1TFikHK4ghSBzXHmBKNS6M4CtcM5jT76-DZD4Q==
expires
Mon, 18 Aug 2025 18:00:56 GMT
jquery.qtip.min.css
bcv3.palilaliaethnogenesis.com/~cdn/04bb5057-dd62-4885-a3ac-38fb64fdc3e3/
9 KB
2 KB
Stylesheet
General
Full URL
https://bcv3.palilaliaethnogenesis.com/~cdn/04bb5057-dd62-4885-a3ac-38fb64fdc3e3/jquery.qtip.min.css
Requested by
Host: bcv3.palilaliaethnogenesis.com
URL: https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2a96f15487ccc31484e0c61f6aeaaad720df349b834201721dcbc35a2cfb8800
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:56 GMT
x-amz-version-id
kDfMOxMjR5ZXhW1ZONDokN6NrmPPOVIm
via
1.1 ba886063c801beea10f1826f4374a56e.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
x-amz-cf-pop
ORD53-C1
age
156100
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
service-worker-allowed
/~cdn
last-modified
Tue, 02 Jan 2024 16:52:59 GMT
server
cloudflare
etag
W/"98e380194a8f13fe9089eb1599187b39"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8b53ce6c1b1c8c0b-EWR
x-amz-cf-id
P0D05QJjNGOz21RotSv9pSS2cejpmj9MiUfrvWNpyrLRCYugPazD3w==
expires
Mon, 18 Aug 2025 18:00:56 GMT
index.css
bcv3.palilaliaethnogenesis.com/~cdn/04bb5057-dd62-4885-a3ac-38fb64fdc3e3/
5 KB
1 KB
Stylesheet
General
Full URL
https://bcv3.palilaliaethnogenesis.com/~cdn/04bb5057-dd62-4885-a3ac-38fb64fdc3e3/index.css
Requested by
Host: bcv3.palilaliaethnogenesis.com
URL: https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0b4ab226e02dd62bd348bf3b84b2ae5312d0dfdfb6db43898180933444a04966
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:56 GMT
x-amz-version-id
JkaiCZ3u_yLwV4UAhrH8RuTPtrUoE049
via
1.1 ba9c4a15d904b10c426461fa8ff12178.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
x-amz-cf-pop
ORD53-C1
age
156100
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
service-worker-allowed
/~cdn
last-modified
Tue, 02 Jan 2024 16:52:59 GMT
server
cloudflare
etag
W/"faf667a66d7dbd714ee54a947c09af07"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8b53ce6c1b1d8c0b-EWR
x-amz-cf-id
FYEK1hvA8vQb7f0zJS6HWR9FvGzZM_TrzW-DWKN-JO1HVcX9-oacCg==
expires
Mon, 18 Aug 2025 18:00:56 GMT
app.css
bcv3.palilaliaethnogenesis.com/~cdn/04bb5057-dd62-4885-a3ac-38fb64fdc3e3/
4 KB
1 KB
Stylesheet
General
Full URL
https://bcv3.palilaliaethnogenesis.com/~cdn/04bb5057-dd62-4885-a3ac-38fb64fdc3e3/app.css
Requested by
Host: bcv3.palilaliaethnogenesis.com
URL: https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
caae2a450a58cb315d59141a0b2878b034782895e59da8c0beb86dcc9f907aee
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:56 GMT
x-amz-version-id
TRg4ozMGdAlt2J6F8IA5SKT_AnSSxf.r
via
1.1 782cd53d3d23369feee6e4656bafe94a.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
x-amz-cf-pop
CMH68-P2
age
156100
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
service-worker-allowed
/~cdn
last-modified
Thu, 31 Aug 2023 15:12:15 GMT
server
cloudflare
etag
W/"cdaaf7ca60567ec01d09927429cb8a81"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8b53ce6c1b1e8c0b-EWR
x-amz-cf-id
qXiHsAuXqrH-L_4YOL61WYmyBhY-nEYvus2dw_FFYo2znnySEUIg0w==
expires
Mon, 18 Aug 2025 18:00:56 GMT
mcLogo.png
bcv3.palilaliaethnogenesis.com/~cdn/04bb5057-dd62-4885-a3ac-38fb64fdc3e3/
482 B
900 B
Image
General
Full URL
https://bcv3.palilaliaethnogenesis.com/~cdn/04bb5057-dd62-4885-a3ac-38fb64fdc3e3/mcLogo.png
Requested by
Host: bcv3.palilaliaethnogenesis.com
URL: https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
95349c6f3503f11ca77c6ffc0da91693a0fb4fff2c1d2f08af08ba4949c66097
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:56 GMT
x-amz-version-id
SyBm.4abU9855z4NLHJUD5uXEoHgCbB8
via
1.1 31c8b5078ed8a992dc522a331438c63e.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
HIT
x-amz-cf-pop
CMH68-P2
age
156100
x-amz-server-side-encryption
AES256
x-powered-by
Express
x-cache
Miss from cloudfront
content-length
482
service-worker-allowed
/~cdn
last-modified
Tue, 02 Jan 2024 16:52:59 GMT
server
cloudflare
etag
"28317e19efae8a79ca702d284ef02272"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8b53ce6c1b1f8c0b-EWR
x-amz-cf-id
A4aPh0r42DpAorgL08ivcccQbd5rDmdFTlK35Pn4z41sx-34zX9JcA==
expires
Mon, 18 Aug 2025 18:00:56 GMT
visaLogo.png
bcv3.palilaliaethnogenesis.com/~cdn/04bb5057-dd62-4885-a3ac-38fb64fdc3e3/
457 B
679 B
Image
General
Full URL
https://bcv3.palilaliaethnogenesis.com/~cdn/04bb5057-dd62-4885-a3ac-38fb64fdc3e3/visaLogo.png
Requested by
Host: bcv3.palilaliaethnogenesis.com
URL: https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
89d94cb28c883da11b2bbead30155d33527ee85e67c0b3097ca94a60e046c028
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:56 GMT
x-amz-version-id
XmxlK_1_Mad3XtYh9MKh17KBh9KVE2h5
via
1.1 5401626d63787a47d271753adbb1f35e.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
HIT
x-amz-cf-pop
CMH68-P2
age
156100
x-amz-server-side-encryption
AES256
x-powered-by
Express
x-cache
Miss from cloudfront
content-length
457
service-worker-allowed
/~cdn
last-modified
Tue, 02 Jan 2024 16:52:59 GMT
server
cloudflare
etag
"cd100e693101af1d5ae85d64b1c29ef7"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8b53ce6c1b208c0b-EWR
x-amz-cf-id
_iWPTx-phvZ-WDkz-N8hvyVqiE8ANmySp0w6mYYEwY3reu_ULM7AhA==
expires
Mon, 18 Aug 2025 18:00:56 GMT
header-rgt.png
bcv3.palilaliaethnogenesis.com/~cdn/04bb5057-dd62-4885-a3ac-38fb64fdc3e3/
4 KB
5 KB
Image
General
Full URL
https://bcv3.palilaliaethnogenesis.com/~cdn/04bb5057-dd62-4885-a3ac-38fb64fdc3e3/header-rgt.png
Requested by
Host: bcv3.palilaliaethnogenesis.com
URL: https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
372accf9c0be754c3547a11739b2772d5a8f5528c0aa96aed2f5021e00fb8c49
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:57 GMT
x-amz-version-id
MhW4c5HJVxpeOGmYxNVj0ePCWuku5kdp
via
1.1 1aba6ba202ee10ab71536cbc38bd5866.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
HIT
x-amz-cf-pop
ORD53-C1
age
156101
x-amz-server-side-encryption
AES256
x-powered-by
Express
x-cache
Miss from cloudfront
content-length
4345
service-worker-allowed
/~cdn
last-modified
Tue, 02 Jan 2024 16:52:59 GMT
server
cloudflare
etag
"5091d2fc8d8ebb82eb6f4e47476bc6e6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8b53ce6c4b548c0b-EWR
x-amz-cf-id
KIIdGS63Unk93q7-bq385rQ1VGgTJnMdzBwoP3L1ccv8XdUE4xqQ7A==
expires
Mon, 18 Aug 2025 18:00:57 GMT
verified.png
bcv3.palilaliaethnogenesis.com/~cdn/04bb5057-dd62-4885-a3ac-38fb64fdc3e3/
19 KB
19 KB
Image
General
Full URL
https://bcv3.palilaliaethnogenesis.com/~cdn/04bb5057-dd62-4885-a3ac-38fb64fdc3e3/verified.png
Requested by
Host: bcv3.palilaliaethnogenesis.com
URL: https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
21a5f429a228c8229bda3a2806035627e4648d08f318bcca385480154f52b65e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:57 GMT
x-amz-version-id
EfN6.pxGSB5YjXmQglBsfv20E9Py5a_w
via
1.1 ea282d6e9982c684c0e1bd42f4c43f3a.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
HIT
x-amz-cf-pop
CMH68-P2
age
156101
x-amz-server-side-encryption
AES256
x-powered-by
Express
x-cache
Miss from cloudfront
content-length
19217
service-worker-allowed
/~cdn
last-modified
Tue, 02 Jan 2024 16:52:59 GMT
server
cloudflare
etag
"6a8d1c8822074576057e1ceed2fd1df2"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8b53ce6c5b588c0b-EWR
x-amz-cf-id
Y1_bftJikXNfvkocmj5FjRhFJzPoojSrWA87pZ7ajcQ6TQOVffAaWg==
expires
Mon, 18 Aug 2025 18:00:57 GMT
jquery-3.4.1.min.js
code.jquery.com/
86 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: bcv3.palilaliaethnogenesis.com
URL: https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://bcv3.palilaliaethnogenesis.com/
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:57 GMT
content-encoding
gzip
via
1.1 varnish
age
1597299
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
30638
x-served-by
cache-lga21930-LGA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1724004057.338844,VS0,VE0
etag
W/"28feccc0-15851"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
13523
js
maps.googleapis.com/maps/api/
217 KB
74 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyAAKBtGNyjujmTkDyY_BYD5l1jj8xYC628&callback=Function.prototype
Requested by
Host: bcv3.palilaliaethnogenesis.com
URL: https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
de391a0a26519dcc520edd7dea10d377c536ee68c88b892935e44df710d76047
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://bcv3.palilaliaethnogenesis.com/
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75475
x-xss-protection
0
standard.js
bcv3.palilaliaethnogenesis.com/~cdn/04bb5057-dd62-4885-a3ac-38fb64fdc3e3/
2 KB
1013 B
Script
General
Full URL
https://bcv3.palilaliaethnogenesis.com/~cdn/04bb5057-dd62-4885-a3ac-38fb64fdc3e3/standard.js
Requested by
Host: bcv3.palilaliaethnogenesis.com
URL: https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
14f61545c9b8ed9bf722e8e02851ccbaa556ae708b7dd207f6065198248bb270
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://bcv3.palilaliaethnogenesis.com/?ts=16&s1=72&s2=&clickid=daf416528813420894f0ea5450d2da1d
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:57 GMT
x-amz-version-id
.arEchedoGNQkzkoT4w2T7XgZdoEpMEK
via
1.1 44783ce98e3ad337ee5c8af734935c2e.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
x-amz-cf-pop
ORD53-C1
age
156101
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
service-worker-allowed
/~cdn
last-modified
Thu, 31 Aug 2023 15:12:14 GMT
server
cloudflare
etag
W/"eeca26f3b755a135fe7bb0a5ed5bb150"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8b53ce6c5b5e8c0b-EWR
x-amz-cf-id
TsxRzf-DqKfDn_gYY14qxSKN-bnkSmljpaI7nYHlVGooapVHc36-Xw==
expires
Mon, 18 Aug 2025 18:00:57 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
367 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAAKBtGNyjujmTkDyY_BYD5l1jj8xYC628&callback=Function.prototype
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://bcv3.palilaliaethnogenesis.com/
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://bcv3.palilaliaethnogenesis.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
main.js
bcv3.palilaliaethnogenesis.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/ Frame 2319
Redirect Chain
  • https://bcv3.palilaliaethnogenesis.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://bcv3.palilaliaethnogenesis.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js?
8 KB
4 KB
Script
General
Full URL
https://bcv3.palilaliaethnogenesis.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js?
Protocol
H2
Server
104.18.24.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62674e9ef200b79facec97b9a72bce13631cc467ea42d5d22d466f5e92e45a39
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 18:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8b53ce6faf268c0b-EWR

Redirect headers

date
Sun, 18 Aug 2024 18:00:57 GMT
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8b53ce6f8f0c8c0b-EWR
content-length
0
8b53ce66fdbc8c0b
bcv3.palilaliaethnogenesis.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 2319
0
631 B
XHR
General
Full URL
https://bcv3.palilaliaethnogenesis.com/cdn-cgi/challenge-platform/h/g/jsd/r/8b53ce66fdbc8c0b
Requested by
Host: bcv3.palilaliaethnogenesis.com
URL: https://bcv3.palilaliaethnogenesis.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Content-Type
application/json
Referer
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 18:00:57 GMT
server
cloudflare
cf-ray
8b53ce706fbe8c0b-EWR
content-length
0
content-type
text/plain; charset=UTF-8
common.js
maps.googleapis.com/maps-api-v3/api/js/57/13/
294 KB
64 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/57/13/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAAKBtGNyjujmTkDyY_BYD5l1jj8xYC628&callback=Function.prototype
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f10.1e100.net
Software
sffe /
Resource Hash
22d7b487c7ed16b6db70ae6aad638e15244b54cdf550ad8f0add612fcf1b1c69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://bcv3.palilaliaethnogenesis.com/
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 15:46:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
8077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65163
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 18:37:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Aug 2025 15:46:25 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/57/13/
180 KB
55 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/57/13/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAAKBtGNyjujmTkDyY_BYD5l1jj8xYC628&callback=Function.prototype
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f10.1e100.net
Software
sffe /
Resource Hash
fb4171324646676906d68d37fc0e678aaf5655e0a910d565cbca48771b727506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer
https://bcv3.palilaliaethnogenesis.com/
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform
"Linux"

Response headers

date
Sun, 18 Aug 2024 15:46:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
8077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56099
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 18:37:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Aug 2025 15:46:25 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| resolveGeolocation string| resolvedIp object| resolvedCountryData object| sfGeolocation function| $ function| jQuery object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView function| onError function| getAddressInfoByZip function| response function| openNewWindow object| checkSecure function| runSecCheck object| PAAY_DATA function| isValidNumber function| preSubmit function| handleRoute function| addDataToForm function| getDataFromForm function| translateDataAttributes function| normalizeParameters function| attach function| initValidation function| handleEmptyValues function| handleRequestStart function| assureId function| handleThirdPartyIntegrations function| shouldAttach function| checkForExtraProductInfo function| performLuhnCheck function| luhn function| setText function| setHtml function| setTextIfValue function| setHtmlIfValue function| setProductId function| setVariantId function| handlePopup function| sfSendSurvey function| handleCartBtns function| handleCartForms

7 Cookies

Domain/Path Name / Value
caxofi.adperformancemonitor.com/ Name: PHPSESSID
Value: g540jllq53p6dphmrbhncmu0ik
.caxofi.adperformancemonitor.com/ Name: cid
Value: wmps2bkdpcoa6ph3jn0v8g5a
tracknshosp.com/ Name: 15c5a561-ea64-438e-9645-409b12ddadb6-v4
Value: EH_bwHQX9jswgOSf0FCns2gwe6MvYVtMNqW22eybVxA
tracknshosp.com/ Name: cc-v4
Value: N98nYsoPGSRhC0ni7wSq90AL51sMEIvFSRyOysBQowYHVGfzc%2BO2LeecUEKU%2F3Kb5cEKN7HY0N5GHtsTNB6t5mTDoVGwqul8eH8TZa5p4Kjb3e7mliAxCildQL7hKBKtZqMKOlkf99XN5gcWVq7rCA%3D%3D
bcv3.palilaliaethnogenesis.com/ Name: sf-session-id
Value: 1f284e17-9a03-44df-917b-2e2ca8c0158f
.bcv3.palilaliaethnogenesis.com/ Name: __cf_bm
Value: .oUjHDlx1OpAnhG8Pr.dwEHBVKtcaHGp1BGZ4r3IOy0-1724004056-1.0.1.1-nx82zVJeWzdLyhI.jE8mLUbFGZQAsLciffAtUgnnltCxFCwQvgHoTO4vaPrRCT6s_LhFUETqoHrp3WZrcmB1uQ
.bcv3.palilaliaethnogenesis.com/ Name: cf_clearance
Value: OM9Yo5SBWrqwjcKN5TS7dFHBcSuX_vz_OBHcPlfdnLI-1724004057-1.2.1.1-QYK4CK9JGjGu.GxII_QkLMQgbIzDNsSuyRV6fZrVgScN61TlTmyEbJUeYJG_gwHgisVIkw03k22ArxVtfCcI0.olpjAMskuLlDYopf20lWKWIpKQiwYh0SjATVdZFrrxg42MnirnjLoYZW.iFVP4RUsthcsEoPneMt7tFMFL.4sagVEN0JGT5R63zqKLk.NkhyalHOs3ydj66kOtOxzFqoLW.EomiaI8hx5FbhXQp37FlhBqhZms72FeZ9omBMI3FqMdWjRXKI8kaQS8y5IxqN_n05h82C2oLY_CgQAifBaXEsusmIOak06tT26bwvHFUCYFTxBgp4IQ060VIfyd4qa4.J.J2RB_8Llzt4GPEg.tmm7uZad6EwEH7gK6m_ZtRgyg9lBntvrHC1e48_ZTVA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcv3.palilaliaethnogenesis.com
caxofi.adperformancemonitor.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
tracknshosp.com
trialecommercedealshub.com
104.18.24.40
151.101.194.137
172.217.165.138
172.67.188.104
2606:4700:3032::6815:d4f
2606:4700:3032::ac43:c264
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81e::200a
0068a37bb917fbd5e40263a0771c7d267a83fe1365b4be49574c4437d306ed29
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
094a4ea27365548b01c750c02b461dc1bda204e627bae5b4cb80d18d7272940b
0b4ab226e02dd62bd348bf3b84b2ae5312d0dfdfb6db43898180933444a04966
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
12285055c7f5a8a1a4cb360c04098e7b179bdd32b0d95ee828f3dd209d818cb9
14f61545c9b8ed9bf722e8e02851ccbaa556ae708b7dd207f6065198248bb270
1a16bf14f3622d514daee00976f7627bf6c7fda1557d90ebf256baddde7b0ae4
21a5f429a228c8229bda3a2806035627e4648d08f318bcca385480154f52b65e
21d154e4d18d2e518902d2b314490ef3bd70ac80c4fdb84c1593a0c633843eb5
22d7b487c7ed16b6db70ae6aad638e15244b54cdf550ad8f0add612fcf1b1c69
2a96f15487ccc31484e0c61f6aeaaad720df349b834201721dcbc35a2cfb8800
2bfca99954f9e98f4aa228151e8c2add1d01fb36f5e25021710db0e916529c62
2d4a4b919a4754ea19693b0c5659ed5145d40515154ecb83801397a82dc11615
372accf9c0be754c3547a11739b2772d5a8f5528c0aa96aed2f5021e00fb8c49
3b574eebb97a6620dda1fb10938b398f65904a79c044dae0d84201d558cc7923
3cdf9442ba4a67226fc61ac8fe1ce48dc9e52774e814357a53779e66cbcca4f1
42f1c14b93907f85399f9066fd7dd7c34fcbdac4b8ed77c9ea65b3cc0ac3ac87
584c1f96efada29b892c43463a36c370bf89774e33bc5d7ff6f176dfe7f6c154
5bc6e1981687e74f3ef80fe5a5126d959598f4855acce6782ffef02755001c6f
62674e9ef200b79facec97b9a72bce13631cc467ea42d5d22d466f5e92e45a39
7341f7b8b0ae3c0da4aea559efc31f0b53d9db9dd291664fdcf7d618fd95ed8a
74cbe81783fc23ed32a140544578579855861be089571415d5b6b9c36ea0ef6f
79d59a7d49f2a9995524cce0f1b1ff19b7571eba8b9b486d61ee0d78f1245099
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
89d94cb28c883da11b2bbead30155d33527ee85e67c0b3097ca94a60e046c028
95349c6f3503f11ca77c6ffc0da91693a0fb4fff2c1d2f08af08ba4949c66097
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caae2a450a58cb315d59141a0b2878b034782895e59da8c0beb86dcc9f907aee
d86a5fa2393620fb6cb4f90fb8b55c0badd84f2ab8fe77e8d13df4b512b42da2
de391a0a26519dcc520edd7dea10d377c536ee68c88b892935e44df710d76047
defbc2663255590edf113f0b206b85909bf6098a19b37f94c36ecbe9472835af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f33c40af726f61af3886823d02e0235746e5b4bc786b20fdda5e6c137710d6d1
f91b9386adefe6cdfe8384dc0ad69631e6fee4a5fe3ac5335f90d601d1a81616
fb4171324646676906d68d37fc0e678aaf5655e0a910d565cbca48771b727506
fef565dbab83147e2ff28f7e756dedb3fed06a2b6fd89eb1887047d73c614a37