Submitted URL: https://links.spybriefing.com/a/1485/click/1302/3215762/ae66a180a8134e1e345b2a7b4820dd34d51150c9/6ce2ea366fa6039fc43ae9adee52d...
Effective URL: https://cf.spybriefing.com/optin-26367537
Submission: On September 09 via api from US — Scanned from DE

Summary

This website contacted 78 IPs in 8 countries across 69 domains to perform 155 HTTP transactions. The main IP is 2606:4700::6810:dc2, located in United States and belongs to CLOUDFLARENET, US. The main domain is cf.spybriefing.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 8th 2023. Valid for: a year.
This is the only time cf.spybriefing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.238.129.105 396982 (GOOGLE-CL...)
2 2 52.210.174.128 16509 (AMAZON-02)
1 12 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700:e0:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 108.156.60.37 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 8 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 52.222.236.71 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2620:116:800d... 16509 (AMAZON-02)
2 2a04:4e42:8e::84 54113 (FASTLY)
2 23.32.185.60 16625 (AKAMAI-AS)
2 172.190.104.130 8075 (MICROSOFT...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2606:4700:1::... 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 143.204.207.250 16509 (AMAZON-02)
5 104.126.37.42 20940 (AKAMAI-ASN1)
3 3.213.54.222 14618 (AMAZON-AES)
3 37.48.87.182 60781 (LEASEWEB-...)
1 46.228.164.11 56396 (AMOBEE)
2 3 54.147.75.20 14618 (AMAZON-AES)
1 151.139.128.10 20446 (STACKPATH...)
1 13.58.146.195 16509 (AMAZON-02)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 64.202.112.223 23352 (SERVERCEN...)
1 2600:9000:223... 16509 (AMAZON-02)
3 23.206.208.183 16625 (AKAMAI-AS)
5 35.190.43.134 15169 (GOOGLE)
1 34.90.79.92 396982 (GOOGLE-CL...)
1 2a02:2638:d::10 44788 (ASN-CRITE...)
1 2600:9000:21f... 16509 (AMAZON-02)
1 5 2600:9000:225... 16509 (AMAZON-02)
1 34.76.5.13 396982 (GOOGLE-CL...)
4 3.124.62.113 16509 (AMAZON-02)
4 5 2a02:2638:3::c 44788 (ASN-CRITE...)
1 178.250.1.11 44788 (ASN-CRITE...)
1 2a05:d018:cc3... 16509 (AMAZON-02)
1 1 178.250.1.9 44788 (ASN-CRITE...)
1 74.119.119.150 19750 (AS-CRITEO)
1 151.101.2.137 54113 (FASTLY)
1 1 172.217.16.194 15169 (GOOGLE)
2 178.250.7.11 44788 (ASN-CRITE...)
1 3.121.134.250 16509 (AMAZON-02)
2 2 37.252.171.53 29990 (ASN-APPNEX)
1 2 185.89.210.46 29990 (ASN-APPNEX)
1 23.218.208.23 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
1 3.77.133.205 16509 (AMAZON-02)
1 185.86.139.102 201081 (SMARTADSE...)
1 141.226.228.48 200478 (TABOOLA-AS)
1 2.16.97.41 16625 (AKAMAI-AS)
1 76.223.111.18 16509 (AMAZON-02)
1 3.75.62.37 16509 (AMAZON-02)
1 37.157.6.243 198622 (ADFORM)
1 185.255.84.152 200271 (IGUANE-)
1 2 172.64.148.101 13335 (CLOUDFLAR...)
1 2 52.17.210.114 16509 (AMAZON-02)
1 54.194.37.177 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 18.197.66.22 16509 (AMAZON-02)
1 198.47.127.205 3257 (GTT-BACKB...)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 85.215.5.31 6786 (CRONON-BE...)
1 184.30.17.243 16625 (AKAMAI-AS)
1 34.250.36.253 16509 (AMAZON-02)
1 3.123.197.153 16509 (AMAZON-02)
1 35.227.225.220 15169 (GOOGLE)
2 162.247.243.29 54113 (FASTLY)
1 18.203.183.215 16509 (AMAZON-02)
1 13.59.220.190 16509 (AMAZON-02)
155 78
Apex Domain
Subdomains
Transfer
13 spybriefing.com
links.spybriefing.com — Cisco Umbrella Rank: 524775
cf.spybriefing.com
896 KB
11 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 4045
gum.criteo.com — Cisco Umbrella Rank: 455
mug.criteo.com — Cisco Umbrella Rank: 2500
sslwidget.criteo.com — Cisco Umbrella Rank: 2276
widget.us.criteo.com — Cisco Umbrella Rank: 25287
dis.criteo.com — Cisco Umbrella Rank: 633
34 KB
8 infusionsoft.app
kw493.infusionsoft.app
9 KB
7 gstatic.com
fonts.gstatic.com
194 KB
6 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3226
d.adroll.com — Cisco Umbrella Rank: 1446
89 KB
6 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3321
tr.outbrain.com — Cisco Umbrella Rank: 3086
wave.outbrain.com — Cisco Umbrella Rank: 3288
sync.outbrain.com — Cisco Umbrella Rank: 886
9 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
cm.g.doubleclick.net — Cisco Umbrella Rank: 259
4 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 968
1 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 5643
884 B
5 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2541
www.google.com — Cisco Umbrella Rank: 2
1 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 757
138 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 279
secure.adnxs.com — Cisco Umbrella Rank: 500
3 KB
4 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 3318
9 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
21 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
354 KB
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1204
105 KB
3 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 922
2 KB
3 rdcdn.com
rdcdn.com — Cisco Umbrella Rank: 57735
778 B
3 prayfashion.com
visit.prayfashion.com
3 adblade.com
web.adblade.com — Cisco Umbrella Rank: 116184
pixel.adblade.com — Cisco Umbrella Rank: 291428
1 KB
3 wickedreports.com
widget.wickedreports.com — Cisco Umbrella Rank: 51376
track.wickedreports.com — Cisco Umbrella Rank: 73879
10 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 261
751 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 234
2 KB
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1668
1 KB
2 customer.io
assets.customer.io — Cisco Umbrella Rank: 15368
track.customer.io — Cisco Umbrella Rank: 12636
3 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
216 B
2 adskeeper.co.uk
a.adskeeper.co.uk — Cisco Umbrella Rank: 38059
5 KB
2 mgid.com
a.mgid.com — Cisco Umbrella Rank: 14814
5 KB
2 statistinamics.com
ndn.statistinamics.com — Cisco Umbrella Rank: 166648
1 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 972
20 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1322
pixel.quantserve.com — Cisco Umbrella Rank: 1108
10 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 186
90 KB
2 clickfunnels.com
app.clickfunnels.com — Cisco Umbrella Rank: 54908
assets.clickfunnels.com — Cisco Umbrella Rank: 87066
3 KB
2 infusionsoft.com
kw493.infusionsoft.com
31 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
4 KB
2 go2cloud.org
spybriefingllc.go2cloud.org
2 KB
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 2521
268 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 745
338 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 2249
44 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2700
38 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4660
400 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 29811
153 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2893
398 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 896
578 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1358
880 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 3488
274 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 743
199 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1072
342 B
1 adform.net
cm.adform.net — Cisco Umbrella Rank: 1256
163 B
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 352
125 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 440
140 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2585
163 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1485
99 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 730
114 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 610
35 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 385
239 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 712
784 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 369
146 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 460
26 KB
1 revmizer.com
m.revmizer.com
1 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 4989
4 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1255
643 B
1 revcontent.com
assets.revcontent.com — Cisco Umbrella Rank: 8331
10 KB
1 turn.com
r.turn.com — Cisco Umbrella Rank: 4368
398 B
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1151
17 KB
1 exoclick.com
a.exoclick.com — Cisco Umbrella Rank: 61711
959 B
1 segmetrics.io
tag.segmetrics.io — Cisco Umbrella Rank: 88607
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1103
7 KB
0 addevent.com Failed
track.addevent.com Failed
155 69
Domain Requested by
12 cf.spybriefing.com 1 redirects cf.spybriefing.com
8 kw493.infusionsoft.app 2 redirects cf.spybriefing.com
kw493.infusionsoft.app
7 fonts.gstatic.com fonts.googleapis.com
5 gum.criteo.com 4 redirects cf.spybriefing.com
5 s.adroll.com 1 redirects cf.spybriefing.com
5 tr.snapchat.com cf.spybriefing.com
sc-static.net
5 www.google.de cf.spybriefing.com
5 analytics.tiktok.com cf.spybriefing.com
analytics.tiktok.com
4 tags.srv.stackadapt.com cf.spybriefing.com
4 www.google.com cf.spybriefing.com
4 www.google-analytics.com cf.spybriefing.com
4 www.googletagmanager.com cf.spybriefing.com
4 use.fontawesome.com cf.spybriefing.com
use.fontawesome.com
3 ct.pinterest.com cf.spybriefing.com
3 tr.outbrain.com amplify.outbrain.com
cf.spybriefing.com
3 stats.g.doubleclick.net www.googletagmanager.com
cf.spybriefing.com
3 rdcdn.com 2 redirects cf.spybriefing.com
3 visit.prayfashion.com cf.spybriefing.com
2 bam.nr-data.net cf.spybriefing.com
2 dpm.demdex.net 1 redirects
2 r.casalemedia.com 1 redirects
2 secure.adnxs.com 1 redirects
2 ib.adnxs.com 2 redirects
2 dis.criteo.com
2 www.facebook.com cf.spybriefing.com
2 web.adblade.com cf.spybriefing.com
2 a.adskeeper.co.uk cf.spybriefing.com
2 a.mgid.com cf.spybriefing.com
2 ndn.statistinamics.com cf.spybriefing.com
2 s.pinimg.com cf.spybriefing.com
2 googleads.g.doubleclick.net cf.spybriefing.com
2 connect.facebook.net cf.spybriefing.com
2 kw493.infusionsoft.com cf.spybriefing.com
2 widget.wickedreports.com cf.spybriefing.com
2 fonts.googleapis.com cf.spybriefing.com
2 spybriefingllc.go2cloud.org 2 redirects
1 s.thebrighttag.com
1 beacon.krxd.net
1 track.customer.io
1 e1.emxdgt.com
1 sync-criteo.ads.yieldmo.com
1 ad.yieldlab.net
1 a.twiago.com
1 criteo-partners.tremorhub.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 exchange.mediavine.com
1 matching.ivitrack.com
1 ad.360yield.com
1 visitor.omnitagjs.com
1 cm.adform.net
1 ups.analytics.yahoo.com
1 eb2.3lift.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 match.sharethrough.com
1 pixel.rubiconproject.com
1 contextual.media.net
1 x.bidswitch.net
1 cm.g.doubleclick.net 1 redirects
1 assets.clickfunnels.com
1 js-agent.newrelic.com cf.spybriefing.com
1 widget.us.criteo.com cf.spybriefing.com
1 sslwidget.criteo.com 1 redirects
1 d.adroll.com cf.spybriefing.com
1 mug.criteo.com cf.spybriefing.com
1 m.revmizer.com cf.spybriefing.com
1 assets.customer.io cf.spybriefing.com
1 dynamic.criteo.com cf.spybriefing.com
1 pixel.quantserve.com cf.spybriefing.com
1 tag.simpli.fi cf.spybriefing.com
1 rules.quantcount.com cf.spybriefing.com
1 wave.outbrain.com cf.spybriefing.com
1 region1.analytics.google.com www.googletagmanager.com
1 track.wickedreports.com cf.spybriefing.com
1 assets.revcontent.com cf.spybriefing.com
1 r.turn.com cf.spybriefing.com
1 pixel.adblade.com cf.spybriefing.com
1 sc-static.net cf.spybriefing.com
1 a.exoclick.com cf.spybriefing.com
1 amplify.outbrain.com cf.spybriefing.com
1 secure.quantserve.com cf.spybriefing.com
1 tag.segmetrics.io cf.spybriefing.com
1 static.cloudflareinsights.com cf.spybriefing.com
1 app.clickfunnels.com cf.spybriefing.com
1 links.spybriefing.com 1 redirects
0 track.addevent.com Failed cf.spybriefing.com
155 88

This site contains links to these domains. Also see Links.

Domain
spybriefing.com
Subject Issuer Validity Valid
cf.spybriefing.com
Cloudflare Inc ECC CA-3
2023-04-08 -
2024-04-07
a year crt.sh
use.fontawesome.com
GTS CA 1P5
2023-09-01 -
2023-11-30
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
widget.wickedreports.com
Amazon RSA 2048 M01
2023-08-02 -
2024-08-30
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-08-01 -
2024-07-30
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-06-19 -
2023-09-17
3 months crt.sh
tag.segmetrics.io
Amazon RSA 2048 M02
2023-02-23 -
2023-11-13
9 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
quantserve.com
R3
2023-08-29 -
2023-11-27
3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-31 -
2024-08-07
a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-09 -
2024-02-11
a year crt.sh
statistinamics.com
R3
2023-07-12 -
2023-10-10
3 months crt.sh
exoclick.com
R3
2023-08-17 -
2023-11-15
3 months crt.sh
sc-static.net
Amazon RSA 2048 M02
2023-01-20 -
2024-02-18
a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018
2023-07-14 -
2024-08-13
a year crt.sh
adblade.com
Amazon RSA 2048 M02
2023-03-18 -
2024-04-15
a year crt.sh
*.rdtk.io
GoGetSSL RSA DV CA
2023-07-19 -
2024-07-19
a year crt.sh
*.turn.com
RapidSSL TLS RSA CA G1
2023-03-22 -
2024-03-31
a year crt.sh
assets.revcontent.com
R3
2023-09-08 -
2023-12-07
3 months crt.sh
track.wickedreports.com
Amazon RSA 2048 M02
2023-03-15 -
2024-04-12
a year crt.sh
www.google.de
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
www.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-13 -
2024-04-12
a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2022-11-07 -
2023-12-08
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-19 -
2023-10-18
3 months crt.sh
*.customer.io
Amazon RSA 2048 M01
2023-03-02 -
2023-12-17
10 months crt.sh
s.adroll.com
Amazon RSA 2048 M01
2023-06-03 -
2024-07-01
a year crt.sh
acquire-mapp.skousen.dk
R3
2023-08-25 -
2023-11-23
3 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02
2023-09-09 -
2024-10-07
a year crt.sh
d.adroll.com
Amazon RSA 2048 M01
2022-11-08 -
2023-12-07
a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2
2023-04-13 -
2024-05-14
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01
2023-06-14 -
2024-07-12
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
teads.tv
R3
2023-06-26 -
2023-09-24
3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-03 -
2024-01-24
6 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-25 -
2024-06-18
a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2023-06-23 -
2024-07-22
a year crt.sh
*.360yield.com
Amazon RSA 2048 M01
2023-05-29 -
2024-06-26
a year crt.sh
itm.ivitrack.com
R3
2023-08-16 -
2023-11-14
3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02
2023-06-06 -
2024-07-04
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2023-04-20 -
2024-05-20
a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01
2023-02-22 -
2024-03-23
a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA
2022-11-28 -
2023-12-29
a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-16 -
2023-11-15
a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01
2023-04-04 -
2024-05-02
a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01
2023-05-03 -
2024-05-31
a year crt.sh
api.customer.io
GTS CA 1D4
2023-08-29 -
2023-11-27
3 months crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-18 -
2023-12-19
a year crt.sh

This page contains 7 frames:

Primary Page: https://cf.spybriefing.com/optin-26367537
Frame ID: FFE4EF7FCC70023D7796DB287D6B8E9D
Requests: 120 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=dcac7434-c37f-428b-b940-285ccbce8757&u_scsid=f28ff306-cfed-4cd1-9975-b82e2e28838d&u_sclid=b7e03899-db35-43d0-a9d3-a91922a6f238
Frame ID: 62DB4033CE3B7131C6FC0CBAFBC9B7DE
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=cf.spybriefing.com&origin=onetag
Frame ID: 98C6749396D6B35DAE90C215A4F7997E
Requests: 2 HTTP requests in this frame

Frame: https://kw493.infusionsoft.app/app/webTracking/websiteTriggerIframe
Frame ID: EB8B50F2F1A46563B9B7E9436DB9772C
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: B56D8B9D0C47A580BBD19BEA31A7ADEF
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-N_WhejWkLMszgtTS0R8t5il6v-vQ6q3ja04Fhg&google_gid=CAESEPHrPFdLJ3ywSYWuJ0hm4OY&google_cver=1&google_ula=913071,0
Frame ID: 21489B85E64AE31B267F79759D9CBCA9
Requests: 28 HTTP requests in this frame

Frame: https://kw493.infusionsoft.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js
Frame ID: 2531643871A8C329BD9A2C387FB7CAF1
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Survive Like a Spy

Page URL History Show full URLs

  1. https://links.spybriefing.com/a/1485/click/1302/3215762/ae66a180a8134e1e345b2a7b4820dd34d51150c9/6ce2ea366... HTTP 302
    http://spybriefingllc.go2cloud.org/aff_c?offer_id=44&aff_id=1&aff_sub=30dg-wk3-d4-em2 HTTP 302
    https://spybriefingllc.go2cloud.org/aff_c?offer_id=44&aff_id=1&aff_sub=30dg-wk3-d4-em2 HTTP 302
    https://cf.spybriefing.com/survive-like-a-spy-book-lp HTTP 302
    https://cf.spybriefing.com/optin-26367537 Page URL

Detected technologies

Overall confidence: 75%
Detected patterns

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

155
Requests

88 %
HTTPS

35 %
IPv6

69
Domains

88
Subdomains

78
IPs

8
Countries

2118 kB
Transfer

6537 kB
Size

77
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.spybriefing.com/a/1485/click/1302/3215762/ae66a180a8134e1e345b2a7b4820dd34d51150c9/6ce2ea366fa6039fc43ae9adee52db45f7d3df06 HTTP 302
    http://spybriefingllc.go2cloud.org/aff_c?offer_id=44&aff_id=1&aff_sub=30dg-wk3-d4-em2 HTTP 302
    https://spybriefingllc.go2cloud.org/aff_c?offer_id=44&aff_id=1&aff_sub=30dg-wk3-d4-em2 HTTP 302
    https://cf.spybriefing.com/survive-like-a-spy-book-lp HTTP 302
    https://cf.spybriefing.com/optin-26367537 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://rdcdn.com/rt?aid=19177&e=1&img=1 HTTP 302
  • https://rdcdn.com/eow HTTP 302
  • https://rdcdn.com/images/blank.gif
Request Chain 104
  • https://s.adroll.com/j/exp/LIAFGQD4BJCQNANH5CBFII/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 105
  • https://gum.criteo.com/sid/json?origin=onetag&domain=spybriefing.com&sn=ChromeSyncframe&so=0&topUrl=cf.spybriefing.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Ngr_onw4SEZha1lEMTBVL2NyZmx1MFR2Q3pSOE5vMDNkQlBxZXNzVVJHUUZsY2lDa2Z1YVEwNXlucW5WdHhHOG94V2FycE9PajhTNVN1TGZySStZSzVXUjU2YkxlV2ovT2o4NUtIRE9EYXNJRjBteEZseXB5WFpxZ1ZBaURLOHdSMXBTSWJGaENjR2o2MTFZREJhZDdnZXpUYVQ0OWdOVEdHWGFXMXk5ZTZ0MEZSWVlRZmF5SklDcXRJT2prbkNtb3daN2pma1VLdXM2ZEl6WnVuanNIWG5SdkExRlR1djRhWk5KaGxJSXp3ZWE4SWVvUWp4VUJPNWkyTTJzaXFBRnRqWXRXWm40VnE1dEFCdEplcU5oV3F1am9KZz09fA&cppv=2
Request Chain 109
  • https://sslwidget.criteo.com/event?a=94432&v=5.17.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=Pf0fCV9weEZUUXpLRzlrb2h2RlhUTHVoQnlxdExuVzZJZm5PbTNPR0hDSE5WT0EwVk1uTDRNYWxsZnhJdlRRR05uWXRndm9jZHMzMmxBaTB4Q2VTdXQxQ3RtZk0lMkJ5OHpQZnlnT1lJV3dQYmRTcjZyJTJCYndEQkM1NjJKZUlHOVRWcXAzdk9reEtWSUI2anRGY0tMWkJrZDJhMTRnJTNEJTNE&tld=spybriefing.com&dy=1&fu=https%253A%252F%252Fcf.spybriefing.com%252Foptin-26367537&ceid=255491be-479a-46af-ba62-790c8f4f5e80&dtycbr=99022 HTTP 302
  • https://widget.us.criteo.com/event?a=94432&v=5.17.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=Pf0fCV9weEZUUXpLRzlrb2h2RlhUTHVoQnlxdExuVzZJZm5PbTNPR0hDSE5WT0EwVk1uTDRNYWxsZnhJdlRRR05uWXRndm9jZHMzMmxBaTB4Q2VTdXQxQ3RtZk0lMkJ5OHpQZnlnT1lJV3dQYmRTcjZyJTJCYndEQkM1NjJKZUlHOVRWcXAzdk9reEtWSUI2anRGY0tMWkJrZDJhMTRnJTNEJTNE&tld=spybriefing.com&dy=1&fu=https%253A%252F%252Fcf.spybriefing.com%252Foptin-26367537&ceid=255491be-479a-46af-ba62-790c8f4f5e80&dtycbr=99022
Request Chain 120
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-N_WhejWkLMszgtTS0R8t5il6v-vQ6q3ja04Fhg&google_cm&google_hm=ay1OX1doZWpXa0xNc3pndFRTMFI4dDVpbDZ2LXZRNnEzamEwNEZoZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-N_WhejWkLMszgtTS0R8t5il6v-vQ6q3ja04Fhg&google_gid=CAESEPHrPFdLJ3ywSYWuJ0hm4OY&google_cver=1&google_ula=913071,0
Request Chain 122
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7680869828069581412
Request Chain 123
  • https://secure.adnxs.com/setuid?entity=52&code=k-kTaIMTWkLMszgtTS0R8t5il6v-uOrp5HPByi9Q HTTP 307
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-kTaIMTWkLMszgtTS0R8t5il6v-uOrp5HPByi9Q
Request Chain 134
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nMfqEDWkLMszgtTS0R8t5il6v-tuxuJ01BMFsw HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nMfqEDWkLMszgtTS0R8t5il6v-tuxuJ01BMFsw&C=1
Request Chain 135
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=gPZSaqvkDrdkbL1w8vp9A64D6keL1TzR HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=gPZSaqvkDrdkbL1w8vp9A64D6keL1TzR
Request Chain 149
  • https://kw493.infusionsoft.app/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://kw493.infusionsoft.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js
Request Chain 150
  • https://kw493.infusionsoft.app/app/webTracking/contact/1694280048341?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=cf.spybriefing.com&location=https://cf.spybriefing.com/optin-26367537&referrer= HTTP 302
  • https://kw493.infusionsoft.app/slices/spacer.gif
Request Chain 153
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=EFj-63oQ2tawsZYwW60s-k-0mVCSBaTt
Request Chain 154
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=vqtjmgk_l9tPyk0FhudKhoUcU0g5740H

155 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request optin-26367537
cf.spybriefing.com/
Redirect Chain
  • https://links.spybriefing.com/a/1485/click/1302/3215762/ae66a180a8134e1e345b2a7b4820dd34d51150c9/6ce2ea366fa6039fc43ae9adee52db45f7d3df06
  • http://spybriefingllc.go2cloud.org/aff_c?offer_id=44&aff_id=1&aff_sub=30dg-wk3-d4-em2
  • https://spybriefingllc.go2cloud.org/aff_c?offer_id=44&aff_id=1&aff_sub=30dg-wk3-d4-em2
  • https://cf.spybriefing.com/survive-like-a-spy-book-lp
  • https://cf.spybriefing.com/optin-26367537
325 KB
56 KB
Document
General
Full URL
https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
5fac795cabe3ee62b68ff2348b973d098d036f89368bc3dbf106a9e9c63720f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
cf-cache-status
BYPASS
cf-ray
80411a97eb349be9-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 09 Sep 2023 17:20:47 GMT
server
cloudflare
status
200 OK
vary
Accept-Encoding
x-powered-by
Phusion Passenger Enterprise 6.0.7
x-rack-cache
miss
x-request-id
a70833397a0975d6d3e1ee60eabb0cd2
x-runtime
0.436878

Redirect headers

cache-control
no-cache
cf-cache-status
MISS
cf-ray
80411a952f649be9-FRA
content-type
text/html; charset=utf-8
date
Sat, 09 Sep 2023 17:20:47 GMT
location
https://cf.spybriefing.com/optin-26367537
server
cloudflare
status
302 Found
vary
Accept-Encoding
x-powered-by
Phusion Passenger Enterprise 6.0.7
x-rack-cache
miss
x-request-id
ce044b9ef199a3618296233c87cbe97b
x-runtime
0.237683
lander.css
cf.spybriefing.com/assets/
425 KB
70 KB
Stylesheet
General
Full URL
https://cf.spybriefing.com/assets/lander.css
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2023 15:07:10 GMT
server
cloudflare
age
516
etag
W/"64f8959e-6a514"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=1200
cf-ray
80411a9c49599be9-FRA
expires
Sat, 09 Sep 2023 17:40:48 GMT
all.css
use.fontawesome.com/releases/v5.9.0/css/
55 KB
12 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BW4J78579ASQK4S4
age
310244
alt-svc
h3=":443"; ma=86400
x-amz-id-2
GbpJIjZadkuQuE+uV0/MqW9+54hkvNpKB0LdOoyK50rQwu3sx6Y0hjaPWfoubpchpjkvVTMgnMI=
last-modified
Wed, 30 Jun 2021 15:48:06 GMT
server
cloudflare
etag
W/"dbf9d822cefe851ba6f66e1ad57e8987"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9NvrBPExMU4RvJokfZl6s5nmIYpnVeWgsbHYJkuyopNqo9JdlvhdXwgnYgH6bI8bHD4D6PbQKXPuvBSHdwpEv4NlFZvQSAZrqmAK%2BUhrfxs0QMr3oMULKFPwk41BGmWQxQ4h0xqRk5v52zO9SD088ix"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
80411a9ccdd119b1-FRA
v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/
26 KB
5 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JMAWFQ67PBTYSD8W
age
310236
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ypGg9RKtK8gJx9bRk8h+/CapZXdue5UnjCBGnunZqSVR46xC5xNOLZneLKcmXKWDOpQ+jt5Wm/8=
last-modified
Wed, 30 Jun 2021 15:48:06 GMT
server
cloudflare
etag
W/"e140a7d32f343530f016095df3cc2ae4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sOnQ6xV4i0%2BFpQ7Kl0lELNm733LnC38HSaNyPrePjQ%2Fp%2FSwybsq9LZ%2BwVO0YgbjTbySUHX2UUpy1IAdQL0rguYjR%2FD7heEskL4pb%2B%2B7MpkIJiMzhVrDBhCaEfJun%2BW0dkqikBJxoWxXGESNBrJyxAEM"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
80411a9ccdd319b1-FRA
css
fonts.googleapis.com/
47 KB
3 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e5e8efadc0a91b136a0c423605584fffb389787c5825e019ec7b7a0004cb47b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Sep 2023 17:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Sep 2023 15:34:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Sep 2023 17:20:48 GMT
application.js
cf.spybriefing.com/assets/userevents/
5 KB
2 KB
Script
General
Full URL
https://cf.spybriefing.com/assets/userevents/application.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2023 15:07:10 GMT
server
cloudflare
age
275
etag
W/"64f8959e-147c"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
cf-ray
80411a9e4c319be9-FRA
expires
Sat, 09 Sep 2023 17:40:48 GMT
wr-15588b5b98d5a145eb6c0c9985ace1f4.js
widget.wickedreports.com/v2/4620/
423 B
799 B
Script
General
Full URL
https://widget.wickedreports.com/v2/4620/wr-15588b5b98d5a145eb6c0c9985ace1f4.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-37.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ffd145aaf82cf82f2bea351f15f1be121d7b0ac919ba83be4be1468a71af176a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 22:50:48 GMT
via
1.1 abf5199c76a5a64063b4cf8863f823aa.cloudfront.net (CloudFront)
last-modified
Mon, 21 Aug 2023 17:33:09 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
66601
x-amz-server-side-encryption
AES256
etag
"a205d96396853bdf804292300f0e13cf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
423
x-amz-cf-id
mCXEUpjrLSddftH6DzVyyPLrpDRw-WPDcEzf1xzuquGbr78N6sEcAA==
js
www.googletagmanager.com/gtag/
171 KB
63 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-164010868-2
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d2cef94e7f53ef57ae7de03970f83bda6a95f0ce632b7709da06b62071c398b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64278
x-xss-protection
0
last-modified
Sat, 09 Sep 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Sep 2023 17:20:48 GMT
js
www.googletagmanager.com/gtag/
189 KB
70 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-566831634
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf26e6422c4a5acf959d32fcc4cb8aab81389631b070be100eb20e5077af79df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71144
x-xss-protection
0
last-modified
Sat, 09 Sep 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Sep 2023 17:20:48 GMT
getTrackingCode
kw493.infusionsoft.app/app/webTracking/
7 KB
2 KB
Script
General
Full URL
https://kw493.infusionsoft.app/app/webTracking/getTrackingCode
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65fe5c0c5a06bbf5841f03219a3cb5c120928a84ba31242b21357a0d466426a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
server
cloudflare
via
1.1 google
vary
accept-encoding
content-type
text/javascript;charset=UTF-8
cache-control
no-cache, no-store
cf-ray
80411a9cdbb81c17-FRA
x-xss-protection
1; mode=block
expires
Sat, 09 Sep 2023 17:20:48 GMT
timezoneInputJs
kw493.infusionsoft.com/app/timezone/
601 B
778 B
Script
General
Full URL
https://kw493.infusionsoft.com/app/timezone/timezoneInputJs?xid=53edae5aa57a233089f858ece3cb7d94
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55a16a61f818a4c1375fca1f549fbcf0b9487cfaeb323032e26b4ef2e7a4b670
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
server
cloudflare
via
1.1 google
x-frame-options
SAMEORIGIN
vary
accept-encoding
content-type
text/javascript;charset=UTF-8
cache-control
no-cache, no-store
cf-ray
80411a9cda643665-FRA
x-xss-protection
1; mode=block
expires
Sat, 09 Sep 2023 17:20:48 GMT
jquery-3.3.1.js
kw493.infusionsoft.com/js/jquery/
84 KB
30 KB
Script
General
Full URL
https://kw493.infusionsoft.com/js/jquery/jquery-3.3.1.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a36500e83ddd457e5e41c712041085e300b4f4bb1776488a6393433895ae05ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1655331
via
1.1 google
x-xss-protection
1; mode=block
last-modified
Sun, 20 Aug 2023 03:06:30 GMT
server
cloudflare
etag
W/"85855-1692500790933"
x-frame-options
SAMEORIGIN
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=29898669
cf-ray
80411a9cda663665-FRA
expires
Tue, 20 Aug 2024 18:31:57 GMT
overwriteRefererJs
kw493.infusionsoft.app/app/webform/
202 B
809 B
Script
General
Full URL
https://kw493.infusionsoft.app/app/webform/overwriteRefererJs
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbafd37b04603f38be311dca28a3e5ff54b8117a0bf6b56ba37674367c863dd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
server
cloudflare
via
1.1 google
x-frame-options
SAMEORIGIN
vary
accept-encoding
content-type
text/javascript;charset=UTF-8
cache-control
no-cache, no-store
cf-ray
80411a9cdbbc1c17-FRA
x-xss-protection
1; mode=block
expires
Sat, 09 Sep 2023 17:20:48 GMT
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato%7COpen+Sans%7CRoboto%7COpen+Sans%7COswald%7CDroid+Sans%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7CDroid+Sans%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CDroid+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CDroid+Sans%7COpen+Sans%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7COpen+Sans%7CSpecial+Elite%7C
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6a82342b5ce67903cc534c7585a73cbc48ee74ff73be14232d63fccf3c9bca0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Sep 2023 17:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Sep 2023 17:20:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Sep 2023 17:20:48 GMT
lander.js
cf.spybriefing.com/assets/
2 MB
662 KB
Script
General
Full URL
https://cf.spybriefing.com/assets/lander.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39c7e8ccf2bd8f2c915ac24838e82f64e25f9e84891c474b75e6c72137715461

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2023 15:08:47 GMT
server
cloudflare
age
177
etag
W/"64f895ff-238672"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=1200
cf-ray
80411a9c79ab9be9-FRA
expires
Sat, 09 Sep 2023 17:40:48 GMT
mailcheck.min.js
app.clickfunnels.com/
3 KB
2 KB
Script
General
Full URL
https://app.clickfunnels.com/mailcheck.min.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2023 15:07:10 GMT
server
cloudflare
age
1729
etag
W/"64f8959e-a8d"
vary
Accept-Encoding
content-type
application/x-javascript
cf-ray
80411a9eed250408-FRA
pushcrew.js
cf.spybriefing.com/assets/
637 B
445 B
Script
General
Full URL
https://cf.spybriefing.com/assets/pushcrew.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2023 15:07:09 GMT
server
cloudflare
age
1131
etag
W/"64f8959d-27d"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=1200
cf-ray
80411a9e4c419be9-FRA
expires
Sat, 09 Sep 2023 17:40:48 GMT
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/
20 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://cf.spybriefing.com/
Origin
https://cf.spybriefing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:48 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
80411a9ede3b996e-FRA
fbevents.js
connect.facebook.net/en_US/
193 KB
52 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 09 Sep 2023 17:20:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52127
x-xss-protection
0
pragma
public
x-fb-debug
aRrVz1oULdTt9MiWR+ntW+DylrfkA3hrKf1Z2+wmagLKKvp92uvE2SgdIXGkx/xIEMFSkPbjRc+C+fNWB3CTAQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
a1Rnre.js
tag.segmetrics.io/
0
0
Script
General
Full URL
https://tag.segmetrics.io/a1Rnre.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-71.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

gtm.js
www.googletagmanager.com/
392 KB
132 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ef8984227f1fa9cd55bc2c8f962478f71ac78c4d1bb7aee971dcafb3bb9983f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134561
x-xss-protection
0
last-modified
Sat, 09 Sep 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Sep 2023 17:20:48 GMT
truncated
/
26 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
main-bg.jpg
cf.spybriefing.com/hosted/images/09/28b200b05911e88deee167a372312d/
2 KB
2 KB
Image
General
Full URL
https://cf.spybriefing.com/hosted/images/09/28b200b05911e88deee167a372312d/main-bg.jpg
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e3a28df51924c57892c425cf0e17f6509339c8c90c86f9aa71279d3295e66b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:48 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 04 Sep 2018 15:41:52 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
x-amz-cf-pop
FRA53-C1
etag
"9de988dd02676a54ff16f31f7a576289"
cf-polished
status=not_needed
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
80411a9e7c839be9-FRA
content-length
1570
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cf.spybriefing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 00:05:03 GMT
x-content-type-options
nosniff
age
62145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 00:05:03 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%7COpen+Sans%7CRoboto%7COpen+Sans%7COswald%7CDroid+Sans%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7CDroid+Sans%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CDroid+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CDroid+Sans%7COpen+Sans%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7COpen+Sans%7CSpecial+Elite%7C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cf.spybriefing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 06:04:28 GMT
x-content-type-options
nosniff
age
40580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18664
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:19:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 06:04:28 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%7COpen+Sans%7CRoboto%7COpen+Sans%7COswald%7CDroid+Sans%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7CDroid+Sans%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CDroid+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CDroid+Sans%7COpen+Sans%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7COpen+Sans%7CSpecial+Elite%7C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cf.spybriefing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:23:51 GMT
x-content-type-options
nosniff
age
331017
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12276
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:49:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Sep 2024 21:23:51 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v53/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cf.spybriefing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:28:25 GMT
x-content-type-options
nosniff
age
330743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21444
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:38:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Sep 2024 21:28:25 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.9.0/webfonts/
74 KB
74 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer
https://use.fontawesome.com/releases/v5.9.0/css/all.css
Origin
https://cf.spybriefing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CMSEPNNE35C1Y4QA
age
590838
alt-svc
h3=":443"; ma=86400
content-length
75440
x-amz-id-2
Gx5MSJPlzwkdQ6/tD32/0Stz6DFJTFIcfaYVRxKnoi5kOKeP/HMdvOmO2IQiBoOd63voTkX6mMM=
last-modified
Wed, 30 Jun 2021 15:48:27 GMT
server
cloudflare
etag
"b5cf8ae26748570d8fb95a47f46b69e1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oY7LASr3g99SFtJNHGL9Jbzdw3KLTs32qCV2veeiJR8hVsy3NaBZ%2BI46mEZFUX6haFQkDuDuoHNJlncIGne3FI%2B0vaqzHDnmgGAxXKL8tClr9%2BLM1MXwV3iyNUCewQsHutbZj9uwwYa2nqq407e8ay2n"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
80411a9f0b292bc3-FRA
SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v18/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cf.spybriefing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 19:52:08 GMT
x-content-type-options
nosniff
age
250120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22376
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Sep 2024 19:52:08 GMT
XLYgIZbkc4JPUL5CVArUVL0ntnAOSA.woff2
fonts.gstatic.com/s/specialelite/v18/
52 KB
52 KB
Font
General
Full URL
https://fonts.gstatic.com/s/specialelite/v18/XLYgIZbkc4JPUL5CVArUVL0ntnAOSA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%7COpen+Sans%7CRoboto%7COpen+Sans%7COswald%7CDroid+Sans%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7CDroid+Sans%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CDroid+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CSpecial+Elite%7COpen+Sans%7CDroid+Sans%7COpen+Sans%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7COpen+Sans%7CSpecial+Elite%7C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
770493d84cbb753cd0573d0f014550583138f40469d137e310d239593a1949d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cf.spybriefing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 05:58:46 GMT
x-content-type-options
nosniff
age
40922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53296
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:00:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 05:58:46 GMT
fa-regular-400.woff2
use.fontawesome.com/releases/v5.9.0/webfonts/
13 KB
14 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9

Request headers

Referer
https://use.fontawesome.com/releases/v5.9.0/css/all.css
Origin
https://cf.spybriefing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5V7MQD9B2VXWXYYP
age
78398
alt-svc
h3=":443"; ma=86400
content-length
13580
x-amz-id-2
c8V4yiZtZez2YuEMkY4HlUcQ7yz09zBbkfZLY1xbJB2Er4bBLDbSajEvJGFHFWS2m3R6nq73WTA=
last-modified
Wed, 30 Jun 2021 15:48:27 GMT
server
cloudflare
etag
"e07d9e40b26048d9abe2ef966cd6e263"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7PT1B2bS4Mlv3JEyT9QaJjoKcSts1se88rxCBMs4hGCTaSOBEaZ4UxEbN%2FY0YAHIPORIFJ55BYH8lSvnC2NBbDoMnOqbRlDmZ6dJnfyWA9FomYZVYrGPncPkPTU89Nr5QCH9tpbO0qLimiSPvXUs2li"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
80411a9f0b2d2bc3-FRA
SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v18/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cf.spybriefing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 19:45:36 GMT
x-content-type-options
nosniff
age
77712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21224
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:04:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Sep 2024 19:45:36 GMT
vendor.js
cf.spybriefing.com/
18 KB
6 KB
Script
General
Full URL
https://cf.spybriefing.com/vendor.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-runtime
0.046159
date
Sat, 09 Sep 2023 17:20:48 GMT
content-encoding
br
x-content-digest
581e49c9b7bdd06dab54c00931f4256b223e620e
cf-cache-status
HIT
server
cloudflare
etag
W/"7422e50efbaea439fda7ef3b0eb54ee1"
x-powered-by
Phusion Passenger Enterprise 6.0.7
vary
Accept-Encoding
content-type
application/javascript
status
200 OK
cache-control
max-age=900, public
cf-ray
80411aa00ecb9be9-FRA
x-rack-cache
fresh
x-request-id
e4259821b76f3fec488c830935e113b0
/
track.addevent.com/atc/
0
0

widget.js
widget.wickedreports.com/
25 KB
8 KB
Script
General
Full URL
https://widget.wickedreports.com/widget.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-37.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6cfc684930661357e2134380e05e4299a4f85a68ee512a39d7dd6d0467de380

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 13:00:17 GMT
content-encoding
gzip
via
1.1 abf5199c76a5a64063b4cf8863f823aa.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 13:00:09 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
77532
x-amz-server-side-encryption
AES256
etag
W/"1d83ff58e2915dcf2731d7a013f9303d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
dvFDzhCqhsWzSMRLb-Zc7u0YWJSYfvtPZd73xuLgDRP82c6wwyoVMA==
321845198590810
connect.facebook.net/signals/config/
148 KB
38 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/321845198590810?v=2.9.125&r=stable&domain=cf.spybriefing.com
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
78f8cffd623052bd2e67decac3c5bb54499d582e1f5ca91f6a39b6bc606c2dd6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 09 Sep 2023 17:20:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
i6xjuNfsvm8+qhO4oXLS9e5DJn4XBGJ5sZRmInG5+P1DAh9kzhfqTs/+QeIWXox3+gRx1HqXXxHtYtzet98odg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Sep 2023 15:44:23 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5786
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 09 Sep 2023 17:44:23 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/566831634/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/566831634/?random=1694280048979&cv=11&fst=1694280048979&bg=ffffff&guid=ON&async=1&gtm=45be3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&hn=www.googleadservices.com&frm=0&tiba=Survive%20Like%20a%20Spy&auid=2019455275.1694280049&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9052c78cfbbaf57442a6146be0642a6a0fc6c33233ac01b49ba720fbfca5cf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
quant.js
secure.quantserve.com/
22 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:49 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 16 Sep 2023 17:20:49 GMT
core.js
s.pinimg.com/ct/
3 KB
2 KB
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d2fae7299977f50bc0d1b737756181de5039cffc676862a735065b1076b0a1fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:49 GMT
content-encoding
br
x-cdn
fastly
etag
"dd54fd373d269e20a7993ecccd620281"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=7200
alt-svc
h3=":443";ma=600
content-length
1474
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10864675517/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10864675517/?random=1694280049013&cv=11&fst=1694280049013&bg=ffffff&guid=ON&async=1&gtm=45He3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&hn=www.googleadservices.com&frm=0&tiba=Survive%20Like%20a%20Spy&auid=2019455275.1694280049&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e44d22f0d8d6cbd68124bde9986da016c18098465616a2df3bc57c9d339c915b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
obtp.js
amplify.outbrain.com/cp/
23 KB
7 KB
Script
General
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5e772fa0cae63acae0163e8c0b0531f20421b58f5dbaf1dc319bc44f2c928929

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 17:20:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Aug 2023 10:04:31 GMT
Server
AkamaiNetStorage
ETag
"5815fbf64c9af594c239523fd631e077:1692096294.934174"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
EU
Cache-Control
max-age=1200
X-CC
DE
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7087
Expires
Sat, 09 Sep 2023 17:40:49 GMT
C4F968F0-90C1-4C34-89CF-15D8B4DE20B8.js
ndn.statistinamics.com/cstnxtm/
499 B
668 B
Script
General
Full URL
https://ndn.statistinamics.com/cstnxtm/C4F968F0-90C1-4C34-89CF-15D8B4DE20B8.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.190.104.130 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
257c0e97fab53906527a38f70c0fa4d7c60d0fada62f6628ae02d2e4137065de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
application/javascript
pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
cache-control
max-age=0
server
openresty
x-auth-id
3bd2cbfed07e-e9b1-5c99-9926-1da98c28
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag_gen.js
a.exoclick.com/
890 B
959 B
Script
General
Full URL
https://a.exoclick.com/tag_gen.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
baa4502fbf96cd68e6d8d1f8743c4d446edfea60cdb3c286daa17565639e255b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 17:20:49 GMT
Content-Encoding
gzip
Accept-CH
Server
nginx
etag
W/"d85afbd3631ac59e636abe2c287"
X-HW
1694280049.dop229.fr8.t,1694280049.cds288.fr8.shn,1694280049.dop229.fr8.t,1694280049.cds230.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, follow
Content-Length
509
mgsensor.js
a.mgid.com/
16 KB
5 KB
Script
General
Full URL
https://a.mgid.com/mgsensor.js?d=1694280049043
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5336d1cf6681700a554b1281809f75d823ce64e990ca6e8c42d628f69406d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
d77caeb4-0ee5-4261-ae5d-d8621b06e28e
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cf-ray
80411aa34fd9385f-LHR
alt-svc
h3=":443"; ma=86400
mgsensor.js
a.adskeeper.co.uk/
16 KB
5 KB
Script
General
Full URL
https://a.adskeeper.co.uk/mgsensor.js?d=1694280049044
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:98bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbe5ca3a46d734770ad1a4d83c30eb395589c2b6341aa24d4f342cc7a6d74686

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:49 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 09 Sep 2023 17:20:49 GMT
x-mg-request-uuid
725dd3e1-1280-4126-9ea0-bc97b0463d4b
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
80411aa3b9062bba-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 09 Sep 2023 21:20:49 GMT
scevent.min.js
sc-static.net/
38 KB
17 KB
Script
General
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-250.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
8aab038b064ce84e65f8cf2978583df6f4b6685d3353f529c71dee1dc79d2843

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:49 GMT
content-encoding
gzip
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
16451
x-amz-cf-id
MsIyRHnw3ac31OyK56hMScozARwhHOCeYLCIcEpekuQdVhA_YchbTw==
events.js
analytics.tiktok.com/i18n/pixel/
3 KB
2 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-42.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b36f574f69f507177fd73f94dba1236ade98c822025638c7b08a073ebac97ada

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-akamai-request-id
18698942
date
Sat, 09 Sep 2023 17:20:49 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=94
content-length
1232
pragma
no-cache
server
nginx
x-tt-logid
202309091720497685552CEB16DF7545C4
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
94,104.126.37.38
x-tt-trace-host
011997499a894a92c3e9fbcf89a58eb3de68a8016d7f64aa8368648f4e747ccf152206749facb3cc7d79cfd9cf05e067639c7abc046d5da790964a8410809ae94d0ccd089e2f6cf6a405d44c82f31c2219570d8c5ab1ff8d7fca851d2e1010b303
expires
Sat, 09 Sep 2023 17:20:49 GMT
conv.js
web.adblade.com/js/ads/async/
565 B
518 B
Script
General
Full URL
https://web.adblade.com/js/ads/async/conv.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.54.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-54-222.compute-1.amazonaws.com
Software
/
Resource Hash
116e677ce1f72ac9525e2e6cd8d26a005c4dd4ba515fb8309023b2f0a2b3397a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:49 GMT
content-encoding
gzip
content-type
application/javascript; charset=UTF-8
js
www.googletagmanager.com/gtag/
268 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1YZK2FN9X9&l=cDataLayer&cx=c
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a1f4c028a1d8bf0ec021a9425b4dd798a0a78e807a91a1dd8fa0ef5ddbcf24f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91997
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Sep 2023 17:20:49 GMT
postback
visit.prayfashion.com/
0
0
Image
General
Full URL
https://visit.prayfashion.com/postback?clickid=undefined&type=RT_View_Content
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
37.48.87.182 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

postback
visit.prayfashion.com/
0
0
Image
General
Full URL
https://visit.prayfashion.com/postback?clickid=null&type=RT_View_Content&gtmcb=378818177
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
37.48.87.182 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

imps.php
pixel.adblade.com/
43 B
362 B
Image
General
Full URL
https://pixel.adblade.com/imps.php?sgms=18028
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.54.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-54-222.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
image/gif
p3p
policyref="http://www.adblade.com/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-vendor
Adiant LLC | Adiant | http://www.adiant.com
cache-control
no-store, no-cache, must-revalidate
x-xss-protection
1; mode=block
beacon
r.turn.com/r/
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/beacon?b2=KPANJjDjVHhDAfytnJEyTA8FukT5N393lmvJwNpKK7_6hJpIghfb409_LNc9xlydBXybU_N7H6Fx2I53UJoQfQ&cid=
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
blank.gif
rdcdn.com/images/
Redirect Chain
  • https://rdcdn.com/rt?aid=19177&e=1&img=1
  • https://rdcdn.com/eow
  • https://rdcdn.com/images/blank.gif
42 B
198 B
Image
General
Full URL
https://rdcdn.com/images/blank.gif
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Server
54.147.75.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-75-20.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:49 GMT
last-modified
Thu, 23 Dec 2021 21:40:22 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"0e70b045f8d71:0"
content-length
42
content-type
image/gif

Redirect headers

date
Sat, 09 Sep 2023 17:20:49 GMT
x-aspnetmvc-version
5.2
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
text/html; charset=utf-8
location
https://rdcdn.com/images/blank.gif
cache-control
private
content-length
151
rev.js
assets.revcontent.com/master/
26 KB
10 KB
Script
General
Full URL
https://assets.revcontent.com/master/rev.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
894694eee28fc463a83875d519e70afaf5f40ac7c042d6114c4ee86d156b4067

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:49 GMT
content-encoding
gzip
last-modified
Wed, 09 Oct 2019 15:23:49 GMT
server
AmazonS3
x-amz-request-id
5DT9Z624JX67A2YY
etag
"46482d4733f3f6c1f93601a6274bc264"
x-hw
1694280048.cds154.fr8.hn,1694280049.cds262.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
9617
x-amz-id-2
fchkqTjHgW4ayOkSCwJ8raCTzNjmYkA2l9bFSJ63VjdnASmc8BAEsBft27pOiUaRQbeqqCCYIpM=
index.php
track.wickedreports.com/
118 B
342 B
XHR
General
Full URL
https://track.wickedreports.com/index.php?WickedClientID=4620&WickedEmail=&WickedTrackingDate=1694280049061&WickedURL=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&WickedReferrerURL=&WickedNullURL=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537%2F%3Futm_source%3DDirect%26utm_medium%3DDirect%26utm_campaign%3DDirect%26utm_content%3Dcf.spybriefing.com%2Foptin-26367537%26utm_term%3DOrganic%20traffic&WickedNullReferrerURL=
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.58.146.195 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-58-146-195.us-east-2.compute.amazonaws.com
Software
nginx / PHP/7.3.27
Resource Hash
aca1033259484ecc93680827ec580e63ca7c282b5f14be567e68c8d8c2e6d35c

Request headers

Referer
https://cf.spybriefing.com/optin-26367537
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Sep 2023 17:20:49 GMT
server
nginx
x-powered-by
PHP/7.3.27
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
*
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=321845198590810&ev=PageView&dl=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&rl=&if=false&ts=1694280049083&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1694280049081.431822350&cs_est=true&it=1694280048897&coo=false&rqm=GET
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 09 Sep 2023 17:20:49 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
region1.analytics.google.com/g/
0
256 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-1YZK2FN9X9&gtm=45je3960&_p=1891962534&_gaz=1&cid=942652428.1694280049&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694280049&sct=1&seg=0&dl=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&dt=Survive%20Like%20a%20Spy&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1YZK2FN9X9&l=cDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf.spybriefing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
56 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1YZK2FN9X9&cid=942652428.1694280049&gtm=45je3960&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1YZK2FN9X9&l=cDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf.spybriefing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1YZK2FN9X9&cid=942652428.1694280049&gtm=45je3960&aip=1&z=1271789574
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
209 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1891962534&t=pageview&_s=1&dl=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&ul=en-us&de=UTF-8&dt=Survive%20Like%20a%20Spy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1575841198&gjid=486066945&cid=942652428.1694280049&tid=UA-164010868-2&_gid=1301960409.1694280049&_r=1&gtm=457e3960&jsscut=1&z=327198386
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cf.spybriefing.com/optin-26367537
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf.spybriefing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
4 B
71 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1891962534&t=pageview&_s=1&dl=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&ul=en-us&de=UTF-8&dt=Survive%20Like%20a%20Spy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=110685918&gjid=2016901145&cid=942652428.1694280049&tid=UA-217947897-1&_gid=1301960409.1694280049&_r=1&_slc=1&gtm=45He3960n81KP3XJLJ&z=405671074
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cf.spybriefing.com/optin-26367537
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf.spybriefing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
131 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1891962534&t=event&ni=0&_s=1&dl=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&ul=en-us&de=UTF-8&dt=Survive%20Like%20a%20Spy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=ViewContent&el=ViewContent&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=942652428.1694280049&tid=UA-217947897-1&_gid=1301960409.1694280049&gtm=45He3960n81KP3XJLJ&z=1053958472
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 15:44:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5787
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10864675517/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/10864675517/?random=1694280049013&cv=11&fst=1694278800000&bg=ffffff&guid=ON&async=1&gtm=45He3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&frm=0&tiba=Survive%20Like%20a%20Spy&fmt=3&is_vtc=1&random=3830585564&rmt_tld=0&ipr=y
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10864675517/
42 B
455 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/10864675517/?random=1694280049013&cv=11&fst=1694278800000&bg=ffffff&guid=ON&async=1&gtm=45He3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&frm=0&tiba=Survive%20Like%20a%20Spy&fmt=3&is_vtc=1&random=3830585564&rmt_tld=1&ipr=y
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unifiedPixel
tr.outbrain.com/
53 B
248 B
Ping
General
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=002149270879591314&referrer=&cht=gtm&marketerId=00b2c266a43b639ea810e3a99bdf26fa4d&name=ContentView&dl=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 17:20:49 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
3a98bcfaa355d263221a3797748cd8f9
Content-Length
54
Content-Type
image/gif;
cachedClickId
tr.outbrain.com/
35 B
220 B
Script
General
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00b2c266a43b639ea810e3a99bdf26fa4d
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 17:20:49 GMT
content-encoding
br
X-TraceId
6c953c061d179da16fa30f2e778fbe25
Content-Length
39
Content-Type
application/javascript
00b2c266a43b639ea810e3a99bdf26fa4d
wave.outbrain.com/mtWavesBundler/handler/
2 B
443 B
Script
General
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/00b2c266a43b639ea810e3a99bdf26fa4d
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 17:20:49 GMT
Content-Encoding
gzip
ob-sent-time
1693775295874
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-RG
EU
Cache-Control
max-age=60
X-CC
DE
Connection
keep-alive
X-TraceId
febcafe4c5bf0d53689f93716e9f5f62
Content-Length
22
Expires
Sat, 09 Sep 2023 17:21:49 GMT
collect
stats.g.doubleclick.net/j/
4 B
351 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-164010868-2&cid=942652428.1694280049&jid=1575841198&gjid=486066945&_gid=1301960409.1694280049&_u=YADAAUAAAAAAACAAI~&z=437923766
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cf.spybriefing.com/optin-26367537
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 09 Sep 2023 17:20:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf.spybriefing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.c22402a2.js
s.pinimg.com/ct/lib/
63 KB
18 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.c22402a2.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fec25fd8d8c992006048c6022a9d877acf7077e2e2ad8587d65d793057f3f380

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:49 GMT
content-encoding
br
x-cdn
fastly
etag
"d532ebb67301064c9b8d6f648ca1b308"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=1209600
alt-svc
h3=":443";ma=600
content-length
18252
rules-p-N9U2JGvJG8HTY.js
rules.quantcount.com/
160 B
643 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-N9U2JGvJG8HTY.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
448a123a7bad705f3c260a97a689277ac28a5dff12d1a03d0ba62661bb40e92a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 16:49:29 GMT
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1881
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 23:01:33 GMT
server
AmazonS3
etag
"f15103db3b16bcd88c50ad600475b05d"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
-ZConhvRAGJwm3OIF_l6BGtbuYBMQH3hyDEbzrDHu5ZbiSpW7TLm1Q==
collect
stats.g.doubleclick.net/j/
4 B
70 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-217947897-1&cid=942652428.1694280049&jid=110685918&gjid=2016901145&_gid=1301960409.1694280049&_u=YADAAUABAAAAACAAI~&z=1885092893
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cf.spybriefing.com/optin-26367537
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 09 Sep 2023 17:20:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf.spybriefing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/566831634/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/566831634/?random=1694280048979&cv=11&fst=1694278800000&bg=ffffff&guid=ON&async=1&gtm=45be3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&frm=0&tiba=Survive%20Like%20a%20Spy&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2966347723&rmt_tld=0&ipr=y
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/566831634/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/566831634/?random=1694280048979&cv=11&fst=1694278800000&bg=ffffff&guid=ON&async=1&gtm=45be3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&frm=0&tiba=Survive%20Like%20a%20Spy&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2966347723&rmt_tld=1&ipr=y
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/user/
567 B
907 B
XHR
General
Full URL
https://ct.pinterest.com/user/?tid=2613287533480&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1694280049303&dep=2%2CPAGE_LOAD
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
905f1fe1fa1bb44e8b518a624ec85eeb1bc027551450a02f023fc1feb0e517f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.ded5ce17.1694280049.982b62d
x-envoy-upstream-service-time
2
content-length
389
x-pinterest-rid
7089473271015549
pin-unauth
dWlkPU9ESTJObVV3TXpBdE5EZGpNQzAwWlRJNExXRmpZbUl0TnpaaFptSTJNVFl6WXpoaw
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cf.spybriefing.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
c9ecf655370b2a80dfba9612f6a197a0e6fe937e
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
455 B
Image
General
Full URL
https://ct.pinterest.com/v3/?tid=2613287533480&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22c22402a2%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1694280049306
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.ded5ce17.1694280049.982b735
content-type
image/gif
access-control-allow-origin
*
pinterest-version
c9ecf655370b2a80dfba9612f6a197a0e6fe937e
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
1638920481638505
expires
Sat, 01 Jan 2000 00:00:00 GMT
dcac7434-c37f-428b-b940-285ccbce8757.js
tr.snapchat.com/config/com/
167 B
456 B
Script
General
Full URL
https://tr.snapchat.com/config/com/dcac7434-c37f-428b-b940-285ccbce8757.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
69a8f06bbd6fe3b11857dcc407d65fd720aefe57166ff552d15e12d25132433c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://cf.spybriefing.com/optin-26367537
Origin
https://cf.spybriefing.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
API Gateway
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://cf.spybriefing.com
x-envoy-upstream-service-time
7
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
i
tr.snapchat.com/cm/ Frame 62DB
0
201 B
Document
General
Full URL
https://tr.snapchat.com/cm/i?pid=dcac7434-c37f-428b-b940-285ccbce8757&u_scsid=f28ff306-cfed-4cd1-9975-b82e2e28838d&u_sclid=b7e03899-db35-43d0-a9d3-a91922a6f238
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://cf.spybriefing.com/optin-26367537
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 09 Sep 2023 17:20:49 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-164010868-2&cid=942652428.1694280049&jid=1575841198&_u=YADAAUAAAAAAACAAI~&z=1917982696
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-164010868-2&cid=942652428.1694280049&jid=1575841198&_u=YADAAUAAAAAAACAAI~&z=1917982696
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-217947897-1&cid=942652428.1694280049&jid=110685918&_u=YADAAUABAAAAACAAI~&z=113517085
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-217947897-1&cid=942652428.1694280049&jid=110685918&_u=YADAAUABAAAAACAAI~&z=113517085
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1x1.gif
a.mgid.com/
43 B
106 B
Image
General
Full URL
https://a.mgid.com/1x1.gif?id=697885&type=c&tg=&r=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&nv=1&clid=&clidv=0&d=1694280049404
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
80411aa4eb70385f-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
content-type
image/gif
main.MTE1ODM4MDNhMA.js
analytics.tiktok.com/i18n/pixel/static/
370 KB
99 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTE1ODM4MDNhMA.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-42.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
20db7ce8e3049977535579a92d71232b26ed80f8ab0c1b7418ae67c403a6b321

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-akamai-request-id
186989a4
date
Sat, 09 Sep 2023 17:20:49 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202309071107053D701CFEDCA5118E1BED
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0172440544637b80c55462317797de089b02012713ec659208f3aaa0b464894939aa43d65e0c8e115cf77052ef865807126d188c97466b99272bc174bb710e5f5b6d435262a7a91c1af00ad9cf8fa064e57660c0c242c7f8eca7e7e058ebc4d8ad
server-timing
cdn-cache; desc=HIT, edge; dur=1, inner; dur=19
content-length
100760
C4F968F0-90C1-4C34-89CF-15D8B4DE20B8.js
ndn.statistinamics.com/cstnxtm/
114 B
468 B
Script
General
Full URL
https://ndn.statistinamics.com/cstnxtm/C4F968F0-90C1-4C34-89CF-15D8B4DE20B8.js?_uuid=bf6e02c9-2633-4b09-b27d-95d4cc8f69c4&lsgrg=&l=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&r=
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.190.104.130 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
e42b3a4eee78685e85b3b17d93ed2e037e45768b0796586c2b7f7e392614e40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
server
openresty
etag
5E03109C-E0B9-47A0-8DEC-4D72C4BC823E
content-type
application/javascript
cache-control
max-age=0
x-auth-id
3bd2cbfed07e-e9b1-5c99-9926-1da98c28
expires
Sat, 01 Jan 2000 00:00:00 GMT
1x1.gif
a.adskeeper.co.uk/
43 B
116 B
Image
General
Full URL
https://a.adskeeper.co.uk/1x1.gif?id=697873&type=c&tg=&r=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&nv=1&clid=&clidv=0&d=1694280049487
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:98bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:49 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Sep 2023 17:20:49 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
80411aa56b462bba-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Sat, 09 Sep 2023 21:20:49 GMT
identify_7dd78.js
analytics.tiktok.com/i18n/pixel/static/
134 KB
36 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-42.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-akamai-request-id
18698a26
date
Sat, 09 Sep 2023 17:20:49 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230907110712340B804CE01C18830DC8
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01fafd87cb650a5d0e78cdf7dcb703255b8edebfd0e99bcf109b6c1178ae97d084b7d40a28b3e20c93692f8499d2333ea775ba74b71828437998dabdbe72c2ad562757b09c4df093beec0837070efd897717da92a12095109c84839146263eed57
server-timing
cdn-cache; desc=HIT, edge; dur=1, inner; dur=9
content-length
35960
pixel
analytics.tiktok.com/api/v2/
0
797 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE1ODM4MDNhMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-42.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cf.spybriefing.com/optin-26367537
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
14230dae.18698a5d
date
Sat, 09 Sep 2023 17:20:49 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
x-parent-response-time
156,104.126.37.38
server-timing
cdn-cache; desc=MISS, edge; dur=111, origin; dur=51, inner; dur=30
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202309091720493AB4AB0C083E53454425
x-cache-remote
TCP_MISS from a104-78-78-46.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2.1885.1890-50653547) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
51,104.78.78.46
x-tt-trace-host
011997499a894a92c3e9fbcf89a58eb3de417ac806f172cd20b7ce00b95c0375491b82a3cc6f6d896b7c5823c0cf0d117912cbc6731c6d0b32419fc51dd0349ba9e424747bbff0a40318cc09a6efe222b64d77b41f5638cd190c963290c175a63db3a35e500fea44d8c6f719a8f8c02bc7
access-control-allow-headers
Authorization,*
expires
Sat, 09 Sep 2023 17:20:49 GMT
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=321845198590810&ev=Microdata&dl=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&rl=&if=false&ts=1694280049647&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Survive%20Like%20a%20Spy%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%22%2C%22og%3Atitle%22%3A%22Survive%20Like%20a%20Spy%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&ec=1&o=30&fbp=fb.1.1694280049081.431822350&it=1694280048897&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 09 Sep 2023 17:20:49 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
orders_t.php
web.adblade.com/
43 B
361 B
Image
General
Full URL
https://web.adblade.com/orders_t.php?id=63904&url=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&rnd=1694280049651
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.54.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-54-222.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
image/gif
p3p
policyref="http://www.adblade.com/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-vendor
Adiant LLC | Adiant | http://www.adiant.com
cache-control
no-store, no-cache, must-revalidate
x-xss-protection
1; mode=block
773c9580-7340-013a-c4ab-06a60fe5fe77
tag.simpli.fi/sifitag/
3 KB
4 KB
Script
General
Full URL
https://tag.simpli.fi/sifitag/773c9580-7340-013a-c4ab-06a60fe5fe77?referer=
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.90.79.92 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
92.79.90.34.bc.googleusercontent.com
Software
/
Resource Hash
b5027926c44361f7719bdbbd6a0fb781e13842229b6ca68e38732b6fa40c6aa5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
3101
x-request-id
F4NKuoY03hGOq6z4RCOB
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
p
tr.snapchat.com/
68 B
347 B
Ping
General
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://cf.spybriefing.com/optin-26367537
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 09 Sep 2023 17:20:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
text/html
access-control-allow-origin
https://cf.spybriefing.com
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
8
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
pixel;r=1033810927;source=gtm;rf=0;a=p-N9U2JGvJG8HTY;url=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537;uht=2;fpan=1;fpa=P0-1462360338-1694280049248;pbc=;ns=0;ce=1;qjs=1;qv=44310d19-202309081506...
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=1033810927;source=gtm;rf=0;a=p-N9U2JGvJG8HTY;url=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537;uht=2;fpan=1;fpa=P0-1462360338-1694280049248;pbc=;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=spybriefing.com;dst=1;et=1694280049668;tzo=-120;ogl=image.%2Ctitle.Survive%20Like%20a%20Spy%2Cdescription.%2Curl.https%3A%2F%2Fcf%252Espybriefing%252Ecom%2Foptin-26367537%2Ctype.website;ses=80e1c4bf-da8a-4848-a023-137b4ee88a1a;mdl=
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
hm
tr.snapchat.com/
68 B
88 B
Ping
General
Full URL
https://tr.snapchat.com/hm
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://cf.spybriefing.com/optin-26367537
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Sep 2023 17:20:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/json
access-control-allow-origin
https://cf.spybriefing.com
cache-control
no-cache, no-transform
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
hm
tr.snapchat.com/ Frame
0
0
Preflight
General
Full URL
https://tr.snapchat.com/hm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://cf.spybriefing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent,bitmoji-token,X-Snap-Access-Token
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
https://cf.spybriefing.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 09 Sep 2023 17:20:49 GMT
server
API Gateway
via
1.1 google
ld.js
dynamic.criteo.com/js/ld/
46 KB
20 KB
Script
General
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=94432
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e812c53eb559e8837ce993cea7e2cc245432aa92beb6cec23db54f7a78de15be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
act
analytics.tiktok.com/api/v2/pixel/
0
798 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE1ODM4MDNhMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-42.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cf.spybriefing.com/optin-26367537
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
3b8e450a.18698af8
date
Sat, 09 Sep 2023 17:20:49 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
x-parent-response-time
111,104.126.37.38
server-timing
cdn-cache; desc=MISS, edge; dur=96, origin; dur=21, inner; dur=14
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20230909172049FF0094124D2EE569FB23
x-cache-remote
TCP_MISS from a104-78-78-45.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2.1885.1890-50653547) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
21,104.78.78.45
x-tt-trace-host
011997499a894a92c3e9fbcf89a58eb3de417ac806f172cd20b7ce00b95c037549a913cefee1527b427692609aab5c9ec9098e8081879fc267fd39d9993ba48b5bdafd49cd8f5901be96936c66fbd0407e432869f4fe19ef7e638a677297202383b7dffadf3cdf3b2b19daa45ab5f6a5a5
access-control-allow-headers
Authorization,*
expires
Sat, 09 Sep 2023 17:20:49 GMT
track.js
assets.customer.io/assets/
7 KB
3 KB
Script
General
Full URL
https://assets.customer.io/assets/track.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1200:11:9cfd:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c5dc250228b63ec45ccaf25c7c7b9103a504bd5ebed035e88067475076c4b78d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
YnPUbk.59KSLpiqsKMfvCCZt1qaij9rt
content-encoding
br
via
1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront)
date
Fri, 08 Sep 2023 18:30:50 GMT
last-modified
Fri, 11 Aug 2023 18:01:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
82201
x-amz-server-side-encryption
AES256
etag
W/"92f4f643083ddfd3fc572a181243cb46"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cross-origin-resource-policy
cross-origin
x-amz-cf-id
p1KOS9-VE_lBuTJieCBA1PNEe1NxE-px74jP1DCx23Wh8z2Y0I5B3w==
roundtrip.js
s.adroll.com/j/LIAFGQD4BJCQNANH5CBFII/
97 KB
29 KB
Script
General
Full URL
https://s.adroll.com/j/LIAFGQD4BJCQNANH5CBFII/roundtrip.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9bde826a06626d5f200013601cce1ce33234dfe57ef5d62fab60a738ec13b9de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

X-Amz-Version-Id
wcJ1XJjNjgQ_AWPH_y_jj93RiHd7qsCt
Content-Encoding
gzip
Via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
Date
Sat, 09 Sep 2023 16:49:33 GMT
Age
1878
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 07 Sep 2023 12:45:12 GMT
Server
AmazonS3
Etag
W/"55640c9054d00bb56d0dcb51a6795197"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
QvA0IwOyghQyqQofOzF0lWKbjktZlEaYGts1TbwjaxHGGz6NYWKPGA==
357-22803.js
m.revmizer.com/
0
0
Script
General
Full URL
https://m.revmizer.com/357-22803.js?id=22803&m=357
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.76.5.13 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
13.5.76.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

unifiedPixel
tr.outbrain.com/
53 B
248 B
Ping
General
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=0051023062031541944&referrer=&marketerId=00b2c266a43b639ea810e3a99bdf26fa4d&name=PAGE_VIEW&dl=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 17:20:50 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
e6bb871b772eb85717a5c80bc0d2955a
Content-Length
54
Content-Type
image/gif;
events.js
tags.srv.stackadapt.com/
18 KB
7 KB
Script
General
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.124.62.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-62-113.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2d32cb8c915149999b27804a48175c1ceef13793057ad0608f3f0cd4180381f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Sep 2023 17:20:50 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
uniclick.js
visit.prayfashion.com/
0
0
Script
General
Full URL
https://visit.prayfashion.com/uniclick.js?defaultcampaignid=61320f755617cb0001db7600&amp;attribution=lastclick&amp;regviewonce=false&amp;cookiedomain=prayfashion.com&amp;cookieduration=30
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
37.48.87.182 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

syncframe
gum.criteo.com/ Frame 98C6
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=cf.spybriefing.com&origin=onetag
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://cf.spybriefing.com/optin-26367537
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 17:20:49 GMT
server
Kestrel
server-processing-duration-in-ticks
302427
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/LIAFGQD4BJCQNANH5CBFII/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
784 B
Script
General
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
HTTP/1.1
Server
2600:9000:225e:600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

X-Amz-Version-Id
e6mCeG7.PAM9gYrIJBIXJohubS3UVCEK
Date
Sat, 09 Sep 2023 14:48:35 GMT
Via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
Age
9142
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Thu, 03 Aug 2023 18:30:18 GMT
Server
AmazonS3
Etag
"5816cced8568d223aa09d889f300692b"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
azXPiCgk9DQ-6aXrsONlXc7JvYWmBLZTXLm1HAGVPiRS6yRLnZFFWg==

Redirect headers

Date
Sat, 09 Sep 2023 03:10:07 GMT
Via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
Age
51043
X-Amz-Cf-Pop
FRA60-P4
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
D4Hqopd7PcLSCW0y8DtXVJ2XjKFkgAEyZt2DFYRH7ez-0E0uZd5WqQ==
sid
mug.criteo.com/ Frame 98C6
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=spybriefing.com&sn=ChromeSyncframe&so=0&topUrl=cf.spybriefing.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Ngr_onw4SEZha1lEMTBVL2NyZmx1MFR2Q3pSOE5vMDNkQlBxZXNzVVJHUUZsY2lDa2Z1YVEwNXlucW5WdHhHOG94V2FycE9PajhTNVN1TGZySStZSzVXUjU2YkxlV2ovT2o4NUtIRE9EYXNJRjBteEZseXB5WFpxZ1ZBaU...
422 B
651 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=Ngr_onw4SEZha1lEMTBVL2NyZmx1MFR2Q3pSOE5vMDNkQlBxZXNzVVJHUUZsY2lDa2Z1YVEwNXlucW5WdHhHOG94V2FycE9PajhTNVN1TGZySStZSzVXUjU2YkxlV2ovT2o4NUtIRE9EYXNJRjBteEZseXB5WFpxZ1ZBaURLOHdSMXBTSWJGaENjR2o2MTFZREJhZDdnZXpUYVQ0OWdOVEdHWGFXMXk5ZTZ0MEZSWVlRZmF5SklDcXRJT2prbkNtb3daN2pma1VLdXM2ZEl6WnVuanNIWG5SdkExRlR1djRhWk5KaGxJSXp3ZWE4SWVvUWp4VUJPNWkyTTJzaXFBRnRqWXRXWm40VnE1dEFCdEplcU5oV3F1am9KZz09fA&cppv=2
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
68e29da871cc53e7b13ae968a68b0f2c5539e129f62a561950b03dd7e92087f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
13773640
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Ngr_onw4SEZha1lEMTBVL2NyZmx1MFR2Q3pSOE5vMDNkQlBxZXNzVVJHUUZsY2lDa2Z1YVEwNXlucW5WdHhHOG94V2FycE9PajhTNVN1TGZySStZSzVXUjU2YkxlV2ovT2o4NUtIRE9EYXNJRjBteEZseXB5WFpxZ1ZBaURLOHdSMXBTSWJGaENjR2o2MTFZREJhZDdnZXpUYVQ0OWdOVEdHWGFXMXk5ZTZ0MEZSWVlRZmF5SklDcXRJT2prbkNtb3daN2pma1VLdXM2ZEl6WnVuanNIWG5SdkExRlR1djRhWk5KaGxJSXp3ZWE4SWVvUWp4VUJPNWkyTTJzaXFBRnRqWXRXWm40VnE1dEFCdEplcU5oV3F1am9KZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
217495
content-length
0
expires
0
sa.css
tags.srv.stackadapt.com/
65 B
203 B
Stylesheet
General
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.124.62.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-62-113.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
62074a1e58c1f0be556aeaa987faa90f804c91d19125ee27b5da6f82f1c9f4c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Sep 2023 17:20:50 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/
0
2 KB
Fetch
General
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.124.62.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-62-113.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Sep 2023 17:20:50 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
LIAFGQD4BJCQNANH5CBFII
d.adroll.com/consent/check/
482 B
575 B
Script
General
Full URL
https://d.adroll.com/consent/check/LIAFGQD4BJCQNANH5CBFII?pv=64580424551.24424&arrfrr=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&_s=1d75a4081537db409e13ea9814438435&_b=2
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:bd4a:baf7:ca95:e893 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
2db42f12b070f135689bb618006b73e3e90df04bc085f0baa3e1457a5f36ebcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:50 GMT
server
nginx/1.22.1
content-length
482
content-type
application/javascript
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=94432&v=5.17.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=Pf0...
  • https://widget.us.criteo.com/event?a=94432&v=5.17.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=Pf0...
10 KB
4 KB
Script
General
Full URL
https://widget.us.criteo.com/event?a=94432&v=5.17.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=Pf0fCV9weEZUUXpLRzlrb2h2RlhUTHVoQnlxdExuVzZJZm5PbTNPR0hDSE5WT0EwVk1uTDRNYWxsZnhJdlRRR05uWXRndm9jZHMzMmxBaTB4Q2VTdXQxQ3RtZk0lMkJ5OHpQZnlnT1lJV3dQYmRTcjZyJTJCYndEQkM1NjJKZUlHOVRWcXAzdk9reEtWSUI2anRGY0tMWkJrZDJhMTRnJTNEJTNE&tld=spybriefing.com&dy=1&fu=https%253A%252F%252Fcf.spybriefing.com%252Foptin-26367537&ceid=255491be-479a-46af-ba62-790c8f4f5e80&dtycbr=99022
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a91e600108b11a30fea7d8eb47ed625f19f6983d06c904d8a82ed7d2d7e329e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
15135870
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-origin
*
location
https://widget.us.criteo.com/event?a=94432&v=5.17.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=Pf0fCV9weEZUUXpLRzlrb2h2RlhUTHVoQnlxdExuVzZJZm5PbTNPR0hDSE5WT0EwVk1uTDRNYWxsZnhJdlRRR05uWXRndm9jZHMzMmxBaTB4Q2VTdXQxQ3RtZk0lMkJ5OHpQZnlnT1lJV3dQYmRTcjZyJTJCYndEQkM1NjJKZUlHOVRWcXAzdk9reEtWSUI2anRGY0tMWkJrZDJhMTRnJTNEJTNE&tld=spybriefing.com&dy=1&fu=https%253A%252F%252Fcf.spybriefing.com%252Foptin-26367537&ceid=255491be-479a-46af-ba62-790c8f4f5e80&dtycbr=99022
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
12110276
timing-allow-origin
*
content-length
0
expires
0
saq_pxl
tags.srv.stackadapt.com/
94 B
289 B
XHR
General
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=0xk6fdszdQvg5B_Yx1_8QQ&is_js=true&landing_url=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&t=Survive%20Like%20a%20Spy&tip=n0v0HGxNZUHT36mHJkvg3I2ALyKS2dGJtNARHhXvtYg&host=https://cf.spybriefing.com&sa_conv_data_css_value=%270-20b9907e-d8b3-557f-50db-4a1eac33307c%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd920b9907ed8b3557f50db4a1eac33307c50ff076b&sa-user-id-v3=s%253AAQAKIEHCdOeWApuz6foLw-4rFLIldQFmTvKYnkQPfTc5gKZ4EHwYBCDy0vKnBjABOgT_Q_f4QgR8juEt.SNU5mZlcfCnCZUTJoLC4%252BBBhbpEyhv36KoeQwpJkKO4&sa-user-id-v2=s%253AILmQftizVX9Q20oerDMwfFD_B2s.B3EgzrpGPT6PHXcxU54hOAaadlEqmBXwAH4St1WhHWA&sa-user-id=s%253A0-20b9907e-d8b3-557f-50db-4a1eac33307c.QE0MC4PXTW4A9L205KS3UG22HE8Z1qzN7iU0s27zabE
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.124.62.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-62-113.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
https://cf.spybriefing.com
date
Sat, 09 Sep 2023 17:20:50 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
94
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
consent_tcfv2.js
s.adroll.com/j/
418 KB
56 KB
Script
General
Full URL
https://s.adroll.com/j/consent_tcfv2.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47e5ff66931402cb5755d7eed98a6d23ee556a7f8e9c1dd340d351c27f669a0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

X-Amz-Version-Id
wD7IUQmRA9PUuld8lU58FBeuMlOqC6p6
Content-Encoding
gzip
Via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
Date
Sat, 09 Sep 2023 17:19:32 GMT
Age
80
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 05 Jul 2023 21:39:27 GMT
Server
AmazonS3
Etag
W/"3306a47faf7223d93fb356e8a73d1942"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
52gEGOES94pX8jCl_r0sOUM5hQcIor7rnkSo6mjjbsKiDSQYJLyCIg==
nextroll-32x32.png
s.adroll.com/i/favicon/
2 KB
2 KB
Image
General
Full URL
https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

X-Amz-Version-Id
eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date
Sat, 09 Sep 2023 15:09:23 GMT
Via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
Age
7899
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1615
Last-Modified
Mon, 28 Jun 2021 18:19:21 GMT
Server
AmazonS3
Etag
"403a0a7dcf2d617e7ea852bfb9d11945"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
8898wjnCNPp_KY59LS0OujFKh7MSJnGSvwGzLR9UX1KogTkBDpoQzA==
websiteTriggerIframe
kw493.infusionsoft.app/app/webTracking/ Frame EB8B
2 KB
1 KB
Document
General
Full URL
https://kw493.infusionsoft.app/app/webTracking/websiteTriggerIframe
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40607ec00bbc4810222274eeb9e482ac1f9db76a77a24ab0fa677c3365e996fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cf.spybriefing.com/optin-26367537
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
80411aaf7b5a1c17-FRA
content-encoding
gzip
content-language
de-DE
content-type
text/html;charset=UTF-8
date
Sat, 09 Sep 2023 17:20:51 GMT
expires
Sat, 09 Sep 2023 17:20:51 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-xss-protection
1; mode=block
nr-spa.142f942f-1.239.1.min.js
js-agent.newrelic.com/
75 KB
26 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-spa.142f942f-1.239.1.min.js
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cdaf31a1071286676944848c1e53c284a611e39473e322a75caf358b1b24e19d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
uNH6h8jZbiqWWFSu6Qcyd7IPHTzYLvCP
content-encoding
br
via
1.1 varnish
date
Sat, 09 Sep 2023 17:20:51 GMT
strict-transport-security
max-age=300
x-amz-request-id
VMEFZ9HWRF5QSEZJ
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
25649
x-amz-id-2
LIX56r+idup59Q4nuIkaVB+XhRtjwNvlNtrVLoYO1e7cfaVzGYCd8GAeC9/KLA9qE506izwNLcw=
x-served-by
cache-fra-etou8220079-FRA
last-modified
Sat, 02 Sep 2023 03:23:22 GMT
server
AmazonS3
x-timer
S1694280051.266537,VS0,VE0
etag
"929044c7a94ad93d4583f5b62538f46a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1427
SurviveLikeASpy-3d.jpg
cf.spybriefing.com/hosted/images/c5/244c10258111e9b780675a4a113dd9/
25 KB
26 KB
Image
General
Full URL
https://cf.spybriefing.com/hosted/images/c5/244c10258111e9b780675a4a113dd9/SurviveLikeASpy-3d.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53e404a10717c233decb73fbfe225fc3e9a815c3043183217e4e1492027cc4fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:51 GMT
cf-cache-status
MISS
last-modified
Thu, 31 Jan 2019 17:58:26 GMT
server
cloudflare
x-amz-cf-pop
FRA53-C1
etag
"fb1907ed3eb29b02d653e5d2265244a3"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
80411aafde609be9-FRA
content-length
26019
closemodal.png
assets.clickfunnels.com/images/
672 B
948 B
Image
General
Full URL
https://assets.clickfunnels.com/images/closemodal.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:51 GMT
cf-cache-status
HIT
age
233990
cf-polished
origFmt=png, origSize=788
content-disposition
inline; filename="closemodal.webp"
content-length
672
last-modified
Wed, 23 Aug 2023 15:40:29 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"64e6286d-314"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
80411aafee120408-FRA
expires
Tue, 10 Oct 2023 17:20:51 GMT
SPY_SurviveLikeaSpy_CIABan.jpg
cf.spybriefing.com/hosted/images/c6/87d3b0258111e9b4ca03ad72263304/
52 KB
52 KB
Image
General
Full URL
https://cf.spybriefing.com/hosted/images/c6/87d3b0258111e9b4ca03ad72263304/SPY_SurviveLikeaSpy_CIABan.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ae2dbafa2911a4ecd2e2ae1be9a086b87f9578f6bc4e852590624a25e946003

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:51 GMT
cf-cache-status
MISS
last-modified
Thu, 31 Jan 2019 17:58:27 GMT
server
cloudflare
x-amz-cf-pop
FRA53-C1
etag
"5fdd811e747fcc4b103ed5d07087d63e"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
80411aafde6a9be9-FRA
content-length
53348
spy.jpg
cf.spybriefing.com/hosted/images/5a/d84f6fe0ad4c83955300e317ec5531/
19 KB
19 KB
Image
General
Full URL
https://cf.spybriefing.com/hosted/images/5a/d84f6fe0ad4c83955300e317ec5531/spy.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2df47783dcb16554bbbd4ae3deabcc1b232609061b90ec33173f7670a8ca03e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:51 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jan 2022 01:31:03 GMT
server
cloudflare
x-amz-cf-pop
FRA53-C1
etag
"19a50f85d71d91c590c67f7b55918169"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
80411aafde729be9-FRA
content-length
19217
ct.html
ct.pinterest.com/ Frame B56D
565 B
624 B
Document
General
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://cf.spybriefing.com/optin-26367537
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-grn
0.ded5ce17.1694280051.982d1d8
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Sat, 09 Sep 2023 17:20:51 GMT
pinterest-version
c9ecf655370b2a80dfba9612f6a197a0e6fe937e
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
0
x-pinterest-rid
1193429314024451
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 2148
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-N_WhejWkLMszgtTS0R8t5il6v-vQ6q3ja04Fhg&google_cm&google_hm=ay1OX1doZWpXa0xNc3pndFRTMFI4dDVpbDZ2LXZRNnEza...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-N_WhejWkLMszgtTS0R8t5il6v-vQ6q3ja04Fhg&google_gid=CAESEPHrPFdLJ3ywSYWuJ0hm4OY&google_cver=1&google_ula=913071,0
43 B
370 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-N_WhejWkLMszgtTS0R8t5il6v-vQ6q3ja04Fhg&google_gid=CAESEPHrPFdLJ3ywSYWuJ0hm4OY&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
544689
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-N_WhejWkLMszgtTS0R8t5il6v-vQ6q3ja04Fhg&google_gid=CAESEPHrPFdLJ3ywSYWuJ0hm4OY&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 2148
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-3PYc6TWkLMszgtTS0R8t5il6v-ve6jrQZ3PlAg&expires=30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.134.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-134-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 2148
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7680869828069581412
43 B
369 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7680869828069581412
Protocol
H2
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
897156
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:51 GMT
an-x-request-uuid
0be513fa-1d93-45b0-a752-7f2545a0aa4e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7680869828069581412
x-proxy-origin
80.255.7.107; 80.255.7.107; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/ Frame 2148
Redirect Chain
  • https://secure.adnxs.com/setuid?entity=52&code=k-kTaIMTWkLMszgtTS0R8t5il6v-uOrp5HPByi9Q
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-kTaIMTWkLMszgtTS0R8t5il6v-uOrp5HPByi9Q
43 B
905 B
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-kTaIMTWkLMszgtTS0R8t5il6v-uOrp5HPByi9Q
Protocol
H2
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:51 GMT
an-x-request-uuid
0a2c1963-96a0-4577-a7a1-fac32e471818
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.107; 80.255.7.107; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:51 GMT
an-x-request-uuid
f828778d-568e-49cf-b112-9bbbecfe2020
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-kTaIMTWkLMszgtTS0R8t5il6v-uOrp5HPByi9Q
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.107; 80.255.7.107; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 2148
53 B
784 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-rPDfzTWkLMszgtTS0R8t5il6v-tfkOGTPDyIyA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.208.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 09 Sep 2023 17:20:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sat, 09 Sep 2023 17:20:51 GMT
tap.php
pixel.rubiconproject.com/ Frame 2148
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-y2HfjTWkLMszgtTS0R8t5il6v-tDzQY0ikkYTQ&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame 2148
0
35 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-akq4jDWkLMszgtTS0R8t5il6v-uC5AxLn4GqTA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.133.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-133-205.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:51 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 2148
43 B
114 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-ft9DEDWkLMszgtTS0R8t5il6v-s6cgluJgqw4g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:50 GMT
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 2148
0
99 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-qlB3ODWkLMszgtTS0R8t5il6v-vLiKR8C8Fp_Q
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
43095
um
criteo-sync.teads.tv/ Frame 2148
23 B
163 B
Image
General
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-1zHHSDWkLMszgtTS0R8t5il6v-u3ec92vGZDsA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires
Sat, 09 Sep 2023 17:20:51 GMT
pragma
no-cache
date
Sat, 09 Sep 2023 17:20:51 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 2148
37 B
140 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-5WXrfTWkLMszgtTS0R8t5il6v-sZKr42yiMEZg&dongle=013b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 2148
0
125 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-o4yMDTWkLMszgtTS0R8t5il6v-vJ7EbKKgZERw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame 2148
43 B
163 B
Image
General
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-YH8mZzWkLMszgtTS0R8t5il6v-vngTV8TYtQyg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:44 GMT
last-modified
Thu, 11 May 2023 08:48:09 GMT
server
nginx
accept-ranges
bytes
etag
"645cabc9-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 2148
49 B
342 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-uPElmjWkLMszgtTS0R8t5il6v-tIsxSwDvJ23A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:50 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 2148
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nMfqEDWkLMszgtTS0R8t5il6v-tuxuJ01BMFsw
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nMfqEDWkLMszgtTS0R8t5il6v-tuxuJ01BMFsw&C=1
43 B
325 B
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nMfqEDWkLMszgtTS0R8t5il6v-tuxuJ01BMFsw&C=1
Protocol
H2
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUY9jBTe7WB3zH3ENyz9i6VVy2GmW9b1pBBi4NnwmGN9zKC9im5LjzBUALFJdcG530%2BP1ioLSWWZzSrYeTAWgAm9x3qwPiZ8RY5DKZpkxSbke7qqVr2c%2FYA2PX1uU%2BkpQJAN"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80411ab2bb501c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJlbI9Fd9og2PNBV2QaRRd%2BZ2F7viIF4ZhCLQP59Fy0jw3v769EujKAnGgvWW2nNb%2BJtPAeRXTga9NEay3v4gReTvlpXcY5UtaeF8ibbxP3RySF89izhj2si9SU93iXtIw%2BZ"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=20&external_user_id=k-nMfqEDWkLMszgtTS0R8t5il6v-tuxuJ01BMFsw&C=1
cache-control
no-cache
cf-ray
80411ab21a5c1c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
demconf.jpg
dpm.demdex.net/ Frame 2148
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=gPZSaqvkDrdkbL1w8vp9A64D6keL1TzR
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=gPZSaqvkDrdkbL1w8vp9A64D6keL1TzR
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=gPZSaqvkDrdkbL1w8vp9A64D6keL1TzR
Protocol
HTTP/1.1
Server
52.17.210.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-210-114.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-04d7ad54c.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
xZZ/xxtORVA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v050-0bd835a51.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
1VOSuF3GTu4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=gPZSaqvkDrdkbL1w8vp9A64D6keL1TzR
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
match
ad.360yield.com/ Frame 2148
43 B
199 B
Image
General
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-GNYnwTWkLMszgtTS0R8t5il6v-sHCRNtUNltrw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.37.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-37-177.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Sep 2023 17:20:51 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 2148
42 B
274 B
Image
General
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-HlYqkDWkLMszgtTS0R8t5il6v-ujBK6SUiz93w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:51 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 2148
0
880 B
Image
General
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Gsm0VzWkLMszgtTS0R8t5il6v-uivfPTjwXjTw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.66.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-66-22.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:51 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame 2148
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-LVJGazWkLMszgtTS0R8t5il6v-vOUzbfWNEXAg&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 17:20:51 GMT
Cache-Control
no-cache
X-TraceId
85c8ae09bde8638bf4418eef006f5625
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2148
42 B
578 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-xJ1gEzWkLMszgtTS0R8t5il6v-umjYuLUtfFWg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 09 Sep 2023 17:20:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
criteo-partners.tremorhub.com/ Frame 2148
43 B
398 B
Image
General
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-Q8bOpjWkLMszgtTS0R8t5il6v-vUU9rnIo5-3A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:5c81:a00e:dce6:a5e6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 09 Sep 2023 17:20:51 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 2148
43 B
153 B
Image
General
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-foMX9TWkLMszgtTS0R8t5il6v-toRYiV8MKLpA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Sep 2023 17:20:51 GMT
server
Apache
x-powered-by
PHP/7.3.29
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame 2148
0
400 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-2cpNSDWkLMszgtTS0R8t5il6v-s1QWpC5Mbj0w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Sep 2023 17:20:51 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Fri, 08 Sep 2023 17:20:51 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 2148
0
38 B
Image
General
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-VGR4_jWkLMszgtTS0R8t5il6v-t9s5Tf3hGvyA&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.36.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-36-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:51 GMT
content-length
0
put
e1.emxdgt.com/ Frame 2148
0
44 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-DNde8DWkLMszgtTS0R8t5il6v-up2dMLDfeWFw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.197.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-197-153.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:51 GMT
server
awselb/2.0
rum
cf.spybriefing.com/cdn-cgi/
0
187 B
XHR
General
Full URL
https://cf.spybriefing.com/cdn-cgi/rum?
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-NewRelic-ID
UAYHVF5UCBAFUFRWAQMDUFc=
tracestate
2882645@nr=0-1-4005870-601403195-4c2ad4c35899ae11----1694280051256
traceparent
00-08017f721c4a1dea6d04eac2c982ff00-4c2ad4c35899ae11-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQwMDU4NzAiLCJhcCI6IjYwMTQwMzE5NSIsImlkIjoiNGMyYWQ0YzM1ODk5YWUxMSIsInRyIjoiMDgwMTdmNzIxYzRhMWRlYTZkMDRlYWMyYzk4MmZmMDAiLCJ0aSI6MTY5NDI4MDA1MTI1NiwidGsiOiIyODgyNjQ1In19
content-type
application/json
Referer
https://cf.spybriefing.com/optin-26367537

Response headers

date
Sat, 09 Sep 2023 17:20:51 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://cf.spybriefing.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
80411ab07fb19be9-FRA
page.gif
track.customer.io/events/
35 B
284 B
Image
General
Full URL
https://track.customer.io/events/page.gif?name=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&c=&s=51f7d111-675d-b207-fb92-1f227b62ce1d&site_id=e2089e4e3adc0078e2de&timestamp=1694280051262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.225.220 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
220.225.227.35.bc.googleusercontent.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:51 GMT
via
1.1 google
content-type
image/gif
access-control-allow-origin
*
status
401 Unauthorized
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding
binary
cross-origin-resource-policy
cross-origin
content-disposition
attachment
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
NRJS-14b9fc0143e6570151a
bam.nr-data.net/1/
40 B
406 B
XHR
General
Full URL
https://bam.nr-data.net/1/NRJS-14b9fc0143e6570151a?a=545462463&v=1.239.1&to=IgpZQUBdWF8DFEsXEQQXR1RVV0ccFgcDBxFOFUJXXltHWwMC&rst=5553&ck=0&s=b93e1351f1eabfaa&ref=https://cf.spybriefing.com/optin-26367537&af=err,xhr,stn,ins,spa&ap=443&be=2251&fe=3239&dc=839&perf=%7B%22timing%22:%7B%22of%22:1694280045761,%22n%22:0,%22f%22:1571,%22dn%22:1571,%22dne%22:1571,%22c%22:1571,%22s%22:1571,%22ce%22:1571,%22rq%22:1572,%22rp%22:2251,%22rpe%22:2290,%22di%22:2950,%22ds%22:2953,%22de%22:3090,%22dc%22:5329,%22l%22:5384,%22le%22:5490%7D,%22navigation%22:%7B%7D%7D&fp=2698&fcp=2698
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer
https://cf.spybriefing.com/optin-26367537
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 09 Sep 2023 17:20:51 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://cf.spybriefing.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
40
x-served-by
cache-fra-eddf8230125-FRA
main.js
kw493.infusionsoft.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/ Frame 2531
Redirect Chain
  • https://kw493.infusionsoft.app/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://kw493.infusionsoft.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js
7 KB
4 KB
Script
General
Full URL
https://kw493.infusionsoft.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js
Protocol
H2
Server
2606:4700:4400::6812:25e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31c3b43e44cd28fe7d32eb1c85f148994ee3ef4192414fb051d5bfec5ac2a56c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
80411ab13dcc1c17-FRA

Redirect headers

date
Sat, 09 Sep 2023 17:20:51 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
80411ab0ed731c17-FRA
spacer.gif
kw493.infusionsoft.app/slices/
Redirect Chain
  • https://kw493.infusionsoft.app/app/webTracking/contact/1694280048341?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=cf.spybriefing.com&location=https://cf.spybriefing.com/...
  • https://kw493.infusionsoft.app/slices/spacer.gif
43 B
231 B
Image
General
Full URL
https://kw493.infusionsoft.app/slices/spacer.gif
Protocol
H2
Server
2606:4700:4400::6812:25e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.spybriefing.com/optin-26367537
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:20:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
458445
via
1.1 google
x-xss-protection
1; mode=block
last-modified
Sat, 02 Sep 2023 23:18:13 GMT
server
cloudflare
etag
W/"43-1693696693812"
x-frame-options
SAMEORIGIN
vary
accept-encoding
content-type
image/gif;charset=UTF-8
cache-control
public, max-age=31095555
cf-ray
80411ab2cfb71c17-FRA
expires
Tue, 03 Sep 2024 15:00:06 GMT

Redirect headers

pragma
no-cache, no-cache
date
Sat, 09 Sep 2023 17:20:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
server
cloudflare
via
1.1 google
vary
accept-encoding
location
/slices/spacer.gif
cache-control
no-cache, no-store, no-cache, no-store
cf-ray
80411ab0fd7c1c17-FRA
x-xss-protection
1; mode=block
expires
Sat, 09 Sep 2023 17:20:51 GMT, -1
80411aaf7b5a1c17
kw493.infusionsoft.app/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 2531
0
254 B
XHR
General
Full URL
https://kw493.infusionsoft.app/cdn-cgi/challenge-platform/h/b/jsd/r/80411aaf7b5a1c17
Requested by
Host: kw493.infusionsoft.app
URL: https://kw493.infusionsoft.app/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Sep 2023 17:20:51 GMT
content-encoding
gzip
server
cloudflare
cf-ray
80411ab28f601c17-FRA
content-type
text/plain; charset=UTF-8
NRJS-14b9fc0143e6570151a
bam.nr-data.net/events/1/
24 B
345 B
XHR
General
Full URL
https://bam.nr-data.net/events/1/NRJS-14b9fc0143e6570151a?a=545462463&v=1.239.1&to=IgpZQUBdWF8DFEsXEQQXR1RVV0ccFgcDBxFOFUJXXltHWwMC&rst=5862&ck=0&s=b93e1351f1eabfaa&ref=https://cf.spybriefing.com/optin-26367537
Requested by
Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/optin-26367537
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://cf.spybriefing.com/optin-26367537
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 09 Sep 2023 17:20:51 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://cf.spybriefing.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-fra-eddf8230125-FRA
usermatch.gif
beacon.krxd.net/ Frame 2148
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=EFj-63oQ2tawsZYwW60s-k-0mVCSBaTt
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=EFj-63oQ2tawsZYwW60s-k-0mVCSBaTt
Protocol
H2
Server
18.203.183.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-183-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-served-by
beacon-n002-dub-prod.krxd.net
date
Sat, 09 Sep 2023 17:20:51 GMT
cache-control
private, no-cache, no-store
x-request-time
D=103 t=1694280051
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=EFj-63oQ2tawsZYwW60s-k-0mVCSBaTt
date
Sat, 09 Sep 2023 17:20:51 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
940208
content-length
0
cs
s.thebrighttag.com/ Frame 2148
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=vqtjmgk_l9tPyk0FhudKhoUcU0g5740H
35 B
268 B
Image
General
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=vqtjmgk_l9tPyk0FhudKhoUcU0g5740H
Protocol
H2
Server
13.59.220.190 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-59-220-190.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 17:20:52 GMT
x-bt-requestid
3a2d91b0-4f35-11ee-93bb-0000ac17024f
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=vqtjmgk_l9tPyk0FhudKhoUcU0g5740H
date
Sat, 09 Sep 2023 17:20:51 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
557878
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
track.addevent.com
URL
https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=4bf01609-e97e-4de5-16c9-70dd7d9483d3&url=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&cache=1694280048677

Verdicts & Comments Add Verdict or Comment

362 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| documentPictureInPicture object| NREUM object| webpackChunk:NRBA-1.239.1.PROD object| newrelic function| gtag object| dataLayer function| fbq function| _fbq object| _segq object| _segs object| cDataLayer undefined| form undefined| j undefined| element undefined| input function| $ function| jQuery object| link function| init string| CFAppDomain boolean| domainIsCFInternal function| ouibounce function| CFbuildAudioPlayer function| evsfix function| calcTax function| cfStripeTokenHandler function| cfStripePaymentIntentFormAdder function| cfCreateElements function| cfCreateiDEALSource function| cfProcessiDEALSourceRedirect function| cfSaveiDEALSourceInfo function| cfPopulateFormForiDEAL function| cfCreateStripeToken function| cfHandlePaymentUsingSetupIntent function| cfOrderErrorMessage function| cfHandlePaymentUsingPaymentIntent function| shouldUsePaymentIntentFlow function| cfCreateStripePaymentMethod function| cfTransformStripeToken function| cfElementsFindFont function| cleanupLocalStorage function| cfHandleiDEALRedirect function| AttachStripeElements function| prettyNotify function| start_firebase function| displayPageNotifier function| start_page_notifier function| start_firebase_quantity_limiter function| readCookie function| CFExtractPayPalButtonConfiguration function| CFPaySelectPaypalTransactions function| PaySelectInit function| recalcRoundUp function| addCharityToSummary function| addSaasRedirectClickHandler function| CFInfusionsoftTokenizationHandler function| webinarDelay function| cookieWebinarTime function| getWebinarLastTime function| reportWebinarTime function| periodicAutoWebinarCheck function| periodicLessonCheck function| reportLessonProgress function| CFSanitizeCountdownElement function| CFstartBPVideos function| CFprocessBPVideos function| CFcheckForVimeo function| CFhandleWistiaBPVideo function| CFhandleAllVimeoBPVideos function| CFhandleAllYouTubeBPVideos function| CFhandleVideoLabels function| CFsetupSessionStarterBP function| CFsetupMutedVideos function| CFrenameVimeoURLAttribute undefined| checkPreview undefined| cookie_variable undefined| tag undefined| firstScriptTag undefined| elVideo_one undefined| elVideo_two undefined| elVideo_three undefined| elVideo_four undefined| elVideo_type undefined| elVideo_show undefined| elVideo_hide undefined| elVideo_numberofvideos undefined| gettheType_unlocker undefined| player undefined| playVideoText undefined| pauseVideoText undefined| playingVideoText undefined| lockedVideoText boolean| cfpeorders function| recurlyDateHandler function| recurlyNameHandler function| recurlyCountryHandler number| CF_KEYCODE_ENTER number| CF_KEYCODE_SPACE undefined| checkifPreview_randomCookie undefined| elCheckVideoEndType undefined| unlockVideoDate undefined| checkifUnlockableDate undefined| checkifUnlockableEverGreenDate undefined| everGreenDates function| onYouTubeIframeAPIReady undefined| elUnlocker_startVideo undefined| onPlayerReady undefined| elvideounlockerProgress undefined| elUnlocker_changeVideo undefined| onPlayerStateChange undefined| runAnimationFade undefined| runAnimationScale undefined| runAnimationLeft undefined| runAnimationRight undefined| runAnimationTop undefined| runAnimationBottom function| getURLParameter function| cfpeRebuildOrderSummary function| formatRecurlyExpirationDate function| validateRecurlyExpirationDate function| moment object| jQuery18104046919096644195 function| JQClass function| tinycolor function| generateUniqueId object| CFUtils object| ClickFunnels function| _ object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer function| videojs function| _V_ function| $d string| proc string| _image_path string| _ate_license boolean| _ate_mouse string| _ate_css string| _ate_callback string| _ate_dropdown string| _ate_lbl_outlook string| _ate_lbl_google string| _ate_lbl_yahoo string| _ate_lbl_hotmail string| _ate_lbl_ical string| _ate_lbl_fb_event boolean| _ate_show_outlook boolean| _ate_show_google boolean| _ate_show_yahoo boolean| _ate_show_hotmail boolean| _ate_show_ical boolean| _ate_show_facebook boolean| _d_rd boolean| _ate_btn_found boolean| _ate_btn_expo object| addthisevent function| postscribe object| I18n object| Clickfunnels function| calcShipping undefined| cfStripeElementsCardElement function| Firebase function| ES6Promise object| cookieconsent object| options function| track_capi object| cfFacebookInitOptions function| fbAsyncInit string| page_key string| fid string| fspos string| fvrs object| cf_tracker string| cf_key string| serverUrl function| getURLParameterExact object| __cfBeacon object| cfpe object| getVars object| $cfSurvey_outcome object| CFSurveyQueryOutcome string| target string| str undefined| checkVideoAttr undefined| showVideoBG string| $url object| $queries undefined| $utm_source string| $pID string| $rootID string| $variantcheck string| $userID undefined| $iframeCheck string| $requiredCheck object| SurveyMatcher undefined| $carContestProgress string| $todayYear string| $localTime string| $autoWebinarDay1 string| $autoWebinarDay1_raw string| $selectText string| $autoWebinarDay0 string| $autoWebinarDay0_raw string| $replayText string| $autoWebinarDay2 string| $autoWebinarDay2_raw string| $autoWebinarDay3 string| $autoWebinarDay3_raw undefined| date undefined| time object| webinar_datetime object| webinar_datetime_offset object| now object| now_offset number| webinar_delay object| webinar_delay_offset boolean| $removeSelectDateOnAutoWebinar function| callbackFunction object| _pcq function| createGUID function| toQueryString function| setCookie function| getCookie function| logError function| done function| recordUserEvent function| setCFMetaTagsFromCookies function| setCFMetaTagsFromQueryString function| getCFMetaTag function| writeCFMetaTag function| queryStringFromCFMetaTags function| recordPageview function| recordUniqueVisitor function| recordUniquePageview function| setClientWidth function| setForm function| CLICKFUNNELS_OLD_FORM_SUBMIT object| wrWidgetSettings function| loadWR object| Mailcheck object| google_tag_manager object| google_tag_data object| google_tag_manager_external string| GoogleAnalyticsObject function| ga object| GooglebQhCsO object| _qevents function| pintrk function| obApi object| wtSmart object| MgSensorData function| snaptr object| r string| TiktokAnalyticsObject object| ttq object| _ajcta number| funnel_stat boolean| ecookie function| loadScript function| jQueryCheck function| createCookie function| formatObject function| getFormData function| filteredMatch function| changeText boolean| replied object| sender undefined| cfUniqueVisitorID function| cfSetUniqueVisitorID function| SendData function| wait function| sleep function| checkresponse function| answered function| postpone object| formSubmitFunctions function| formAttach function| addEvent function| filtered_string object| url_params undefined| parts undefined| nv function| cf_load function| get_XmlHttp function| _wr object| gaGlobal object| gaplugins object| gaData function| apiObj function| quantserve function| __qc object| ezt object| _qoptions object| MgSensor function| MgSensorInvoke function| MgSensorInvoke0 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgr object| _mghl object| _scPxHelper function| MgSensorInvoke1 object| s function| rev object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| sifi_att_447 object| Criteo object| criteo_q string| deviceType object| _cio string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll function| saq function| _saq function| __adroll__ string| adroll_sid object| __adroll function| __cmp function| __tcfapi function| __gpp boolean| adroll_sendrolling_cross_device object| adroll_form_fields object| adroll_third_party_forms function| adroll_tpc_callback object| adroll_exp_list object| __adroll_consent_data object| res object| saCookies string| current_window_url_param object| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| $jscomp string| BANNER_VERSION string| TCF_VERSION string| IABWRITE_NO_COOKIE object| __adroll_consent_banner object| __adroll_consent_prev_lastchild object| f

77 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
links.spybriefing.com/ Name: _session_id
Value: 08116fec152702816bd304575136575d
spybriefingllc.go2cloud.org/ Name: enc_aff_session_44
Value: ENC03d85161d0c05d43b0746e993c0cea7b7ded91cd592c150509f6b630f677b6fbdb2fb6e889aad1eab5426c35477845338b0b9600a4dd2674ccd1bc44c45dc0d7069927ae1913f9f7851ce1aa47888dddd5cf059a4729c62d9f8864b19d071fc9e8059c5d1d0baa3a32df7a39e8a969bfba2a6a9496e3128d32c526bbe2490d39411695b1e0
spybriefingllc.go2cloud.org/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTYiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzExNi4wLjU4NDUuMTc5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
.cf.spybriefing.com/ Name: __cf_bm
Value: OTO9aaChthtd8W32Bn84Kj.CUAeyh7TQZjQmInGrojE-1694280047-0-AYpKsA/bSeLjjvGEJHm/rzD/JDR5AvBQlB8DLsTbtyg4lDWAaDW998AZhR2s6tDzE4CGa+W5uaHpcvQM0uaZuj8iKvDp9lI86gkExl4QsYm2
.cf.spybriefing.com/ Name: _cfuvid
Value: DqWf7LD979Qawz68Cf73VLFy_y3waSGmUei0PV_H8Ds-1694280047308-0-604800000
.infusionsoft.com/ Name: __cf_bm
Value: SOOStyQ6PaReNw2PTB.b7ZQc9RpRGRI_4FX0UXSn0RQ-1694280048-0-AU08MiDjw3kqbKY2ng4xBPRsSsYKhgdgYsuJDpkTQtcfCtMZKbod9jl2m0mLDqc9e5W6gDvcyAsCMGIqCybQVtA=
.infusionsoft.app/ Name: __cf_bm
Value: vBevnz8R_N0hMyqMFw5cnJG6lOT9bb5cjVfeVBT3Gbc-1694280048-0-AT2518xa2ZkdgtyFdynmio3MHAr73pYfFnPdZgMKua3IwS+rC4LoYhcyDPgOfY2XQf36LFOlGVhjmU9WsfMS4z4Vbl1c3JeqKsd48jGa1vWU
.clickfunnels.com/ Name: __cf_bm
Value: 8vmguboIyj6iQPpu.8xL3KcEYAA0bkyvXpdUBjK_ASw-1694280048-0-AbfCrAYsGOPeCoDvSLSv94onKTz7koLMhzO6qpHqWtgmRQLXOQd9VWtjpnD0mkdxcBx88cPUw9SIuPukGmPIZlJ2xZiLjXBiysWJiuHiUnPE
.clickfunnels.com/ Name: _cfuvid
Value: mkImFQ7.LHgueRM2g9LcZ4hN75NHl3UGgeDsOAU3MM0-1694280048518-0-604800000
cf.spybriefing.com/ Name: addevent_track_cookie
Value: 4bf01609-e97e-4de5-16c9-70dd7d9483d3
.spybriefing.com/ Name: _gcl_au
Value: 1.1.2019455275.1694280049
.spybriefing.com/ Name: wickedfu_null
Value: %7B%22url%22%3A%22https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537%2F%3Futm_source%3DDirect%26utm_medium%3DDirect%26utm_campaign%3DDirect%26utm_content%3Dcf.spybriefing.com%252Foptin-26367537%26utm_term%3DOrganic%2520traffic%22%2C%22referrer%22%3A%22%22%2C%22time%22%3A1694280049061%2C%22c%22%3A4620%7D
.spybriefing.com/ Name: _fbp
Value: fb.1.1694280049081.431822350
.spybriefing.com/ Name: _ga_1YZK2FN9X9
Value: GS1.1.1694280049.1.0.1694280049.60.0.0
.spybriefing.com/ Name: _ga
Value: GA1.2.942652428.1694280049
.spybriefing.com/ Name: _gid
Value: GA1.2.1301960409.1694280049
.spybriefing.com/ Name: _gat_gtag_UA_164010868_2
Value: 1
.spybriefing.com/ Name: _gat_UA-217947897-1
Value: 1
.mgid.com/ Name: __cf_bm
Value: BcIqZIXBD5prljAkqYc3I5uTF9SHka0CJbCG1s5n.c4-1694280049-0-AbWPBsM3E8UVc7dUOIzwLtZlFqCoE1wh4WobsP6F9S7yb1ynzYawqpLj+2THYSnHHd9m/O05J01qdiqQVs2H0dQ=
cf.spybriefing.com/ Name: MgidSensorNVis
Value: 1
cf.spybriefing.com/ Name: MgidSensorHref
Value: https://cf.spybriefing.com/optin-26367537
.spybriefing.com/ Name: _scid
Value: 3c73702d-11eb-4072-84c8-0b59e7128e3d
.spybriefing.com/ Name: _scid_r
Value: 3c73702d-11eb-4072-84c8-0b59e7128e3d
cf.spybriefing.com/ Name: AdskeeperSensorNVis
Value: 1
cf.spybriefing.com/ Name: AdskeeperSensorHref
Value: https://cf.spybriefing.com/optin-26367537
.tiktok.com/ Name: _ttp
Value: 2VAXqai0gzEjxI3VxWeO2hv3uNz
.cf.spybriefing.com/ Name: _pin_unauth
Value: dWlkPU9ESTJObVV3TXpBdE5EZGpNQzAwWlRJNExXRmpZbUl0TnpaaFptSTJNVFl6WXpoaw
.statistinamics.com/ Name: scgrg
Value: %7B%22grg%22%3A%22FFA4C934-354F-EE11-9937-000D3A16D7D6AD10CDE1-6CE7-4B9E-93C9-237A63697A14%22%7D
.pinterest.com/ Name: ar_debug
Value: 1
.spybriefing.com/ Name: _tt_enable_cookie
Value: 1
.spybriefing.com/ Name: _ttp
Value: 5DC44hQjPoF-ZT5pv8ayV341Mrb
rdcdn.com/ Name: aid
Value: 19177
rdcdn.com/ Name: ref
Value: https://cf.spybriefing.com/optin-26367537
rdcdn.com/ Name: img
Value: http://rdcdn.com/rt?aid=19177&e=1&img=1
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBgQ0AQQQEwIokOLGvnM1xVSj+Z9CJeTcFbEg8NSH9SDsIY9fM7FpW+KcatfoD0ez1szIAAAA=
.quantserve.com/ Name: mc
Value: 64fca971-b030d-a7562-79ad8
.spybriefing.com/ Name: __qca
Value: P0-1462360338-1694280049248
.turn.com/ Name: uid
Value: 3570101731198203109
.simpli.fi/ Name: suid
Value: EDA4284C55934F76B098F9BFE1704021
cf.spybriefing.com/ Name: outbrain_cid_fetch
Value: true
.criteo.com/ Name: uid
Value: 107593e1-27af-4559-9f03-7e4ca3f5686f
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-20b9907e-d8b3-557f-50db-4a1eac33307c.QE0MC4PXTW4A9L205KS3UG22HE8Z1qzN7iU0s27zabE
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-20b9907e-d8b3-557f-50db-4a1eac33307c.QE0MC4PXTW4A9L205KS3UG22HE8Z1qzN7iU0s27zabE
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AILmQftizVX9Q20oerDMwfFD_B2s.B3EgzrpGPT6PHXcxU54hOAaadlEqmBXwAH4St1WhHWA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AILmQftizVX9Q20oerDMwfFD_B2s.B3EgzrpGPT6PHXcxU54hOAaadlEqmBXwAH4St1WhHWA
tags.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIEHCdOeWApuz6foLw-4rFLIldQFmTvKYnkQPfTc5gKZ4EHwYBCDy0vKnBjABOgT_Q_f4QgR8juEt.SNU5mZlcfCnCZUTJoLC4%2BBBhbpEyhv36KoeQwpJkKO4
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIEHCdOeWApuz6foLw-4rFLIldQFmTvKYnkQPfTc5gKZ4EHwYBCDy0vKnBjABOgT_Q_f4QgR8juEt.SNU5mZlcfCnCZUTJoLC4%2BBBhbpEyhv36KoeQwpJkKO4
cf.spybriefing.com/ Name: sa-user-id
Value: s%253A0-20b9907e-d8b3-557f-50db-4a1eac33307c.QE0MC4PXTW4A9L205KS3UG22HE8Z1qzN7iU0s27zabE
cf.spybriefing.com/ Name: sa-user-id-v2
Value: s%253AILmQftizVX9Q20oerDMwfFD_B2s.B3EgzrpGPT6PHXcxU54hOAaadlEqmBXwAH4St1WhHWA
cf.spybriefing.com/ Name: sa-user-id-v3
Value: s%253AAQAKIEHCdOeWApuz6foLw-4rFLIldQFmTvKYnkQPfTc5gKZ4EHwYBCDy0vKnBjABOgT_Q_f4QgR8juEt.SNU5mZlcfCnCZUTJoLC4%252BBBhbpEyhv36KoeQwpJkKO4
.spybriefing.com/ Name: cto_bundle
Value: Pf0fCV9weEZUUXpLRzlrb2h2RlhUTHVoQnlxdExuVzZJZm5PbTNPR0hDSE5WT0EwVk1uTDRNYWxsZnhJdlRRR05uWXRndm9jZHMzMmxBaTB4Q2VTdXQxQ3RtZk0lMkJ5OHpQZnlnT1lJV3dQYmRTcjZyJTJCYndEQkM1NjJKZUlHOVRWcXAzdk9reEtWSUI2anRGY0tMWkJrZDJhMTRnJTNEJTNE
.spybriefing.com/ Name: _cioanonid
Value: 51f7d111-675d-b207-fb92-1f227b62ce1d
.doubleclick.net/ Name: IDE
Value: AHWqTUmpv8tdao1Ygq4Nn8Pc-sDVq-l-4PqmJw06Q6JphfyHnWzh9T1U7GAxQTgxIUo
.media.net/ Name: visitor-id
Value: 3372816519085925000V10
.media.net/ Name: data-c-ts
Value: 1694280051
.media.net/ Name: data-c
Value: k-rPDfzTWkLMszgtTS0R8t5il6v-tfkOGTPDyIyA~~3
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2Iliq0t8i!]tbPl@/D!9hy6]/Cr+l/lp*#/[xn'a'!u%/YH#gfN0Y34[UVoa*(3pcxoYI[E?u]>zPwE>[vI>*bpRz*qF1`*bdJ+-!UFG
.adnxs.com/ Name: uuid2
Value: 5976558582750108928
kw493.infusionsoft.app/ Name: InfusionsoftTrackingCookie
Value: 23be667defc559d436153c85ff337823
.casalemedia.com/ Name: CMID
Value: ZPypc3wzqL6WMKGg7rRbyAAA
.casalemedia.com/ Name: CMPS
Value: 5224
.casalemedia.com/ Name: CMPRO
Value: 5224
.omnitagjs.com/ Name: ayl_visitor
Value: 5f30550410cb9d67f8dbef6b726532d9
.demdex.net/ Name: demdex
Value: 27232320086826227231497506291057521242
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%2239c99fc1-4f35-11ee-ac19-03422759ab86%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%2239c99fc1-4f35-11ee-ac19-03422759ab86%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%2239c99fc1-4f35-11ee-ac19-03422759ab86%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%2239c99fc1-4f35-11ee-ac19-03422759ab86%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-Gsm0VzWkLMszgtTS0R8t5il6v-uivfPTjwXjTw%22%2C%22version%22%3A%22criteo%22%7D
.dpm.demdex.net/ Name: dpm
Value: 27232320086826227231497506291057521242
.infusionsoft.app/ Name: cf_clearance
Value: A9k_XxLtUafW0ml4fmFs0R3VWcNMDYX1NOnZ6bFFDKQ-1694280051-0-1-44898c96.920ffc1a.1388d376-0.2.1694280051
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-xJ1gEzWkLMszgtTS0R8t5il6v-umjYuLUtfFWg&KRTB&23144-uid:k-xJ1gEzWkLMszgtTS0R8t5il6v-umjYuLUtfFWg&KRTB&23286-uid:k-xJ1gEzWkLMszgtTS0R8t5il6v-umjYuLUtfFWg&KRTB&23287-uid:k-xJ1gEzWkLMszgtTS0R8t5il6v-umjYuLUtfFWg
.pubmatic.com/ Name: PugT
Value: 1694280049
.krxd.net/ Name: _kuid_
Value: PyT3ljEp
.tremorhub.com/ Name: tvid
Value: 29b3484cb0f340d1bc6cd53a28d656d2
.tremorhub.com/ Name: tv_UICR
Value: k-Q8bOpjWkLMszgtTS0R8t5il6v-vUU9rnIo5-3A

7 Console Messages

Source Level URL
Text
network error URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=4bf01609-e97e-4de5-16c9-70dd7d9483d3&url=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&cache=1694280048677
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tag.segmetrics.io/a1Rnre.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://visit.prayfashion.com/postback?clickid=null&type=RT_View_Content&gtmcb=378818177
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://visit.prayfashion.com/postback?clickid=undefined&type=RT_View_Content
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://visit.prayfashion.com/uniclick.js?defaultcampaignid=61320f755617cb0001db7600&amp;attribution=lastclick&amp;regviewonce=false&amp;cookiedomain=prayfashion.com&amp;cookieduration=30
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://m.revmizer.com/357-22803.js?id=22803&m=357
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://track.customer.io/events/page.gif?name=https%3A%2F%2Fcf.spybriefing.com%2Foptin-26367537&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&c=&s=51f7d111-675d-b207-fb92-1f227b62ce1d&site_id=e2089e4e3adc0078e2de&timestamp=1694280051262
Message:
Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.adskeeper.co.uk
a.exoclick.com
a.mgid.com
a.twiago.com
ad.360yield.com
ad.yieldlab.net
amplify.outbrain.com
analytics.tiktok.com
app.clickfunnels.com
assets.clickfunnels.com
assets.customer.io
assets.revcontent.com
bam.nr-data.net
beacon.krxd.net
cf.spybriefing.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
ct.pinterest.com
d.adroll.com
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
js-agent.newrelic.com
kw493.infusionsoft.app
kw493.infusionsoft.com
links.spybriefing.com
m.revmizer.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
ndn.statistinamics.com
pixel.adblade.com
pixel.quantserve.com
pixel.rubiconproject.com
r.casalemedia.com
r.turn.com
rdcdn.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.adroll.com
s.pinimg.com
s.thebrighttag.com
sc-static.net
secure.adnxs.com
secure.quantserve.com
simage2.pubmatic.com
spybriefingllc.go2cloud.org
sslwidget.criteo.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tag.segmetrics.io
tag.simpli.fi
tags.srv.stackadapt.com
tr.outbrain.com
tr.snapchat.com
track.addevent.com
track.customer.io
track.wickedreports.com
ups.analytics.yahoo.com
use.fontawesome.com
visit.prayfashion.com
visitor.omnitagjs.com
wave.outbrain.com
web.adblade.com
widget.us.criteo.com
widget.wickedreports.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
track.addevent.com
104.126.37.42
108.156.60.37
13.58.146.195
13.59.220.190
141.226.228.48
143.204.207.250
151.101.2.137
151.139.128.10
162.247.243.29
172.190.104.130
172.217.16.194
172.64.148.101
178.250.1.11
178.250.1.9
178.250.7.11
18.197.66.22
18.203.183.215
184.30.17.243
185.255.84.152
185.86.139.102
185.89.210.46
198.47.127.205
2.16.97.41
2001:4860:4802:34::36
2001:4de0:ac19::1:b:3a
23.206.208.183
23.218.208.23
23.32.185.60
2600:1f18:612b:4264:5c81:a00e:dce6:a5e6
2600:9000:21f3:1200:11:9cfd:9400:93a1
2600:9000:223c:7000:6:44e3:f8c0:93a1
2600:9000:225e:600:6:9280:1080:93a1
2606:4700:1::6813:844c
2606:4700:4400::6812:25e0
2606:4700:4400::6812:29d1
2606:4700:4400::ac40:98bf
2606:4700::6810:10c2
2606:4700::6810:3865
2606:4700::6810:dc2
2606:4700:e0::ac40:670b
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2004
2a00:1450:4001:811::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2003
2a00:1450:400c:c00::9c
2a02:2638:3::c
2a02:2638:d::10
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:8e::84
2a05:d018:cc3:fe04:bd4a:baf7:ca95:e893
3.121.134.250
3.123.197.153
3.124.62.113
3.213.54.222
3.75.62.37
3.77.133.205
34.117.157.22
34.250.36.253
34.76.5.13
34.90.79.92
35.190.43.134
35.227.225.220
35.238.129.105
37.157.6.243
37.252.171.53
37.48.87.182
46.228.164.11
52.17.210.114
52.210.174.128
52.222.236.71
54.147.75.20
54.194.37.177
64.202.112.223
69.173.144.165
74.119.119.150
76.223.111.18
85.215.5.31
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
116e677ce1f72ac9525e2e6cd8d26a005c4dd4ba515fb8309023b2f0a2b3397a
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
20db7ce8e3049977535579a92d71232b26ed80f8ab0c1b7418ae67c403a6b321
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
257c0e97fab53906527a38f70c0fa4d7c60d0fada62f6628ae02d2e4137065de
2ae2dbafa2911a4ecd2e2ae1be9a086b87f9578f6bc4e852590624a25e946003
2d32cb8c915149999b27804a48175c1ceef13793057ad0608f3f0cd4180381f9
2db42f12b070f135689bb618006b73e3e90df04bc085f0baa3e1457a5f36ebcc
2df47783dcb16554bbbd4ae3deabcc1b232609061b90ec33173f7670a8ca03e3
31c3b43e44cd28fe7d32eb1c85f148994ee3ef4192414fb051d5bfec5ac2a56c
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39c7e8ccf2bd8f2c915ac24838e82f64e25f9e84891c474b75e6c72137715461
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
40607ec00bbc4810222274eeb9e482ac1f9db76a77a24ab0fa677c3365e996fb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
448a123a7bad705f3c260a97a689277ac28a5dff12d1a03d0ba62661bb40e92a
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47e5ff66931402cb5755d7eed98a6d23ee556a7f8e9c1dd340d351c27f669a0f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
53e404a10717c233decb73fbfe225fc3e9a815c3043183217e4e1492027cc4fc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a16a61f818a4c1375fca1f549fbcf0b9487cfaeb323032e26b4ef2e7a4b670
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5e3a28df51924c57892c425cf0e17f6509339c8c90c86f9aa71279d3295e66b4
5e772fa0cae63acae0163e8c0b0531f20421b58f5dbaf1dc319bc44f2c928929
5fac795cabe3ee62b68ff2348b973d098d036f89368bc3dbf106a9e9c63720f7
62074a1e58c1f0be556aeaa987faa90f804c91d19125ee27b5da6f82f1c9f4c9
65fe5c0c5a06bbf5841f03219a3cb5c120928a84ba31242b21357a0d466426a3
68e29da871cc53e7b13ae968a68b0f2c5539e129f62a561950b03dd7e92087f2
69a8f06bbd6fe3b11857dcc407d65fd720aefe57166ff552d15e12d25132433c
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
770493d84cbb753cd0573d0f014550583138f40469d137e310d239593a1949d8
78f8cffd623052bd2e67decac3c5bb54499d582e1f5ca91f6a39b6bc606c2dd6
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7e5e8efadc0a91b136a0c423605584fffb389787c5825e019ec7b7a0004cb47b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
894694eee28fc463a83875d519e70afaf5f40ac7c042d6114c4ee86d156b4067
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aab038b064ce84e65f8cf2978583df6f4b6685d3353f529c71dee1dc79d2843
905f1fe1fa1bb44e8b518a624ec85eeb1bc027551450a02f023fc1feb0e517f0
99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b
9bde826a06626d5f200013601cce1ce33234dfe57ef5d62fab60a738ec13b9de
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1f4c028a1d8bf0ec021a9425b4dd798a0a78e807a91a1dd8fa0ef5ddbcf24f1
a36500e83ddd457e5e41c712041085e300b4f4bb1776488a6393433895ae05ac
a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b
a91e600108b11a30fea7d8eb47ed625f19f6983d06c904d8a82ed7d2d7e329e7
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aca1033259484ecc93680827ec580e63ca7c282b5f14be567e68c8d8c2e6d35c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b36f574f69f507177fd73f94dba1236ade98c822025638c7b08a073ebac97ada
b5027926c44361f7719bdbbd6a0fb781e13842229b6ca68e38732b6fa40c6aa5
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b6cfc684930661357e2134380e05e4299a4f85a68ee512a39d7dd6d0467de380
baa4502fbf96cd68e6d8d1f8743c4d446edfea60cdb3c286daa17565639e255b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c5336d1cf6681700a554b1281809f75d823ce64e990ca6e8c42d628f69406d2a
c5dc250228b63ec45ccaf25c7c7b9103a504bd5ebed035e88067475076c4b78d
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cdaf31a1071286676944848c1e53c284a611e39473e322a75caf358b1b24e19d
cf26e6422c4a5acf959d32fcc4cb8aab81389631b070be100eb20e5077af79df
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d2cef94e7f53ef57ae7de03970f83bda6a95f0ce632b7709da06b62071c398b4
d2fae7299977f50bc0d1b737756181de5039cffc676862a735065b1076b0a1fa
d9052c78cfbbaf57442a6146be0642a6a0fc6c33233ac01b49ba720fbfca5cf9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42b3a4eee78685e85b3b17d93ed2e037e45768b0796586c2b7f7e392614e40c
e44d22f0d8d6cbd68124bde9986da016c18098465616a2df3bc57c9d339c915b
e6a82342b5ce67903cc534c7585a73cbc48ee74ff73be14232d63fccf3c9bca0
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
e812c53eb559e8837ce993cea7e2cc245432aa92beb6cec23db54f7a78de15be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8984227f1fa9cd55bc2c8f962478f71ac78c4d1bb7aee971dcafb3bb9983f4
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fbafd37b04603f38be311dca28a3e5ff54b8117a0bf6b56ba37674367c863dd7
fbe5ca3a46d734770ad1a4d83c30eb395589c2b6341aa24d4f342cc7a6d74686
fec25fd8d8c992006048c6022a9d877acf7077e2e2ad8587d65d793057f3f380
ffd145aaf82cf82f2bea351f15f1be121d7b0ac919ba83be4be1468a71af176a