ch365profile.net Open in urlscan Pro
172.67.210.183 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ch365profile.net/
Submission: On June 14 via api (June 14th 2024, 6:43:11 am UTC) from BE — Scanned from DE

Summary HTTP 64 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 15 domains to perform 64 HTTP transactions. The main IP is 172.67.210.183, located in United States and belongs to CLOUDFLARENET, US. The main domain is ch365profile.net.
TLS certificate: Issued by WE1 on June 10th 2024. Valid for: 3 months.

This is the only time ch365profile.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	172.67.210.183 172.67.210.183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:26e... 2600:9000:26e8:4a00:5:b7cc:d3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2a04:4e42:400... 2a04:4e42:400::347	54113 (FASTLY) (FASTLY)
1	3.161.82.117 3.161.82.117	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::22	60068 (CDN77 _) (CDN77 _)
8	18.173.205.128 18.173.205.128	16509 (AMAZON-02) (AMAZON-02)
1 4	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4 4	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
2	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	13.32.27.83 13.32.27.83	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
4	142.250.185.72 142.250.185.72	15169 (GOOGLE) (GOOGLE)
1	108.138.40.116 108.138.40.116	16509 (AMAZON-02) (AMAZON-02)
1 3	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2	54.74.135.15 54.74.135.15	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20a... 2600:9000:20ae:2a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
64	19

20 172.67.210.183 (United States)

ASN13335 (CLOUDFLARENET, US)

ch365profile.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26e8:4a00:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.privacy-center.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a04:4e42:400::347 (United States)

ASN54113 (FASTLY, US)

www.civitatis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.82.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-117.fra56.r.cloudfront.net

sdk.privacy-center.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::22 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

tags.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.173.205.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-128.fra56.r.cloudfront.net

bucket.cdnwebcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, CY)
PTR: ip-185-184-8-90.rtbhouse.net

ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.230 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

20838848p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.83 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-83.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.40.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-40-116.muc50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.74.135.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-135-15.eu-west-1.compute.amazonaws.com

neural04.cdnwebcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ae:2a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	ch365profile.net ch365profile.net	281 KB
10	cdnwebcloud.com bucket.cdnwebcloud.com — Cisco Umbrella Rank: 37689 neural04.cdnwebcloud.com — Cisco Umbrella Rank: 559096	16 KB
10	civitatis.com www.civitatis.com — Cisco Umbrella Rank: 192675	1 MB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	558 KB
5	doubleclick.net 4 redirects ad.doubleclick.net — Cisco Umbrella Rank: 164 cm.g.doubleclick.net — Cisco Umbrella Rank: 276	505 B
5	creativecdn.com 1 redirects tags.creativecdn.com — Cisco Umbrella Rank: 6256 ams.creativecdn.com — Cisco Umbrella Rank: 11032	4 KB
3	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 136 ade.googlesyndication.com — Cisco Umbrella Rank: 335	1 KB
3	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1419 insight.adsrvr.org — Cisco Umbrella Rank: 1061 match.adsrvr.org — Cisco Umbrella Rank: 415	6 KB
3	privacy-center.org sdk.privacy-center.org — Cisco Umbrella Rank: 4457	168 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 203	126 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2347
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1551	704 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1587	9 KB
1	rezync.com 1 redirects live.rezync.com — Cisco Umbrella Rank: 1476	2 KB
1	rfihub.com 1 redirects 20838848p.rfihub.com	2 KB
64	15

	Domain	Requested by
20	ch365profile.net	ch365profile.net
10	www.civitatis.com	ch365profile.net
8	bucket.cdnwebcloud.com	www.googletagmanager.com bucket.cdnwebcloud.com
6	www.googletagmanager.com	ch365profile.net www.googletagmanager.com bucket.cdnwebcloud.com
4	ad.doubleclick.net	4 redirects
4	ams.creativecdn.com	1 redirects ch365profile.net
3	sdk.privacy-center.org	ch365profile.net sdk.privacy-center.org
2	ade.googlesyndication.com	1 redirects
2	neural04.cdnwebcloud.com	bucket.cdnwebcloud.com
2	adservice.google.com	ch365profile.net
2	region1.google-analytics.com	www.googletagmanager.com
1	match.adsrvr.org	js.adsrvr.org
1	insight.adsrvr.org	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	bucket.cdnwebcloud.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	js.adsrvr.org	bucket.cdnwebcloud.com
1	cm.g.doubleclick.net	ch365profile.net
1	live.rezync.com	1 redirects
1	20838848p.rfihub.com	1 redirects
1	tags.creativecdn.com	www.googletagmanager.com
64	21

This site contains links to these domains. Also see Links.

Domain
www.civitatis.com

Subject Issuer	Validity	Valid
ch365profile.net WE1	`2024-06-10` - `2024-09-08`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.privacy-center.org Amazon RSA 2048 M03	`2024-03-10` - `2025-04-07`	a year	crt.sh
www.civitatis.com Don Dominio / MrDomain RSA DV CA	`2024-04-11` - `2025-05-12`	a year	crt.sh
1589314308.rsc.cdn77.org R3	`2024-05-29` - `2024-08-27`	3 months	crt.sh
*.cdnwebcloud.com Amazon RSA 2048 M03	`2023-08-23` - `2024-09-21`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2024-04-05` - `2025-04-30`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
quantserve.com R3	`2024-04-25` - `2024-07-24`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://ch365profile.net/
Frame ID: 5EA8DA95561C21A25951F0B78B179DEE
Requests: 62 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=xq0aitp&ref=https%3A%2F%2Fch365profile.net%2F&upid=tsmzs4r&upv=1.1.0&td1=&td2=${product_city}&td3=${product_country}
Frame ID: BD7CCC61789C5BC2DAA2C04FF82BC416
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Visiter la Suisse : 10 destinations incontournables - Civitatis

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Didomi (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

sdk\.privacy-center\.org/.*/loader\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

92 %
HTTPS

33 %
IPv6

15
Domains

21
Subdomains

19
IPs

4
Countries

2381 kB
Transfer

4875 kB
Size

17
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.civitatis.com/fr/cookies/
Title: Pour de plus amples informations sur l'utilisation des cookies, cliquez ici

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://ams.creativecdn.com/tags/v2?type=json HTTP 307
https://ams.creativecdn.com/tags/v2?type=json&tc=1

Request Chain 41

https://ad.doubleclick.net/ddm/activity/src=11776257;type=invmedia;cat=v1mp_001;u1=[RTB_destID];u2=[pageType];u4=[productCountry];u6=[productDateFin];u7=[productDateInicio];u8=[productId];u9=[productName];u10=[productPrice];u11=[typology];u12=[transactionid];u14=[name];u18=[category];u19=[url];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?&n_one_v=20240403094329 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=11776257;dc_pre=CMiEkOy-2oYDFXlkHgId8rUNwg;type=invmedia;cat=v1mp_001;u1=[RTB_destID];u2=[pageType];u4=[productCountry];u6=[productDateFin];u7=[productDateInicio];u8=[productId];u9=[productName];u10=[productPrice];u11=[typology];u12=[transactionid];u14=[name];u18=[category];u19=[url];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?&n_one_v=20240403094329 HTTP 302
https://adservice.google.com/ddm/fls/z/src=11776257;dc_pre=CMiEkOy-2oYDFXlkHgId8rUNwg;type=invmedia;cat=v1mp_001;u1=[RTB_destID];u2=[pageType];u4=[productCountry];u6=[productDateFin];u7=[productDateInicio];u8=[productId];u9=[productName];u10=[productPrice];u11=[typology];u12=[transactionid];u14=[name];u18=[category];u19=[url];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?&n_one_v=20240403094329

Request Chain 42

https://ad.doubleclick.net/ddm/activity/src=11776257;type=invmedia;cat=profweb;u1=$%7Bdestination_id%7D;u2=;u3=$%7Bproduct_city%7D;u4=$%7Bproduct_country%7D;u5=$%7Bproduct_currency%7D;u6=$%7Bdate_end%7D;u7=$%7Bdate_start%7D;u8=;u9=;u10=$%7Bproduct_price%7D;u11=$%7Btypology%7D;u12=;u13=$%7Bsku%7D;u14=$%7Bname%7D;u15=$%7Bpaxes%7D;u16=;u17=$%7Baction%7D;u18=;u19=$%7Burl%7D;u20=$%7Blist%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?&n_one_v=20240403094330 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=11776257;dc_pre=CNKHkOy-2oYDFaVXHgIdDlMLrQ;type=invmedia;cat=profweb;u1=$%7Bdestination_id%7D;u2=;u3=$%7Bproduct_city%7D;u4=$%7Bproduct_country%7D;u5=$%7Bproduct_currency%7D;u6=$%7Bdate_end%7D;u7=$%7Bdate_start%7D;u8=;u9=;u10=$%7Bproduct_price%7D;u11=$%7Btypology%7D;u12=;u13=$%7Bsku%7D;u14=$%7Bname%7D;u15=$%7Bpaxes%7D;u16=;u17=$%7Baction%7D;u18=;u19=$%7Burl%7D;u20=$%7Blist%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?&n_one_v=20240403094330 HTTP 302
https://adservice.google.com/ddm/fls/z/src=11776257;dc_pre=CNKHkOy-2oYDFaVXHgIdDlMLrQ;type=invmedia;cat=profweb;u1=$%7Bdestination_id%7D;u2=;u3=$%7Bproduct_city%7D;u4=$%7Bproduct_country%7D;u5=$%7Bproduct_currency%7D;u6=$%7Bdate_end%7D;u7=$%7Bdate_start%7D;u8=;u9=;u10=$%7Bproduct_price%7D;u11=$%7Btypology%7D;u12=;u13=$%7Bsku%7D;u14=$%7Bname%7D;u15=$%7Bpaxes%7D;u16=;u17=$%7Baction%7D;u18=;u19=$%7Burl%7D;u20=$%7Blist%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?&n_one_v=20240403094330

Request Chain 43

https://20838848p.rfihub.com/ca.gif?rb=32581&ca=20838848&ra=2180702391&_o=32581&_t=20838848&n_one_v=20240403094330 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336729491794804&referrer={encSite}&forward=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3F%26in%3D0%26google_nid%3Dzeta_interactive%26google_cm%3D%26google_sc%3D%26google_hm%3DNTE0MjMzNjcyOTQ5MTc5NDgwNA%3D%3D%26forward%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D18%2526code%253D5142336729491794804https%25253A%25252F%25252Fdpm.demdex.net%25252Fibs%25253Adpid%25253D1121%252526dpuuid%25253D5142336729491794804%252526redir%25253Dhttps%2525253A%2525252F%2525252Fimage2.pubmatic.com%2525252FAdServer%2525252FPug%2525253Fvcode%2525253Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%2525253D%2525253D%25252526piggybackCookie%2525253D5142336729491794804%25252526r%2525253Dhttps%252525253A%252525252F%252525252Fus-u.openx.net%252525252Fw%252525252F1.0%252525252Fsd%252525253Fid%252525253D537073062%2525252526val%252525253D5142336729491794804%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fp.rfihub.com%25252525252Fcm%25252525253Fpub%25252525253D24472%252525252526in%25252525253D1https%2525252525253A%2525252525252F%2525252525252Fcontextual.media.net%2525252525252Fcksync.php%2525252525253Fcs%2525252525253D3%25252525252526type%2525252525253Drkt%25252525252526ovsid%2525252525253D5142336729491794804https%252525252525253A%252525252525252F%252525252525252Fbpi.rtactivate.com%252525252525252Ftag%252525252525252F%252525252525253Fid%252525252525253D11017%2525252525252526user_id%252525252525253D5142336729491794804https%25252525252525253A%25252525252525252F%25252525252525252Faa.agkn.com%25252525252525252Fadscores%25252525252525252Fg.pixel%25252525252525253Fsid%25252525252525253D9212192898%252525252525252526rf%25252525252525253D5142336729491794804 HTTP 302
https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MjMzNjcyOTQ5MTc5NDgwNA==&forward=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D18%26code%3D5142336729491794804https%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D1121%2526dpuuid%253D5142336729491794804%2526redir%253Dhttps%25253A%25252F%25252Fimage2.pubmatic.com%25252FAdServer%25252FPug%25253Fvcode%25253Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%25253D%25253D%252526piggybackCookie%25253D5142336729491794804%252526r%25253Dhttps%2525253A%2525252F%2525252Fus-u.openx.net%2525252Fw%2525252F1.0%2525252Fsd%2525253Fid%2525253D537073062%25252526val%2525253D5142336729491794804%25252526r%2525253Dhttps%252525253A%252525252F%252525252Fp.rfihub.com%252525252Fcm%252525253Fpub%252525253D24472%2525252526in%252525253D1https%25252525253A%25252525252F%25252525252Fcontextual.media.net%25252525252Fcksync.php%25252525253Fcs%25252525253D3%252525252526type%25252525253Drkt%252525252526ovsid%25252525253D5142336729491794804https%2525252525253A%2525252525252F%2525252525252Fbpi.rtactivate.com%2525252525252Ftag%2525252525252F%2525252525253Fid%2525252525253D11017%25252525252526user_id%2525252525253D5142336729491794804https%252525252525253A%252525252525252F%252525252525252Faa.agkn.com%252525252525252Fadscores%252525252525252Fg.pixel%252525252525253Fsid%252525252525253D9212192898%2525252525252526rf%252525252525253D5142336729491794804

Request Chain 59

https://ade.googlesyndication.com/ddm/activity/src=8239069;type=audie0;cat=civit0;ord=7491073127607;npa=1;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u17=undefined;u18=undefined;u20=undefined;u21=ch365profile.net;gdid=dMTc4Zm;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46c0v9136164887z877420407za201zb77420407;gcs=G100;gcd=13q3qPq2q5;dma_cps=-;dma=1;tcfd=10001;tag_exp=0;epver=2;~oref=https%3A%2F%2Fch365profile.net%2F HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=8239069;dc_pre=CPSguOy-2oYDFWUPogMdGZUAcw;type=audie0;cat=civit0;ord=7491073127607;npa=1;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u17=undefined;u18=undefined;u20=undefined;u21=ch365profile.net;gdid=dMTc4Zm;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46c0v9136164887z877420407za201zb77420407;gcs=G100;gcd=13q3qPq2q5;dma_cps=-;dma=1;tcfd=10001;tag_exp=0;epver=2;~oref=https%3A%2F%2Fch365profile.net%2F

Request Chain 60

https://insight.adsrvr.org/track/up?adv=xq0aitp&ref=https%3A%2F%2Fch365profile.net%2F&upid=tsmzs4r&upv=1.1.0&td1=&td2=${product_city}&td3=${product_country} HTTP 302
https://match.adsrvr.org/track/upb/?adv=xq0aitp&ref=https%3A%2F%2Fch365profile.net%2F&upid=tsmzs4r&upv=1.1.0&td1=&td2=${product_city}&td3=${product_country}

64 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
ch365profile.net/ 123 KB
19 KB 665ms
630ms Document
text/html 172.67.210.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ch365profile.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 8287962bd9a8f0ded4e671822c45949f98b6c59a377bc4b2e2039c45da0d5206

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 893857f5cc4e9945-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 14 Jun 2024 06:43:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cmYoZKVN0cf4wYXJC8Jbd46Iv95aZLxyKn%2B%2BUkHUhm6qt5%2F%2F0sUWSaXJzGwHzCMh%2FRjPSMlCmV24qq8E4Kl4y6JJSRDalmopyPOdxqjXtwv95%2FUXZsIatBe6WnWvxUVT1BX6"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 /
ch365profile.net/ 93 KB
13 KB 3871ms
3870ms Stylesheet
text/css 172.67.210.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ch365profile.net/?ver=6.1.6&_=%2Fblog%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Fstyle.min.css%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Requested by: Host: ch365profile.net
URL: https://ch365profile.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qjXMnk%2FxFeRhm5dpFHbPx1hlUyP4FXQpYipdpbPmod%2BsO2Da8uR7POdt9bgn2ocIsCLS4nw6Ig5qYefgz%2B0pbKbRqQrBpuYSgVzv%2BRFcgB%2BFgG%2FlyTrFG2qkLxA844rzgCvW"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cf-ray: 893857fa4fcf9945-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
ch365profile.net/ 217 B
575 B 3886ms
3883ms Stylesheet
text/css 172.67.210.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ch365profile.net/?ver=1&_=%2Fblog%2Fwp-includes%2Fcss%2Fclassic-themes.min.css%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Requested by: Host: ch365profile.net
URL: https://ch365profile.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Clk1Lqw8IF9ty1VilN4Ou88UiA%2Fu%2FwChpVHCOVjolnIi6grBYxRTPqg4So5x5PBgooCta7qgOhZvbtwMJ3rtcguv7wg0Jp5xRCvFv1aP33O2YdVRmyiBCg4qyK1U8VZRBxge"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cf-ray: 893857fa4fd49945-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
ch365profile.net/ 53 KB
9 KB 3872ms
3869ms Stylesheet
text/css 172.67.210.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ch365profile.net/?ver=1.0.development-0&_=%2Fblog%2Fwp-content%2Fthemes%2Fcivitatis%2Fdist%2Fmain.css%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Requested by: Host: ch365profile.net
URL: https://ch365profile.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: ff5a8f450fbf238cf81223841455f70a9358a8018bacd585a03f9838a9d3d564

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lXMizn7smcXcs1m2%2FpeMIzoJ9PsqfB8Wp4vkEqvjFyn2yVxV7srbueEjoFS7jeUOQf3tVV%2FqcooDT0fE8SRfPzq3xGKIacg2sHPKcSon3LaQhBAI3PpXBF0r54GeGUxs%2Bko6"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cf-ray: 893857fa4fd59945-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
ch365profile.net/ 2 KB
1 KB 3884ms
3882ms Stylesheet
text/css 172.67.210.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ch365profile.net/?ver=1.0.development-0&_=%2Fblog%2Fwp-content%2Fthemes%2Fcivitatis%2Fdist%2Ffonts%2Ficons.css%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Requested by: Host: ch365profile.net
URL: https://ch365profile.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: ebee1b325f2ad4805605a848e4c87026175da76b9e2a63a816271f0ac6bbba1d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fxp3avFGYjzIoyZCHf%2BB6kYp9m8mEnnLfv0KLkqy08Y03m%2B28US6egEVuZ5jBDKLlueDYEnc7PtFB0NV%2B5rUiQb0p210KYggDlXjwNw3%2BGnTQWtJX1izoQ46IirjkvTGpUdr"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cf-ray: 893857fa4fd79945-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
ch365profile.net/ 10 KB
1 KB 3990ms
3987ms Stylesheet
text/css 172.67.210.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ch365profile.net/?family=Montserrat%3Awght%40300%3B400%3B600%3B700%3B800&display=swap&ver=6.1.6&_=%2Fcss2%23KJWqMdlUlBntJOMBQ1PniITydIRhC1ay5eA%2FIw%3D%3D
Requested by: Host: ch365profile.net
URL: https://ch365profile.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 857d22d605b73225496a6ea7a6a08ced83cb17f1ca3a18f9c5f2cc2f133ab6b3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dpXGrNwiSW2sVgBmozJNheLTc6Ze%2FUhmoo7bOJOKLK8QLg9AK0%2BltmxEHbFzoLJJShvNZLSUBZO0YEZp4niwxm0e9Qce70uHAHQZ%2BsuhXbZKN%2B5G67jTyS5fBRccSx8Oj0zF"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cf-ray: 893857fa4fd99945-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
ch365profile.net/ 87 KB
31 KB 3895ms
3893ms Script
application/javascript 172.67.210.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ch365profile.net/?ver=3.5.1&_=%2Fjquery-3.5.1.min.js%23KJWqMdlUlBnoJOkQHhfxko7nYc9jFFI%3D
Requested by: Host: ch365profile.net
URL: https://ch365profile.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cH%2FW82nkKBiE2F70ji3yFgz2jTI0tCSP%2B1axKYTskR1Btur%2FnKALn%2FsqWP4WfStadRAOPLTVruGqPdP0Bvg0j0cufUGJAezYpmK0tZr6jtczF%2BDm%2BLC7BeBsqWwOTnPHWQsS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 893857fa4fda9945-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
ch365profile.net/ 67 KB
67 KB 3890ms
3889ms Image
image/webp 172.67.210.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch365profile.net/?_=%2Fblog%2Fwp-content%2Fuploads%2F2024%2F01%2Fshutterstock_1573609381-1920x542.jpg%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Requested by: Host: ch365profile.net
URL: https://ch365profile.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 7d3e81ed2dd66eecaef530509a8c08f0381658e7b943efe372936e6dfe9b900b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i0EHwLW3D9eThkulS1MuzlUKrM6hUEpUdhl%2BWZ%2Fs%2F0BR1Lxw%2BL2MyfmM4rjHTA4yrklFm7wFsFZAOJiJo%2FhXtUm3g1GRJWLL8SfLquukCwf2za%2BIdJUUdhbcp8mv0ZjolwKp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cf-ray: 893857fa4fdc9945-FRA
alt-svc: h3=":443"; ma=86400
content-length: 68336

GET
H3 200 / Show response
ch365profile.net/ 159 KB
36 KB 3887ms
3886ms Script
application/javascript 172.67.210.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ch365profile.net/?ver=1.0.development-0&_=%2Fblog%2Fwp-content%2Fthemes%2Fcivitatis%2Fdist%2Fmain.js%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Requested by: Host: ch365profile.net
URL: https://ch365profile.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 79c21d1eab39028d1cc910d7e8fc875a65a07be8bd1c8539b2876149d3658c0d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rg%2FIBSLtl2Ws02BF6TcuqzuUTKQxK9NHkpbE%2FaLhCiZIoZkcDFR6Th%2BXoq7h%2BWN1cSswBcgNotow9RILGADVugZKJNPZYMzF84AL%2F7VdzUTNzBbMog7a7tLPcSUIEqqhVn5V"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 893857fa4fdd9945-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
ch365profile.net/ 1 KB
1 KB 226ms
225ms Script
application/javascript 172.67.210.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ch365profile.net/?ver=1.0.development-0&_=%2Fblog%2Fwp-content%2Fthemes%2Fcivitatis%2Fdist%2Fdidomi.js%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Requested by: Host: ch365profile.net
URL: https://ch365profile.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 079bee2b0fea957b4b9d2193c12b22bafe5c5e42481376eda2e5b037bb3f1e79

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YVt86to1Gse4yTi8LeDBRijkGXMmL093Q35%2BTiXq%2BguXti6WIKe75wCDLqz0gUXNM%2FooFCEsyyb3qu6Mjauyot1cQt9mVgj6byOvjFgnsnQS7lgPU%2BtqRJ620394mmA8917R"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 89385812cdd99945-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
ch365profile.net/ 3 KB
1 KB 216ms
215ms Script
application/javascript 172.67.210.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ch365profile.net/?ver=1.0.development-0&_=%2Fblog%2Fwp-content%2Fthemes%2Fcivitatis%2Fdist%2Fdidomi-config.js%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Requested by: Host: ch365profile.net
URL: https://ch365profile.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: d856fceaad6576c825e8b0a9a8b4bf90c2f11ba2163b1621db4d1bd2f354e9c0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LZEBkU5UycSdcJ6kqtjNuKfKfpuNNWl%2Fe3SwocAtK8N4ozxowbH69ALKbWhjz7XxmfInnHEHgpwf9i74Qq280c%2FUq8vb73BEkC0SD3OAcazNbI%2BSMtullpzCIENhipEj8QID"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 89385812edef9945-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
ch365profile.net/ 9 KB
4 KB 240ms
239ms Script
application/javascript 172.67.210.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ch365profile.net/?ver=3.12.5&_=%2Fblog%2Fwp-content%2Fplugins%2Fwp-smush-pro%2Fapp%2Fassets%2Fjs%2Fsmush-lazy-load-native.min.js%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Requested by: Host: ch365profile.net
URL: https://ch365profile.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: be6782a8a0617c64e1eaf887f6771ac1e4ead25232ffcf133e5cba77b7379e76

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RfUp9UVlUqvSBGvITJOL%2FXK8cxXNgmfwKzqkLirDin%2Fhu15u8qg6CGy5UTwfl9yjLrTrF8Vn%2BsyA%2FVa%2BSIWCIMFncnPhgNm7yMcHbbX2o3yhuaXngfiSQxAi9biXlq8VshPf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 893858134e509945-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
ch365profile.net/ 11 KB
4 KB 218ms
217ms Script
application/javascript 172.67.210.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ch365profile.net/?ver=1709039328&_=%2Fblog%2Fwp-content%2Fplugins%2Fakismet%2F_inc%2Fakismet-frontend.js%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Requested by: Host: ch365profile.net
URL: https://ch365profile.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 6bc5622bfab1a16855ad49b99a3f9ed8eb24f49da469a113f9000b866f109e2e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=08sYxBJjRgSjOH1v1aSj%2F7jcaybfAeAquYMcgSp6v4su7RwS6t6Ij%2FCPucVXNCaA1pF4nzW8i0jhQ5nfHRqQD%2FkoeBNXD5%2B%2F4Coh6Gy%2BBzRL4DngWofOM7unlMPvlgnVV1Rg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 893858134e519945-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 519 KB
130 KB 97ms
67ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NWH47P4

Requested by

Host: ch365profile.net
URL: https://ch365profile.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd854d3a381b2d652f4ffa2ae0a7a6abe77420b409d656bba2a9bfbda868205a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132708
x-xss-protection: 0
last-modified: Fri, 14 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jun 2024 06:43:04 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 /
ch365profile.net/ 32 KB
33 KB 441ms
440ms Font
font/woff2 172.67.210.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ch365profile.net/?_=%2Fs%2Fmontserrat%2Fv26%2FJTUSjIg1_i6t8kCHKm459Wlhyw.woff2%23KJWqMdlUlBntJOMBQ1PnlJ%2F0bIhjVVyupg%3D%3D
Requested by: Host: ch365profile.net
URL: https://ch365profile.net/?family=Montserrat%3Awght%40300%3B400%3B600%3B700%3B800&display=swap&ver=6.1.6&_=%2Fcss2%23KJWqMdlUlBntJOMBQ1PniITydIRhC1ay5eA%2FIw%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/?family=Montserrat%3Awght%40300%3B400%3B600%3B700%3B800&display=swap&ver=6.1.6&_=%2Fcss2%23KJWqMdlUlBntJOMBQ1PniITydIRhC1ay5eA%2FIw%3D%3D
Origin: https://ch365profile.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Ow%2FdJgUTl3%2FMCFSnMgW6qeDE18cNojk4dP63h1nuVm2LCQFCIFmNnPH2hZZB1Sy1dPnTcN9AY4P%2FB9cVYe4vQm3pK1x07mhSjGgLe6sYzTX20vtGCWsj6lyShmyif%2FSdH4l"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cf-ray: 89385813ce8e9945-FRA
alt-svc: h3=":443"; ma=86400
content-length: 33092

GET
H3 200 /
ch365profile.net/ 123 KB
19 KB 321ms
320ms Font
text/html 172.67.210.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ch365profile.net/?18fc218a116a51b9e1980654a6c986f9=&_=%2Fblog%2Fwp-content%2Fthemes%2Fcivitatis%2Fdist%2Ffonts%2F.%2Ficons.woff2%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Requested by: Host: ch365profile.net
URL: https://ch365profile.net/?ver=1.0.development-0&_=%2Fblog%2Fwp-content%2Fthemes%2Fcivitatis%2Fdist%2Ffonts%2Ficons.css%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 8287962bd9a8f0ded4e671822c45949f98b6c59a377bc4b2e2039c45da0d5206

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/?ver=1.0.development-0&_=%2Fblog%2Fwp-content%2Fthemes%2Fcivitatis%2Fdist%2Ffonts%2Ficons.css%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Origin: https://ch365profile.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=seZmhYr97Gfq9EbAsE0%2FEgM7Pm8Pksg9LlnoS%2FK%2FGZ%2BJ1FUOGHoik5Y3yJ5loPDajdZo7w7s%2B0hgsh0ty89oQ5U8%2BV7z25iEIIFpJu23PT%2FGwUVjCY%2F1ZEOY%2FA9LfOEg%2FS31"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store
cf-ray: 89385813ce8f9945-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 loader.js Show response
sdk.privacy-center.org/60ac3ba7-1ae5-42dc-be9a-50140ae6cea1/ 64 KB
23 KB 186ms
139ms Script
application/javascript 2600:9000:26e8:4a00:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/60ac3ba7-1ae5-42dc-be9a-50140ae6cea1/loader.js?target=ch365profile.net
Requested by: Host: ch365profile.net
URL: https://ch365profile.net/?ver=1.0.development-0&_=%2Fblog%2Fwp-content%2Fthemes%2Fcivitatis%2Fdist%2Fdidomi.js%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:4a00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7209ffdfb57c6bc64cd670efefc41792c372e719b761c94196be4b031823eb70

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
x-didomi-configs-version: 109
x-didomi-remote-config-metadata: multiReg:true;legacyGlobalGdpr:true
content-encoding: br
via: 1.1 87b9fb3f8157b5916fbe1d11149c4f3a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
x-amzn-requestid: 12613b52-9e93-4b1a-839c-e0261b95ce50
etag: W/"55261185c3449c604e163c0c5aeb995c"
vary: Accept-Encoding
x-amzn-trace-id: root=1-666be679-4a888c0217d04ae043cc88c4;parent=69f47649cbc4566f;sampled=0;lineage=eaae1266:0
content-type: application/javascript; charset=utf-8
x-cache: Miss from cloudfront
cache-control: max-age=7200, public
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: P3eUv94uvGINGKvv-T1J3WwDrWiz2ohBxcLCZ-6cGS7DQpFvxvnDVw==

GET
H2 200 shutterstock_2284568887-1280x853.jpg
www.civitatis.com/blog/wp-content/uploads/2024/01/ 118 KB
119 KB 40ms
8ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.civitatis.com/blog/wp-content/uploads/2024/01/shutterstock_2284568887-1280x853.jpg

Requested by

Host: ch365profile.net
URL: https://ch365profile.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6a80241e6b7c3d99be3150819e2285d3156d704630c7765b4ec03adcde162baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
fastly-io-served-by: img11-europe-west2
x-cache: MISS, MISS, HIT
fastly-io-info: ifsz=258961 idim=1280x853 ifmt=jpeg ofsz=120918 odim=1280x853 ofmt=webp
fastly-stats: io=1
x-age: 1974828
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 120918
x-served-by: cache-ams21058-AMS, cache-ams12735-AMS, cache-fra-etou8220031-FRA
last-modified: Tue, 26 Mar 2024 16:58:08 GMT
x-ttl: 604800
x-timer: S1718347385.124203,VS0,VE2
etag: "8koypUn4TYYwLey8en/ytqF86cz5SDbHcHgPizS5pHQ"
x-frame-options: DENY
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-currency: USD
cache-control: max-age=2592000, public
accept-ranges: bytes
x-device-geo: geo_continent=EU,geo_country=DE,geo_region=BY,geo_city=eichstatt,geo_postal=85072,geo_long=11.190,geo_lat=48.890,geo_asn=201011
x-cache-hits: 0, 0, 0

GET
H2 200 shutterstock_552162256-1280x853.jpg
www.civitatis.com/blog/wp-content/uploads/2024/01/ 156 KB
157 KB 40ms
9ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.civitatis.com/blog/wp-content/uploads/2024/01/shutterstock_552162256-1280x853.jpg

Requested by

Host: ch365profile.net
URL: https://ch365profile.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d3cea9e19a517fc8cd79391384f22a21efbabafd81bcf999381ed7a5660eccf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
fastly-io-served-by: img05-europe-west3
x-cache: MISS, HIT, HIT
fastly-io-info: ifsz=304893 idim=1280x853 ifmt=jpeg ofsz=160170 odim=1280x853 ofmt=webp
fastly-stats: io=1
x-age: 639572
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 160170
x-served-by: cache-ams21070-AMS, cache-ams2100097-AMS, cache-fra-etou8220031-FRA
last-modified: Fri, 14 Jun 2024 05:37:47 GMT
x-ttl: 604800
x-timer: S1718347385.123886,VS0,VE2
etag: "FbjQRaqoBMyPvWnIQrsfDMmoFYCWkVn8hh8aPBPQwUY"
x-frame-options: DENY
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-currency: GBP
cache-control: max-age=2592000, public
accept-ranges: bytes
x-device-geo: geo_continent=EU,geo_country=DE,geo_region=BY,geo_city=eichstatt,geo_postal=85072,geo_long=11.190,geo_lat=48.890,geo_asn=201011
x-cache-hits: 0, 4, 0

GET
H2 200 shutterstock_588308726-1280x853.jpg
www.civitatis.com/blog/wp-content/uploads/2024/01/ 49 KB
49 KB 53ms
23ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.civitatis.com/blog/wp-content/uploads/2024/01/shutterstock_588308726-1280x853.jpg

Requested by

Host: ch365profile.net
URL: https://ch365profile.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3600cc25cbdfdad2485dd8c87c988266246d2f36bfa67a039dc2739091dab53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
fastly-io-served-by: img03-europe-west3
x-cache: MISS, HIT, HIT
fastly-io-info: ifsz=134984 idim=1280x853 ifmt=jpeg ofsz=49700 odim=1280x853 ofmt=webp
fastly-stats: io=1
x-age: 639572
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 49700
x-served-by: cache-ams21081-AMS, cache-ams2100098-AMS, cache-fra-etou8220031-FRA
last-modified: Fri, 14 Jun 2024 05:37:48 GMT
x-ttl: 604800
x-timer: S1718347385.124303,VS0,VE3
etag: "yHNEbCOUFA8+1WZtmYK2XpAi3zvi4cHA5z1qR3Jq5iY"
x-frame-options: DENY
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-currency: GBP
cache-control: max-age=2592000, public
accept-ranges: bytes
x-device-geo: geo_continent=EU,geo_country=DE,geo_region=BY,geo_city=eichstatt,geo_postal=85072,geo_long=11.190,geo_lat=48.890,geo_asn=201011
x-cache-hits: 0, 3, 0

GET
H2 200 shutterstock_456473839-1280x853.jpg
www.civitatis.com/blog/wp-content/uploads/2024/01/ 165 KB
165 KB 40ms
10ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.civitatis.com/blog/wp-content/uploads/2024/01/shutterstock_456473839-1280x853.jpg

Requested by

Host: ch365profile.net
URL: https://ch365profile.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

044a72b0f011ee6f493fa1488fe0c0e92c5595f7ad4500e1c0061665fa7b560b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
fastly-io-served-by: img03-europe-west2
x-cache: MISS, HIT, HIT
fastly-io-info: ifsz=324781 idim=1280x853 ifmt=jpeg ofsz=168616 odim=1280x853 ofmt=webp
fastly-stats: io=1
x-age: 1373786
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 168616
x-served-by: cache-ams21053-AMS, cache-ams12770-AMS, cache-fra-etou8220031-FRA
last-modified: Fri, 26 Apr 2024 11:37:13 GMT
x-ttl: 604800
x-timer: S1718347385.124199,VS0,VE2
etag: "BtvFwpROF4T5XJgzI52TUcJ6+JRC3DcqIG47THUP04o"
x-frame-options: DENY
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-currency: EUR
cache-control: max-age=2592000, public
accept-ranges: bytes
x-device-geo: geo_continent=EU,geo_country=DE,geo_region=BY,geo_city=eichstatt,geo_postal=85072,geo_long=11.190,geo_lat=48.890,geo_asn=201011
x-cache-hits: 0, 2, 0

GET
H2 200 shutterstock_2292900075-1280x553.jpg
www.civitatis.com/blog/wp-content/uploads/2024/01/ 101 KB
101 KB 60ms
30ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.civitatis.com/blog/wp-content/uploads/2024/01/shutterstock_2292900075-1280x553.jpg

Requested by

Host: ch365profile.net
URL: https://ch365profile.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0843a458b26afabacb40edbbe322ff6008400325b536ce111270a230bc2affc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
fastly-io-served-by: img03-europe-west3
x-cache: MISS, HIT, MISS
fastly-io-info: ifsz=205315 idim=1280x553 ifmt=jpeg ofsz=103502 odim=1280x553 ofmt=webp
fastly-stats: io=1
x-age: 228191
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 103502
x-served-by: cache-ams2100110-AMS, cache-ams2100108-AMS, cache-fra-etou8220031-FRA
last-modified: Fri, 14 Jun 2024 06:43:05 GMT
x-ttl: 604800
x-timer: S1718347385.123890,VS0,VE10
etag: "8+SxHWOnEFm5rmBJpKGZUZkqvV87V54yKLRJ1gljJ4s"
x-frame-options: DENY
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-currency: EUR
cache-control: max-age=2592000, public
accept-ranges: bytes
x-device-geo: geo_continent=EU,geo_country=DE,geo_region=BY,geo_city=eichstatt,geo_postal=85072,geo_long=11.190,geo_lat=48.890,geo_asn=201011
x-cache-hits: 0, 7, 0

GET
H2 200 shutterstock_2033542388-1280x960.jpg
www.civitatis.com/blog/wp-content/uploads/2024/01/ 86 KB
86 KB 39ms
9ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.civitatis.com/blog/wp-content/uploads/2024/01/shutterstock_2033542388-1280x960.jpg

Requested by

Host: ch365profile.net
URL: https://ch365profile.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8cfeeafe178404467390e54b2f03d0f19704c86b6fec05f7cb36eeab87716c7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
fastly-io-served-by: vpop-etou8240196
x-cache: MISS, HIT, HIT
fastly-io-info: ifsz=216677 idim=1280x960 ifmt=jpeg ofsz=87574 odim=1280x960 ofmt=webp
fastly-stats: io=1
x-age: 818274
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 87574
x-served-by: cache-ams21033-AMS, cache-ams21021-AMS, cache-fra-etou8220031-FRA
last-modified: Mon, 03 Jun 2024 17:43:07 GMT
x-ttl: 604800
x-timer: S1718347385.124279,VS0,VE2
etag: "hxr0kUial8mE+0GM0pipfUKZpeJheFDMPI18hvudzBE"
x-frame-options: DENY
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-currency: USD
cache-control: max-age=2592000, public
accept-ranges: bytes
x-device-geo: geo_continent=EU,geo_country=DE,geo_region=BY,geo_city=eichstatt,geo_postal=85072,geo_long=11.190,geo_lat=48.890,geo_asn=201011
x-cache-hits: 0, 8, 0

GET
H2 200 shutterstock_1755952565-1280x853.jpg
www.civitatis.com/blog/wp-content/uploads/2024/01/ 240 KB
241 KB 13ms
10ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.civitatis.com/blog/wp-content/uploads/2024/01/shutterstock_1755952565-1280x853.jpg

Requested by

Host: ch365profile.net
URL: https://ch365profile.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f87339e3a37ba30f0daec260d56b2614068cbbe6362b9c8eae9f5601f9f5c51d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
fastly-io-served-by: vpop-etou8240196
x-cache: MISS, HIT, HIT
fastly-io-info: ifsz=429469 idim=1280x853 ifmt=jpeg ofsz=245724 odim=1280x853 ofmt=webp
fastly-stats: io=1
x-age: 500497
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 245724
x-served-by: cache-ams21026-AMS, cache-ams21068-AMS, cache-fra-etou8220031-FRA
last-modified: Fri, 14 Jun 2024 05:37:47 GMT
x-ttl: 604800
x-timer: S1718347385.156317,VS0,VE2
etag: "kcsHnTZgb+cCQapFKsAHfXeiTTVMVfJ0KgkFgGaUj/k"
x-frame-options: DENY
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-currency: GBP
cache-control: max-age=2592000, public
accept-ranges: bytes
x-device-geo: geo_continent=EU,geo_country=DE,geo_region=BY,geo_city=eichstatt,geo_postal=85072,geo_long=11.190,geo_lat=48.890,geo_asn=201011
x-cache-hits: 0, 7, 0

GET
H2 200 shutterstock_1556871359-1280x740.jpg
www.civitatis.com/blog/wp-content/uploads/2024/01/ 121 KB
122 KB 13ms
10ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.civitatis.com/blog/wp-content/uploads/2024/01/shutterstock_1556871359-1280x740.jpg

Requested by

Host: ch365profile.net
URL: https://ch365profile.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d17f4c059df56f6c6487cae6253e261b22eb5aad0fbef729c5c17dfade4f3eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
fastly-io-served-by: img07-europe-west2
x-cache: MISS, MISS, HIT
fastly-io-info: ifsz=246286 idim=1280x740 ifmt=jpeg ofsz=123972 odim=1280x740 ofmt=webp
fastly-stats: io=1
x-age: 315777
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 123972
x-served-by: cache-ams21049-AMS, cache-ams21066-AMS, cache-fra-etou8220031-FRA
last-modified: Tue, 26 Mar 2024 17:00:40 GMT
x-ttl: 604800
x-timer: S1718347385.156333,VS0,VE2
etag: "bAwkVnjMWU+BN9/B7HQIq0lFGfNCkSLWpY0tkgX4tb8"
x-frame-options: DENY
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-currency: USD
cache-control: max-age=2592000, public
accept-ranges: bytes
x-device-geo: geo_continent=EU,geo_country=DE,geo_region=BY,geo_city=eichstatt,geo_postal=85072,geo_long=11.190,geo_lat=48.890,geo_asn=201011
x-cache-hits: 0, 0, 0

GET
H2 200 shutterstock_220695679-1280x853.jpg
www.civitatis.com/blog/wp-content/uploads/2024/01/ 149 KB
150 KB 44ms
41ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.civitatis.com/blog/wp-content/uploads/2024/01/shutterstock_220695679-1280x853.jpg

Requested by

Host: ch365profile.net
URL: https://ch365profile.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ab9b6c68459beb760c5ace940bd2d0182f044bd7dddf7929cb2f1072caeb5f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
fastly-io-served-by: vpop-etou8240193
x-cache: MISS, HIT, MISS
fastly-io-info: ifsz=290133 idim=1280x853 ifmt=jpeg ofsz=152678 odim=1280x853 ofmt=webp
fastly-stats: io=1
x-age: 228191
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 152678
x-served-by: cache-ams2100124-AMS, cache-ams21082-AMS, cache-fra-etou8220031-FRA
last-modified: Fri, 14 Jun 2024 06:43:05 GMT
x-ttl: 604800
x-timer: S1718347385.156521,VS0,VE10
etag: "aDC5QbQVjGXneuFhsnDXsJ5LLRZS4kj9Tv+7Goa/dus"
x-frame-options: DENY
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-currency: EUR
cache-control: max-age=2592000, public
accept-ranges: bytes
x-device-geo: geo_continent=EU,geo_country=DE,geo_region=BY,geo_city=eichstatt,geo_postal=85072,geo_long=11.190,geo_lat=48.890,geo_asn=201011
x-cache-hits: 0, 4, 0

GET
H2 200 shutterstock_1860324583-1280x854.jpg
www.civitatis.com/blog/wp-content/uploads/2024/01/ 150 KB
150 KB 13ms
11ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.civitatis.com/blog/wp-content/uploads/2024/01/shutterstock_1860324583-1280x854.jpg

Requested by

Host: ch365profile.net
URL: https://ch365profile.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ccffcbaa9355b45580520d055f62bd96fc3f2390bab64a750ab8c870298d10c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
fastly-io-served-by: img01-europe-west2
x-cache: MISS, MISS, HIT
fastly-io-info: ifsz=304452 idim=1280x854 ifmt=jpeg ofsz=153488 odim=1280x854 ofmt=webp
fastly-stats: io=1
x-age: 1792859
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 153488
x-served-by: cache-ams21057-AMS, cache-ams12743-AMS, cache-fra-etou8220031-FRA
last-modified: Tue, 26 Mar 2024 17:00:48 GMT
x-ttl: 604800
x-timer: S1718347385.156490,VS0,VE2
etag: "fVXRVeCGkdMQq7wbdmkaUQA/T0uKKqqH8I4gDMh6BXg"
x-frame-options: DENY
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-currency: USD
cache-control: max-age=2592000, public
accept-ranges: bytes
x-device-geo: geo_continent=EU,geo_country=DE,geo_region=BY,geo_city=eichstatt,geo_postal=85072,geo_long=11.190,geo_lat=48.890,geo_asn=201011
x-cache-hits: 0, 0, 0

GET
H3 200 /
ch365profile.net/ 6 KB
3 KB 186ms
185ms Image
image/svg+xml 172.67.210.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch365profile.net/?_=%2Fblog%2Fwp-content%2Fuploads%2F2020%2F09%2Flogo.svg%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Requested by: Host: ch365profile.net
URL: https://ch365profile.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 012c028caf844869b53415bb60f40047ee9b6b8bb34faafb498f7466137693ba

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h0EozsdiOoKIE3INI8SVS5sOr1rNRJW2gL9GneuS2b6WuFEdUg3G6qlO51016ekxyUhr%2FeMRwvOVbRc6CHoctdpYF8IoDSsU%2F1jrEIMmuPzFxi4aq7PBa6bgjQV4G5ap9Iw8"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 89385814df749945-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
ch365profile.net/ 3 KB
2 KB 178ms
177ms Image
image/svg+xml 172.67.210.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch365profile.net/?_=%2Fblog%2Fwp-content%2Fuploads%2F2020%2F09%2Flogo-civitatis.svg%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Requested by: Host: ch365profile.net
URL: https://ch365profile.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 63cb0d2ecc966c4948f32e15eb66d25cdf58f4e0bcc2b73209684687d14d127c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NQJSt3eSBi2%2B7ohPiTPJq96DWAEr9Ny7STL31cg%2BgrdC01aAoIK5bHz%2FAlTvq8lLZbdW5SJJy06TCKvX815UJRpaRniSVAa2j4jeIIWS8cCeXC9Wmpt8NawasSNNKNVZF1Xp"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 89385814df789945-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sdk.9bcdbe6579aaa9e3dc2d528290387e190cb5e888.js Show response
sdk.privacy-center.org/sdk/9bcdbe6579aaa9e3dc2d528290387e190cb5e888/modern/ 342 KB
89 KB 12ms
11ms Script
application/javascript 2600:9000:26e8:4a00:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/9bcdbe6579aaa9e3dc2d528290387e190cb5e888/modern/sdk.9bcdbe6579aaa9e3dc2d528290387e190cb5e888.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/60ac3ba7-1ae5-42dc-be9a-50140ae6cea1/loader.js?target=ch365profile.net
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:4a00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec46050c21aa4b8cc413020f387b7d4d4b3b384e0b97ecda3a5d361fb67f8f58

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 12:33:51 GMT
content-encoding: br
via: 1.1 87b9fb3f8157b5916fbe1d11149c4f3a.cloudfront.net (CloudFront)
last-modified: Thu, 13 Jun 2024 12:33:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
age: 65355
etag: W/"5f265901d4529da0afa0adb091bc6744-1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: u5OccY4tbVNs9MGltwrPpExN0Rf0E-2Acv5uikrqsl1VIDi7zjBwHg==

GET
H3 200 /
ch365profile.net/ 123 KB
19 KB 266ms
266ms Font
text/html 172.67.210.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ch365profile.net/?18fc218a116a51b9e1980654a6c986f9=&_=%2Fblog%2Fwp-content%2Fthemes%2Fcivitatis%2Fdist%2Ffonts%2F.%2Ficons.woff%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Requested by: Host: ch365profile.net
URL: https://ch365profile.net/?ver=1.0.development-0&_=%2Fblog%2Fwp-content%2Fthemes%2Fcivitatis%2Fdist%2Ffonts%2Ficons.css%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 8287962bd9a8f0ded4e671822c45949f98b6c59a377bc4b2e2039c45da0d5206

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/?ver=1.0.development-0&_=%2Fblog%2Fwp-content%2Fthemes%2Fcivitatis%2Fdist%2Ffonts%2Ficons.css%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Origin: https://ch365profile.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NiNZUwP2eXNm%2BdaHYwP7XcN0yf4GQZ794Ci9c0iQrTtGtCD0owzgqob6SrDEaWviVTpJXJsRcNo3cu9wrDX00Sxt0SHuGxYH3YFi%2BKlpUVYOhPW43GDjHBqervH8nxzzMeSa"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store
cf-ray: 89385816084c9945-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ui-gdpr-fr-web.9bcdbe6579aaa9e3dc2d528290387e190cb5e888.js Show response
sdk.privacy-center.org/sdk/9bcdbe6579aaa9e3dc2d528290387e190cb5e888/modern/ 276 KB
57 KB 8ms
8ms Script
application/javascript 3.161.82.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/9bcdbe6579aaa9e3dc2d528290387e190cb5e888/modern/ui-gdpr-fr-web.9bcdbe6579aaa9e3dc2d528290387e190cb5e888.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/9bcdbe6579aaa9e3dc2d528290387e190cb5e888/modern/sdk.9bcdbe6579aaa9e3dc2d528290387e190cb5e888.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 3.161.82.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-117.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7fc49aa85ac6110977d72a2c89ad587f0fa07e1b13ff07fd02096089c37438f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 12:33:56 GMT
content-encoding: br
via: 1.1 87b9fb3f8157b5916fbe1d11149c4f3a.cloudfront.net (CloudFront)
last-modified: Thu, 13 Jun 2024 12:33:44 GMT
server: AmazonS3
age: 65350
x-amz-cf-pop: FRA56-P10
etag: W/"f4b36b0c99c2c144e0e6a10c8df96bf9-1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: SuX6zc-QwE7lXh9Po_HtFykp0LZNoftWh1Wwbxi-lzftom_CgbW9Ig==

GET
H2 200 X0MoQBIoP35TSmmNfa4o.js Show response
tags.creativecdn.com/ 4 KB
2 KB 42ms
7ms Script
application/javascript 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.creativecdn.com/X0MoQBIoP35TSmmNfa4o.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWH47P4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 14 Jun 2024 06:43:05 GMT
content-encoding: gzip
x-accel-date-max: 1701080805
x-guploader-uploadid: ABPtcPpOQn52VrkC8jjAFGvYU7HPZQaUKvjffFfVlUfDVvsh0B2f1yLWRdoAUbe8oGdDEUdqBy8
x-77-cache: HIT
x-cache: HIT
x-goog-storage-class: STANDARD
x-guploader-response-body-transformations: gunzipped
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
x-age: 1707
x-accel-date: 1718345678
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwB1GY4tAH3qwYAAAwB1GY4nAH3pQAAAA
x-accel-expires: @1718349252
x-77-age: 1707
last-modified: Tue, 20 Sep 2022 08:44:29 GMT
server: CDN77-Turbo
etag: W/"7dd71e4b922b44d4a1b639cea2047fcd"
x-77-nzt-ray: 6d204d11dd8a39e179e66b66b1e76716
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1663663469161322
content-type: application/javascript
x-goog-hash: crc32c=U/iOdA==, md5=fdceS5IrRNShtjnOogR/zQ==
cache-control: public, max-age=3600
warning: 214 UploadServer gunzipped
x-goog-stored-content-length: 1741
expires: Mon, 27 Nov 2023 11:24:00 GMT

GET
H2 200 civitatis-universal245.js Show response
bucket.cdnwebcloud.com/ 14 KB
4 KB 49ms
13ms Script
application/javascript 18.173.205.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/civitatis-universal245.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWH47P4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-128.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: af3dbe35acd1d8aaa2c25c85084f058e2512ee5504b16897e909d37adf272f37

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:06 GMT
content-encoding: br
via: 1.1 f0b5999c895f4b29c49c485a0a825d0c.cloudfront.net (CloudFront)
last-modified: Fri, 25 Nov 2022 14:07:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
etag: W/"b90af606c645e2e390c0911b63194027"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-amz-cf-id: wWhhUUYIBf-o6NReCyKJzPPQge_HLWIMYzhqal4-5kI9rZWZsd_w6Q==

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 310 KB
103 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-QJQ54CTKPM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWH47P4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

224d4662389d12757dce0862a8ba9ba8d0165af3e0a5d79a26422b3ed6100f26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105829
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Jun 2024 06:43:05 GMT

OPTIONS
H2 200 v2
ams.creativecdn.com/tags/ Frame 0
0 52ms
16ms Preflight 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://ams.creativecdn.com/tags/v2?type=json
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ch365profile.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://ch365profile.net
access-control-max-age: 3600
content-length: 0
date: Fri, 14 Jun 2024 06:43:05 GMT
vary: Origin

POST
H2

204

v2 Show response
ams.creativecdn.com/tags/
Redirect Chain

https://ams.creativecdn.com/tags/v2?type=json
https://ams.creativecdn.com/tags/v2?type=json&tc=1

0
170 B

16ms
16ms

Fetch

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://ams.creativecdn.com/tags/v2?type=json&tc=1
Requested by: Host: ch365profile.net
URL: https://ch365profile.net/
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ch365profile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://ch365profile.net
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

pragma: no-cache
date: Fri, 14 Jun 2024 06:43:05 GMT, Fri, 14 Jun 2024 06:43:05 GMT
access-control-max-age: 3600
vary: Origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin: https://ch365profile.net
access-control-allow-methods: GET, POST
location: https://ams.creativecdn.com/tags/v2?type=json&tc=1
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 civitatis-universal245_9299_0_0.js Show response
bucket.cdnwebcloud.com/ 454 B
811 B 7ms
7ms Script
application/javascript 18.173.205.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/civitatis-universal245_9299_0_0.js?n_one_v=20221125140721
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/civitatis-universal245.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-128.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09d4592921c1812e7ad5c59c9d28b36db95e3ee35dfc3cf45f0b58d2ed89587d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 13 Feb 2024 05:21:59 GMT
via: 1.1 f0b5999c895f4b29c49c485a0a825d0c.cloudfront.net (CloudFront)
last-modified: Fri, 25 Nov 2022 14:07:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
age: 10545667
etag: "5f5e58a9c11bef6a66b3322e444f54c5"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=17280000
accept-ranges: bytes
content-length: 454
x-amz-cf-id: mKinlLZGK3_57IB_z91dmKXeBobqxcVekdz_kmVENuFmfjE82EnXhA==

GET
H2 200 civitatis-es245.js Show response
bucket.cdnwebcloud.com/ 32 KB
6 KB 7ms
7ms Script
application/javascript 18.173.205.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/civitatis-es245.js?z=0.6266155813685141
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/civitatis-universal245_9299_0_0.js?n_one_v=20221125140721
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-128.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 752d3a25f1f4f2160844965060ff64e15e77e213a91f63cf4471ec1371e03329

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:06 GMT
content-encoding: br
via: 1.1 f0b5999c895f4b29c49c485a0a825d0c.cloudfront.net (CloudFront)
last-modified: Wed, 03 Apr 2024 09:43:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
x-amz-server-side-encryption: AES256
etag: W/"ef17b5a677001fb02ae516714b367a23"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-amz-cf-id: Ql97megtMcnOxpvplFqbJS1-VdxV_1se9yzx8zF5_OppO5j9rUGLjQ==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 36ms
13ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QJQ54CTKPM&gtm=45je46c0v888201735z877420407za200zb77420407&_p=1718347384841&gcs=G100&gcd=13q3qPq2q5&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=0&gdid=dMTc4Zm&gtm_up=1&cid=1462146039.1718347385&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1718347385&sct=1&seg=0&dl=https%3A%2F%2Fch365profile.net%2F&dt=Visiter%20la%20Suisse%20%3A%2010%20destinations%20incontournables%20-%20Civitatis&en=sitewide&_fv=1&_nsi=1&_ss=2&tfd=5399&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-QJQ54CTKPM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 14 Jun 2024 06:43:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ch365profile.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
ams.creativecdn.com/tags/ Frame 0
0 15ms
14ms Preflight 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://ams.creativecdn.com/tags/v2?type=json&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ch365profile.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://ch365profile.net
access-control-max-age: 3600
content-length: 0
date: Fri, 14 Jun 2024 06:43:05 GMT
vary: Origin

GET
H3

200

src=11776257;dc_pre=CMiEkOy-2oYDFXlkHgId8rUNwg;type=invmedia;cat=v1mp_001;u1=[RTB_destID];u2=[pageType];u4=[productCountry];u6=[productDateFin];u7=[productDateInicio];u8=[productId];u9=[productName...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=11776257;type=invmedia;cat=v1mp_001;u1=[RTB_destID];u2=[pageType];u4=[productCountry];u6=[productDateFin];u7=[productDateInicio];u8=[productId];u9=[produ...
https://ad.doubleclick.net/ddm/activity/src=11776257;dc_pre=CMiEkOy-2oYDFXlkHgId8rUNwg;type=invmedia;cat=v1mp_001;u1=[RTB_destID];u2=[pageType];u4=[productCountry];u6=[productDateFin];u7=[productDa...
https://adservice.google.com/ddm/fls/z/src=11776257;dc_pre=CMiEkOy-2oYDFXlkHgId8rUNwg;type=invmedia;cat=v1mp_001;u1=[RTB_destID];u2=[pageType];u4=[productCountry];u6=[productDateFin];u7=[productDat...

42 B
63 B

74ms
41ms

Image
image/gif

216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=11776257;dc_pre=CMiEkOy-2oYDFXlkHgId8rUNwg;type=invmedia;cat=v1mp_001;u1=[RTB_destID];u2=[pageType];u4=[productCountry];u6=[productDateFin];u7=[productDateInicio];u8=[productId];u9=[productName];u10=[productPrice];u11=[typology];u12=[transactionid];u14=[name];u18=[category];u19=[url];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?&n_one_v=20240403094329

Requested by

Host: ch365profile.net
URL: https://ch365profile.net/

Protocol

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ch365profile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jun 2024 06:43:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 14 Jun 2024 06:43:05 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"14258099483946459488"}],"aggregatable_trigger_data":[{"filters":[{"14":["14504174"]}],"key_piece":"0xe0e0f230c43ec17c","source_keys":["12","13","14","15","16","17","18","19","20","21","628561596","628561597","628561598","628561599","628862480","628862481","628862482","628862483","634802104","634802105","634802106","634802107","634971864","634971865","634971866","634971867"]},{"key_piece":"0xbc12243a058feeb0","not_filters":{"14":["14504174"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628561596","628561597","628561598","628561599","628862480","628862481","628862482","628862483","634802104","634802105","634802106","634802107","634971864","634971865","634971866","634971867"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628561596":59,"628561597":59,"628561598":59,"628561599":5778,"628862480":36,"628862481":36,"628862482":36,"628862483":3530,"634802104":81,"634802105":81,"634802106":81,"634802107":7946,"634971864":43,"634971865":43,"634971866":43,"634971867":4237},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"15127152508988690375","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"14258099483946459488","filters":[{"14":["14504174"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"14258099483946459488","filters":[{"14":["14504174"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"14258099483946459488","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"14258099483946459488","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["11776257"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
location: https://adservice.google.com/ddm/fls/z/src=11776257;dc_pre=CMiEkOy-2oYDFXlkHgId8rUNwg;type=invmedia;cat=v1mp_001;u1=[RTB_destID];u2=[pageType];u4=[productCountry];u6=[productDateFin];u7=[productDateInicio];u8=[productId];u9=[productName];u10=[productPrice];u11=[typology];u12=[transactionid];u14=[name];u18=[category];u19=[url];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?&n_one_v=20240403094329
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

src=11776257;dc_pre=CNKHkOy-2oYDFaVXHgIdDlMLrQ;type=invmedia;cat=profweb;u1=$%7Bdestination_id%7D;u2=;u3=$%7Bproduct_city%7D;u4=$%7Bproduct_country%7D;u5=$%7Bproduct_currency%7D;u6=$%7Bdate_end%7D;...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=11776257;type=invmedia;cat=profweb;u1=$%7Bdestination_id%7D;u2=;u3=$%7Bproduct_city%7D;u4=$%7Bproduct_country%7D;u5=$%7Bproduct_currency%7D;u6=$%7Bdate_e...
https://ad.doubleclick.net/ddm/activity/src=11776257;dc_pre=CNKHkOy-2oYDFaVXHgIdDlMLrQ;type=invmedia;cat=profweb;u1=$%7Bdestination_id%7D;u2=;u3=$%7Bproduct_city%7D;u4=$%7Bproduct_country%7D;u5=$%7...
https://adservice.google.com/ddm/fls/z/src=11776257;dc_pre=CNKHkOy-2oYDFaVXHgIdDlMLrQ;type=invmedia;cat=profweb;u1=$%7Bdestination_id%7D;u2=;u3=$%7Bproduct_city%7D;u4=$%7Bproduct_country%7D;u5=$%7B...

42 B
63 B

66ms
41ms

Image
image/gif

216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=11776257;dc_pre=CNKHkOy-2oYDFaVXHgIdDlMLrQ;type=invmedia;cat=profweb;u1=$%7Bdestination_id%7D;u2=;u3=$%7Bproduct_city%7D;u4=$%7Bproduct_country%7D;u5=$%7Bproduct_currency%7D;u6=$%7Bdate_end%7D;u7=$%7Bdate_start%7D;u8=;u9=;u10=$%7Bproduct_price%7D;u11=$%7Btypology%7D;u12=;u13=$%7Bsku%7D;u14=$%7Bname%7D;u15=$%7Bpaxes%7D;u16=;u17=$%7Baction%7D;u18=;u19=$%7Burl%7D;u20=$%7Blist%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?&n_one_v=20240403094330

Requested by

Host: ch365profile.net
URL: https://ch365profile.net/

Protocol

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ch365profile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jun 2024 06:43:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 14 Jun 2024 06:43:05 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"668871636465812312"}],"aggregatable_trigger_data":[{"filters":[{"14":["12444256"]}],"key_piece":"0x2d16249eb4c2fac6","source_keys":["12","13","14","15","16","17","18","19","20","21","628561596","628561597","628561598","628561599","628862480","628862481","628862482","628862483","634802104","634802105","634802106","634802107","634971864","634971865","634971866","634971867"]},{"key_piece":"0xaa37f8ef3e84b998","not_filters":{"14":["12444256"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628561596","628561597","628561598","628561599","628862480","628862481","628862482","628862483","634802104","634802105","634802106","634802107","634971864","634971865","634971866","634971867"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628561596":59,"628561597":59,"628561598":59,"628561599":5778,"628862480":36,"628862481":36,"628862482":36,"628862483":3530,"634802104":81,"634802105":81,"634802106":81,"634802107":7946,"634971864":43,"634971865":43,"634971866":43,"634971867":4237},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"14572270056594649310","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"668871636465812312","filters":[{"14":["12444256"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"668871636465812312","filters":[{"14":["12444256"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"668871636465812312","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"668871636465812312","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["11776257"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
location: https://adservice.google.com/ddm/fls/z/src=11776257;dc_pre=CNKHkOy-2oYDFaVXHgIdDlMLrQ;type=invmedia;cat=profweb;u1=$%7Bdestination_id%7D;u2=;u3=$%7Bproduct_city%7D;u4=$%7Bproduct_country%7D;u5=$%7Bproduct_currency%7D;u6=$%7Bdate_end%7D;u7=$%7Bdate_start%7D;u8=;u9=;u10=$%7Bproduct_price%7D;u11=$%7Btypology%7D;u12=;u13=$%7Bsku%7D;u14=$%7Bname%7D;u15=$%7Bpaxes%7D;u16=;u17=$%7Baction%7D;u18=;u19=$%7Burl%7D;u20=$%7Blist%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?&n_one_v=20240403094330
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://20838848p.rfihub.com/ca.gif?rb=32581&ca=20838848&ra=2180702391&_o=32581&_t=20838848&n_one_v=20240403094330
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336729491794804&referrer={encSite}&forward=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3F%26in%3D0%26google_nid%3Dzeta_intera...
https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MjMzNjcyOTQ5MTc5NDgwNA==&forward=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D18%26code%3D...

170 B
409 B

77ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MjMzNjcyOTQ5MTc5NDgwNA==&forward=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D18%26code%3D5142336729491794804https%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D1121%2526dpuuid%253D5142336729491794804%2526redir%253Dhttps%25253A%25252F%25252Fimage2.pubmatic.com%25252FAdServer%25252FPug%25253Fvcode%25253Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%25253D%25253D%252526piggybackCookie%25253D5142336729491794804%252526r%25253Dhttps%2525253A%2525252F%2525252Fus-u.openx.net%2525252Fw%2525252F1.0%2525252Fsd%2525253Fid%2525253D537073062%25252526val%2525253D5142336729491794804%25252526r%2525253Dhttps%252525253A%252525252F%252525252Fp.rfihub.com%252525252Fcm%252525253Fpub%252525253D24472%2525252526in%252525253D1https%25252525253A%25252525252F%25252525252Fcontextual.media.net%25252525252Fcksync.php%25252525253Fcs%25252525253D3%252525252526type%25252525253Drkt%252525252526ovsid%25252525253D5142336729491794804https%2525252525253A%2525252525252F%2525252525252Fbpi.rtactivate.com%2525252525252Ftag%2525252525252F%2525252525253Fid%2525252525253D11017%25252525252526user_id%2525252525253D5142336729491794804https%252525252525253A%252525252525252F%252525252525252Faa.agkn.com%252525252525252Fadscores%252525252525252Fg.pixel%252525252525253Fsid%252525252525253D9212192898%2525252525252526rf%252525252525253D5142336729491794804

Requested by

Host: ch365profile.net
URL: https://ch365profile.net/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ch365profile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jun 2024 06:43:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 14 Jun 2024 06:43:05 GMT
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: FRA56-C2
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MjMzNjcyOTQ5MTc5NDgwNA==&forward=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D18%26code%3D5142336729491794804https%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D1121%2526dpuuid%253D5142336729491794804%2526redir%253Dhttps%25253A%25252F%25252Fimage2.pubmatic.com%25252FAdServer%25252FPug%25253Fvcode%25253Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%25253D%25253D%252526piggybackCookie%25253D5142336729491794804%252526r%25253Dhttps%2525253A%2525252F%2525252Fus-u.openx.net%2525252Fw%2525252F1.0%2525252Fsd%2525253Fid%2525253D537073062%25252526val%2525253D5142336729491794804%25252526r%2525253Dhttps%252525253A%252525252F%252525252Fp.rfihub.com%252525252Fcm%252525253Fpub%252525253D24472%2525252526in%252525253D1https%25252525253A%25252525252F%25252525252Fcontextual.media.net%25252525252Fcksync.php%25252525253Fcs%25252525253D3%252525252526type%25252525253Drkt%252525252526ovsid%25252525253D5142336729491794804https%2525252525253A%2525252525252F%2525252525252Fbpi.rtactivate.com%2525252525252Ftag%2525252525252F%2525252525253Fid%2525252525253D11017%25252525252526user_id%2525252525253D5142336729491794804https%252525252525253A%252525252525252F%252525252525252Faa.agkn.com%252525252525252Fadscores%252525252525252Fg.pixel%252525252525253Fsid%252525252525253D9212192898%2525252525252526rf%252525252525253D5142336729491794804
content-length: 3091
x-amz-cf-id: B1ey1cdARYiJYiYFffCavMwwuIHR-kT3v5UbcaFfyy1qzpOPPT9O8w==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
74 KB 41ms
41ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11776257&n_one_v=20240403094330

Requested by

Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/civitatis-es245.js?z=0.6266155813685141

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7b283b87c6807333a22409ca065bddc9958ac1c4f7a0d2826abafaa362977384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75657
x-xss-protection: 0
last-modified: Fri, 14 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jun 2024 06:43:05 GMT

GET
H2 200 civitatis-es245_9517_0_1.js Show response
bucket.cdnwebcloud.com/ 255 B
639 B 8ms
7ms Script
application/javascript 18.173.205.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/civitatis-es245_9517_0_1.js?n_one_v=20240403094330
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/civitatis-es245.js?z=0.6266155813685141
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-128.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b65c2cec989135675159326171dc90cbe41b9d3b2527b0513d1e483c66d7c683

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 10:14:53 GMT
via: 1.1 f0b5999c895f4b29c49c485a0a825d0c.cloudfront.net (CloudFront)
last-modified: Wed, 03 Apr 2024 09:43:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
age: 6208093
etag: "be5a1c7c561b66469042fb17a07cae1d"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=17280000
accept-ranges: bytes
content-length: 255
x-amz-cf-id: Gi9ZVO7KnSk6TFtLz03b8wegSKDF-uNnOTlYkrktWzCFN8NyVVSZrg==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 12 KB
5 KB 34ms
6ms Script
application/x-javascript 108.138.40.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js?n_one_v=20240403094330
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/civitatis-es245.js?z=0.6266155813685141
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.40.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-40-116.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 14 Jun 2024 02:48:27 GMT
Content-Encoding: gzip
Via: 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront)
Last-Modified: Fri, 07 Jun 2024 09:20:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P2
Age: 14079
x-amz-server-side-encryption: AES256
ETag: W/"a7eb6794e868fe870db350518165c868"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: QDna9RrPdCdLtelugfkKPTEU2gKwttl5o30IIRliXOtTONt00p3sLg==

GET
H2 200 civitatis-es245_9517_0_5.js Show response
bucket.cdnwebcloud.com/ 370 B
753 B 8ms
7ms Script
application/javascript 18.173.205.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/civitatis-es245_9517_0_5.js?n_one_v=20240403094330
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/civitatis-es245.js?z=0.6266155813685141
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-128.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b0551edf5fcb32cab27a1e85b729d0ae64fbc9cfea89a0a07184bb1150bf27f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 10:14:53 GMT
via: 1.1 f0b5999c895f4b29c49c485a0a825d0c.cloudfront.net (CloudFront)
last-modified: Wed, 03 Apr 2024 09:43:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
age: 6208093
etag: "b12cc7bc81fb10eeafd0dd62e5939cbc"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=17280000
accept-ranges: bytes
content-length: 370
x-amz-cf-id: a-jx-iTcHB1XB-bHQsHCIQ4r7I5DeEsc6ZgbvG5HiUJwANNNOfUT2Q==

GET
H2 200 civitatis-es245_9517_0_6.js Show response
bucket.cdnwebcloud.com/ 510 B
893 B 9ms
8ms Script
application/javascript 18.173.205.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/civitatis-es245_9517_0_6.js?n_one_v=20240403094330
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/civitatis-es245.js?z=0.6266155813685141
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-128.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3489401c1d8222999b1ccea5dce3605a757be28895001e0952dacb9e3312f02e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 10:14:53 GMT
via: 1.1 f0b5999c895f4b29c49c485a0a825d0c.cloudfront.net (CloudFront)
last-modified: Wed, 03 Apr 2024 09:43:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
age: 6208093
etag: "8ca252e8154058ec2d90a977f2be8883"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=17280000
accept-ranges: bytes
content-length: 510
x-amz-cf-id: z1q9hP7RSP9FfQvhWEvyzLgWrbDBCtofNAU0ApzEalLxOl5FC00OpA==

GET
H2 200 civitatis-es245_9320_0_0.js Show response
bucket.cdnwebcloud.com/ 3 KB
1 KB 8ms
8ms Script
application/javascript 18.173.205.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/civitatis-es245_9320_0_0.js?n_one_v=20240403094334
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/civitatis-es245.js?z=0.6266155813685141
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-128.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5cdc429ea823a18e1a212c6e31e95eeb325bb87a91deafc65a898dbd851dd10b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 09:43:52 GMT
content-encoding: br
via: 1.1 f0b5999c895f4b29c49c485a0a825d0c.cloudfront.net (CloudFront)
last-modified: Wed, 03 Apr 2024 09:43:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
age: 6209954
etag: W/"0644f0e0a7746731158e5fc9c9d8ffaa"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=17280000
x-amz-cf-id: PWIFE9wVOePH7SrYArQOVAgyVBTQ_W1OqAsnOiy254szQOglZWXVoQ==

GET
H3 200 /
ch365profile.net/ 123 KB
19 KB 278ms
277ms Font
text/html 172.67.210.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ch365profile.net/?18fc218a116a51b9e1980654a6c986f9=&_=%2Fblog%2Fwp-content%2Fthemes%2Fcivitatis%2Fdist%2Ffonts%2F.%2Ficons.ttf%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Requested by: Host: ch365profile.net
URL: https://ch365profile.net/?ver=1.0.development-0&_=%2Fblog%2Fwp-content%2Fthemes%2Fcivitatis%2Fdist%2Ffonts%2Ficons.css%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 8287962bd9a8f0ded4e671822c45949f98b6c59a377bc4b2e2039c45da0d5206

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/?ver=1.0.development-0&_=%2Fblog%2Fwp-content%2Fthemes%2Fcivitatis%2Fdist%2Ffonts%2Ficons.css%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Origin: https://ch365profile.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0XESGCj%2BgvqAMNUjKKdIGqT1xvWgmdD3W7xRauvw%2FSzBHqMhNqRjIxKHPpkE50fmDhHGcLkIkzsHyvSAVc7%2B6oop0vEj85pD0Qh71R8%2FwAl0BRffSxtahbp0fVj49BgFXR9E"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store
cf-ray: 89385817e9ab9945-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 59ms
41ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13q3q3q2q5&tag_exp=0&rnd=1043955903.1718347386&url=https%3A%2F%2Fch365profile.net%2F&dma_cps=-&dma=1&npa=1&tcfd=10001&gtm=45fe46c0za200&gdid=dMTc4Zm&frm=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-11776257&n_one_v=20240403094330

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 14 Jun 2024 06:43:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 46ms
8ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/civitatis-es245_9517_0_6.js?n_one_v=20240403094330
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 21 Jun 2024 06:43:05 GMT

GET
H2 200 atd Show response
neural04.cdnwebcloud.com/ 0
221 B 101ms
31ms Script
text/plain 54.74.135.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://neural04.cdnwebcloud.com/atd?0.7444532383042215&touchpoint%5Bplatform%5D=Win32&touchpoint%5Bhref%5D=https%3A%2F%2Fch365profile.net%2F&touchpoint%5Blocal_storage%5D=&touchpoint%5Bscreen_width%5D=1600&touchpoint%5Bscreen_height%5D=1200&touchpoint%5Breferrer%5D=&touchpoint%5Btag_id%5D=9320&touchpoint%5Bcustom_vars%5D%5Bpathname%5D=%2F&callback=readResponse
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/civitatis-es245_9320_0_0.js?n_one_v=20240403094334
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.135.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-135-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 14 Jun 2024 06:43:05 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 rules-p--3G5v09rte55H.js Show response
rules.quantcount.com/ 222 B
704 B 195ms
159ms Script
application/javascript 2600:9000:20ae:2a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p--3G5v09rte55H.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:2a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2562bdbdeb83b9c5e2955543ec0aaa56f9802b2c8a61f694771a21661a57a533

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:05 GMT
via: 1.1 39665d11bf385fb9aabc991f857b37dc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
age: 38
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 222
last-modified: Wed, 18 Jan 2023 11:48:28 GMT
server: AmazonS3
etag: "2941ff4e22e83cd119929c1cb26ff4dd"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: QQJ4rcxklUJRNZVvqIbvRdZPdnMsV0KJFfrv8ssS_wpBtNJqv5EQNA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
81 KB 38ms
37ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-216706797&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWH47P4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

75305479e2d520b5b2f5548723706cfaf790ae42c562fa3bee84b84fcc1e3889

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83305
x-xss-protection: 0
last-modified: Fri, 14 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jun 2024 06:43:06 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 53ms
52ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-881088637&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWH47P4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6028f649458555ac17a913c4f8030abebccaaec2777276a38fc1a71cced3d1b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93190
x-xss-protection: 0
last-modified: Fri, 14 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jun 2024 06:43:06 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 56ms
56ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-8239069&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWH47P4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

423fca7ab49e5f6a49b28fca5737ba51c6e66fce7e2ccc68ce1f3de120c25287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79614
x-xss-protection: 0
last-modified: Fri, 14 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jun 2024 06:43:06 GMT

GET
H3 200 /
ch365profile.net/ 688 B
1 KB 202ms
196ms Other
image/webp 172.67.210.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ch365profile.net/?_=%2Fblog%2Fwp-content%2Fmu-plugins%2Ffavicon%2Fdefault%2Ffavicon-32x32.png%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: c982fc3c7f0c9bcb792beae67f8c1076df7e434716c980e28ba753dad605e8ce

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 06:43:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x38x7kLAjal9AifWLP3GNnfp%2FPBkP5D7A2j%2BeO%2BhHPSBX5UlgM6xYIkZ3bxNmwafEZE%2BhMxdpu0g8hNksCN4S8kUFmzYJnPyvOYVKirGOILmlzEFDvdsVRTYN7%2BZr1Zqzzct"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cf-ray: 8938581a9bb39945-FRA
alt-svc: h3=":443"; ma=86400
content-length: 688

GET
H2

200

src=8239069;dc_pre=CPSguOy-2oYDFWUPogMdGZUAcw;type=audie0;cat=civit0;ord=7491073127607;npa=1;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=8239069;type=audie0;cat=civit0;ord=7491073127607;npa=1;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;...
https://ade.googlesyndication.com/ddm/activity/src=8239069;dc_pre=CPSguOy-2oYDFWUPogMdGZUAcw;type=audie0;cat=civit0;ord=7491073127607;npa=1;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=un...

42 B
118 B

44ms
43ms

Image
image/gif

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=8239069;dc_pre=CPSguOy-2oYDFWUPogMdGZUAcw;type=audie0;cat=civit0;ord=7491073127607;npa=1;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u17=undefined;u18=undefined;u20=undefined;u21=ch365profile.net;gdid=dMTc4Zm;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46c0v9136164887z877420407za201zb77420407;gcs=G100;gcd=13q3qPq2q5;dma_cps=-;dma=1;tcfd=10001;tag_exp=0;epver=2;~oref=https%3A%2F%2Fch365profile.net%2F?

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ch365profile.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jun 2024 06:43:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Jun 2024 06:43:06 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=8239069;dc_pre=CPSguOy-2oYDFWUPogMdGZUAcw;type=audie0;cat=civit0;ord=7491073127607;npa=1;u1=undefined;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u9=undefined;u10=undefined;u11=undefined;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=undefined;u17=undefined;u18=undefined;u20=undefined;u21=ch365profile.net;gdid=dMTc4Zm;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46c0v9136164887z877420407za201zb77420407;gcs=G100;gcd=13q3qPq2q5;dma_cps=-;dma=1;tcfd=10001;tag_exp=0;epver=2;~oref=https%3A%2F%2Fch365profile.net%2F?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
match.adsrvr.org/track/upb/ Frame BD7C
Redirect Chain

https://insight.adsrvr.org/track/up?adv=xq0aitp&ref=https%3A%2F%2Fch365profile.net%2F&upid=tsmzs4r&upv=1.1.0&td1=&td2=${product_city}&td3=${product_country}
https://match.adsrvr.org/track/upb/?adv=xq0aitp&ref=https%3A%2F%2Fch365profile.net%2F&upid=tsmzs4r&upv=1.1.0&td1=&td2=${product_city}&td3=${product_country}

0
0

40ms
34ms

Document
text/html

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=xq0aitp&ref=https%3A%2F%2Fch365profile.net%2F&upid=tsmzs4r&upv=1.1.0&td1=&td2=${product_city}&td3=${product_country}
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js?n_one_v=20240403094330
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ch365profile.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 0
content-type: text/html
date: Fri, 14 Jun 2024 06:43:07 GMT
server: Kestrel

Redirect headers

content-length: 363
date: Fri, 14 Jun 2024 06:43:07 GMT
location: https://match.adsrvr.org/track/upb/?adv=xq0aitp&ref=https%3A%2F%2Fch365profile.net%2F&upid=tsmzs4r&upv=1.1.0&td1=&td2=${product_city}&td3=${product_country}
server: Kestrel

GET
H2 200 civitatis-es245_9321_0_0.js Show response
bucket.cdnwebcloud.com/ 2 KB
1 KB 8ms
7ms Script
application/javascript 18.173.205.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/civitatis-es245_9321_0_0.js?n_one_v=20240403094332
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/civitatis-es245.js?z=0.6266155813685141
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-128.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e51baad3052559fdb0d258d0c0838baadc830cfdd6e2fede0d2f1055e62f218

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 09:43:43 GMT
content-encoding: br
via: 1.1 f0b5999c895f4b29c49c485a0a825d0c.cloudfront.net (CloudFront)
last-modified: Wed, 03 Apr 2024 09:43:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
age: 6209965
etag: W/"bf2e22d8b96ce282f35341041bfdb426"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=17280000
x-amz-cf-id: Z1JUzJ-Pr3oCXpHirtwGeNpmESCi8QTCcBGAnqdZrsrA8WEjmQmICQ==

GET
H2 200 atd Show response
neural04.cdnwebcloud.com/ 0
220 B 31ms
31ms Script
text/plain 54.74.135.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://neural04.cdnwebcloud.com/atd?0.028415164977753316&touchpoint%5Bplatform%5D=Win32&touchpoint%5Bhref%5D=https%3A%2F%2Fch365profile.net%2F&touchpoint%5Blocal_storage%5D=&touchpoint%5Bscreen_width%5D=1600&touchpoint%5Bscreen_height%5D=1200&touchpoint%5Breferrer%5D=&touchpoint%5Bcustom_params%5D%5B01%20Fecha%20Inicio%5D=&touchpoint%5Bcustom_params%5D%5B02%20Fecha%20Fin%5D=&touchpoint%5Bcustom_params%5D%5B03%20Nombre%20Producto%5D=&touchpoint%5Bcustom_params%5D%5B04%20Tipo%20Producto%5D=&touchpoint%5Bcustom_params%5D%5B05%20Tipo%20P%C3%A1gina%5D=&touchpoint%5Bcustom_params%5D%5B06%20Moneda%5D=&touchpoint%5Bcustom_params%5D%5B07%20Idioma%5D=&touchpoint%5Bcustom_params%5D%5B09%20Path%20Name%5D=%2F&touchpoint%5Bcustom_params%5D%5B10%20Page%20Title%5D=Visiter%20la%20Suisse%20%3A%2010%20destinations%20incontournables%20-%20Civitatis&touchpoint%5Bcustom_params%5D%5Bmcp1%5D=&touchpoint%5Bcustom_params%5D%5Bmcp2%5D=&touchpoint%5Bcustom_params%5D%5Bmcp3%5D=&touchpoint%5Bcustom_params%5D%5Bmcp4%5D=&touchpoint%5Bcustom_params%5D%5Bmcp5%5D=&touchpoint%5Bcustom_params%5D%5Bmcp6%5D=&touchpoint%5Bcustom_params%5D%5Bmcp7%5D=&touchpoint%5Bcustom_params%5D%5Bmcp9%5D=%2F&touchpoint%5Bcustom_params%5D%5Bmcp10%5D=Visiter%20la%20Suisse%20%3A%2010%20destinations%20incontournables%20-%20Civitatis&touchpoint%5Btag_id%5D=9321&touchpoint%5Btptype%5D=4&callback=readResponse
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/civitatis-es245_9321_0_0.js?n_one_v=20240403094332
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.135.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-135-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 14 Jun 2024 06:43:07 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 15ms
14ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QJQ54CTKPM&gtm=45je46c0v888201735z877420407za200zb77420407&_p=1718347384841&gcs=G100&gcd=13q3qPq2q5&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=0&gdid=dMTc4Zm&gtm_up=1&cid=1462146039.1718347385&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&sid=1718347385&sct=1&seg=0&dl=https%3A%2F%2Fch365profile.net%2F&dt=Visiter%20la%20Suisse%20%3A%2010%20destinations%20incontournables%20-%20Civitatis&_s=2&tfd=10403&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-QJQ54CTKPM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://ch365profile.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 14 Jun 2024 06:43:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ch365profile.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.civitatis.com/	1970-01-21 01:41:55	Name: currency Value: EUR
www.civitatis.com/	1970-01-21 01:41:55	Name: civ_lang Value: en
.ch365profile.net/	1970-01-21 06:06:09	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTkwMTU3YzQtOWQwZS02ZDIxLThjYWQtZDk4Y2MzNGIyMGY2IiwiY3JlYXRlZCI6IjIwMjQtMDYtMTRUMDY6NDM6MDUuMjk2WiIsInVwZGF0ZWQiOiIyMDI0LTA2LTE0VDA2OjQzOjA1LjI5N1oiLCJ2ZXJzaW9uIjpudWxsfQ==
ch365profile.net/	1970-01-21 06:04:50	Name: __rtbh.lid Value: %7B%22eventType%22%3A%22lid%22%2C%22id%22%3A%22bJISOleiktx6rLLxERO3%22%7D
.creativecdn.com/	1970-01-21 06:04:43	Name: g Value: hm6wEMPENhki9nZlPpwj_1718347385483
.creativecdn.com/	1970-01-21 06:04:43	Name: c Value: hm6wEMPENhki9nZlPpwj_X0MoQBIoP35TSmmNfa4o_1718347385483
.creativecdn.com/	1970-01-21 06:04:43	Name: ts Value: 1718347385
.doubleclick.net/	1970-01-20 21:19:08	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 22:02:19	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 01:38:19	Name: receive-cookie-deprecation Value: 1
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3sjSxNDS3NLEwMBHiM9StMEsJS0wu9InMSTYBAArhh7wlAAAA
.rfihub.com/	1970-01-21 06:40:43	Name: eud Value: H4sIAAAAAAAA_5vFyGtobmhhbGJubGFqZmCxCY2_C43_Co2_iglNPxr_Fguaedyo_EfCqHwAzDoVNZAAAAA
.rfihub.com/	1970-01-21 06:40:43	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3sjSxNDS3NLEwMBHiM9StMEsJS0wu9InMSTYBAArhh7wlAAAA
.neural04.cdnwebcloud.com/	1970-01-21 06:04:43	Name: n_one Value: 5a97fa40-2a19-11ef-9326-0242ac110002
.rezync.com/	1970-01-21 01:38:19	Name: zync-uuid Value: 15abaf08-32ec-4868-97ad-a5b38813b349:1718347385.7196124
live.rezync.com/	1970-01-21 01:38:19	Name: sd-session-id Value: .eJwNzEEKwyAQQNG7zDqWjDPq6GWCJlOQNrbEdNPQu9flh8e_YHnrseem7YR0Hh-dYH3WUR3SBb1-d31AAodsiXywkSOGyDIz_Cbo2nt9taVuw6DLJd9nMWR1NSxeTAx5M9kVEkEqxDFhQCEOJO4WMHq04_MHstUlfQ.ZmvmeQ.oLoY92b1l7BuwqQwzBCFSy5XDGE
.adsrvr.org/	1970-01-21 06:04:43	Name: TDID Value: a6fd1e47-1865-4473-8949-65a31182c585

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://ch365profile.net/ Message: Failed to decode downloaded font: https://ch365profile.net/?18fc218a116a51b9e1980654a6c986f9=&_=%2Fblog%2Fwp-content%2Fthemes%2Fcivitatis%2Fdist%2Ffonts%2F.%2Ficons.woff2%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
other	warning	URL: https://ch365profile.net/ Message: OTS parsing error: invalid sfntVersion: 171712868
other	warning	URL: https://ch365profile.net/ Message: Failed to decode downloaded font: https://ch365profile.net/?18fc218a116a51b9e1980654a6c986f9=&_=%2Fblog%2Fwp-content%2Fthemes%2Fcivitatis%2Fdist%2Ffonts%2F.%2Ficons.woff%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
other	warning	URL: https://ch365profile.net/ Message: OTS parsing error: invalid sfntVersion: 171712868
other	warning	URL: https://ch365profile.net/ Message: Failed to decode downloaded font: https://ch365profile.net/?18fc218a116a51b9e1980654a6c986f9=&_=%2Fblog%2Fwp-content%2Fthemes%2Fcivitatis%2Fdist%2Ffonts%2F.%2Ficons.ttf%23KJWqMdlUlBn8PPpbUxT2jp%2F0bIhzVVyupg%3D%3D
other	warning	URL: https://ch365profile.net/ Message: OTS parsing error: invalid sfntVersion: 171712868

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20838848p.rfihub.com
ad.doubleclick.net
ade.googlesyndication.com
adservice.google.com
ams.creativecdn.com
bucket.cdnwebcloud.com
ch365profile.net
cm.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
live.rezync.com
match.adsrvr.org
neural04.cdnwebcloud.com
pagead2.googlesyndication.com
region1.google-analytics.com
rules.quantcount.com
sdk.privacy-center.org
secure.quantserve.com
tags.creativecdn.com
www.civitatis.com
www.googletagmanager.com
108.138.40.116
13.32.27.83
142.250.181.230
142.250.185.130
142.250.185.72
142.250.186.162
15.197.193.217
172.67.210.183
18.173.205.128
185.184.8.90
193.0.160.131
2001:4860:4802:34::36
216.58.206.66
2600:9000:20ae:2a00:6:44e3:f8c0:93a1
2600:9000:26e8:4a00:5:b7cc:d3c0:93a1
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:80e::2008
2a02:6ea0:c700::22
2a04:4e42:400::347
3.161.82.117
54.74.135.15
012c028caf844869b53415bb60f40047ee9b6b8bb34faafb498f7466137693ba
044a72b0f011ee6f493fa1488fe0c0e92c5595f7ad4500e1c0061665fa7b560b
079bee2b0fea957b4b9d2193c12b22bafe5c5e42481376eda2e5b037bb3f1e79
0843a458b26afabacb40edbbe322ff6008400325b536ce111270a230bc2affc7
09d4592921c1812e7ad5c59c9d28b36db95e3ee35dfc3cf45f0b58d2ed89587d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
224d4662389d12757dce0862a8ba9ba8d0165af3e0a5d79a26422b3ed6100f26
2562bdbdeb83b9c5e2955543ec0aaa56f9802b2c8a61f694771a21661a57a533
3489401c1d8222999b1ccea5dce3605a757be28895001e0952dacb9e3312f02e
423fca7ab49e5f6a49b28fca5737ba51c6e66fce7e2ccc68ce1f3de120c25287
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5cdc429ea823a18e1a212c6e31e95eeb325bb87a91deafc65a898dbd851dd10b
5e51baad3052559fdb0d258d0c0838baadc830cfdd6e2fede0d2f1055e62f218
6028f649458555ac17a913c4f8030abebccaaec2777276a38fc1a71cced3d1b4
63cb0d2ecc966c4948f32e15eb66d25cdf58f4e0bcc2b73209684687d14d127c
6a80241e6b7c3d99be3150819e2285d3156d704630c7765b4ec03adcde162baa
6bc5622bfab1a16855ad49b99a3f9ed8eb24f49da469a113f9000b866f109e2e
7209ffdfb57c6bc64cd670efefc41792c372e719b761c94196be4b031823eb70
752d3a25f1f4f2160844965060ff64e15e77e213a91f63cf4471ec1371e03329
75305479e2d520b5b2f5548723706cfaf790ae42c562fa3bee84b84fcc1e3889
79c21d1eab39028d1cc910d7e8fc875a65a07be8bd1c8539b2876149d3658c0d
7b283b87c6807333a22409ca065bddc9958ac1c4f7a0d2826abafaa362977384
7d3e81ed2dd66eecaef530509a8c08f0381658e7b943efe372936e6dfe9b900b
8287962bd9a8f0ded4e671822c45949f98b6c59a377bc4b2e2039c45da0d5206
857d22d605b73225496a6ea7a6a08ced83cb17f1ca3a18f9c5f2cc2f133ab6b3
8b0551edf5fcb32cab27a1e85b729d0ae64fbc9cfea89a0a07184bb1150bf27f
8cfeeafe178404467390e54b2f03d0f19704c86b6fec05f7cb36eeab87716c7a
a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d
ab9b6c68459beb760c5ace940bd2d0182f044bd7dddf7929cb2f1072caeb5f60
af3dbe35acd1d8aaa2c25c85084f058e2512ee5504b16897e909d37adf272f37
b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3
b65c2cec989135675159326171dc90cbe41b9d3b2527b0513d1e483c66d7c683
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
be6782a8a0617c64e1eaf887f6771ac1e4ead25232ffcf133e5cba77b7379e76
c982fc3c7f0c9bcb792beae67f8c1076df7e434716c980e28ba753dad605e8ce
ccffcbaa9355b45580520d055f62bd96fc3f2390bab64a750ab8c870298d10c3
cd854d3a381b2d652f4ffa2ae0a7a6abe77420b409d656bba2a9bfbda868205a
d17f4c059df56f6c6487cae6253e261b22eb5aad0fbef729c5c17dfade4f3eaa
d3cea9e19a517fc8cd79391384f22a21efbabafd81bcf999381ed7a5660eccf1
d856fceaad6576c825e8b0a9a8b4bf90c2f11ba2163b1621db4d1bd2f354e9c0
e3600cc25cbdfdad2485dd8c87c988266246d2f36bfa67a039dc2739091dab53
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebee1b325f2ad4805605a848e4c87026175da76b9e2a63a816271f0ac6bbba1d
ec46050c21aa4b8cc413020f387b7d4d4b3b384e0b97ecda3a5d361fb67f8f58
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f7fc49aa85ac6110977d72a2c89ad587f0fa07e1b13ff07fd02096089c37438f
f87339e3a37ba30f0daec260d56b2614068cbbe6362b9c8eae9f5601f9f5c51d
ff5a8f450fbf238cf81223841455f70a9358a8018bacd585a03f9838a9d3d564

ch365profile.net Open in urlscan Pro 172.67.210.183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

92 %HTTPS

33 %IPv6

15 Domains

21 Subdomains

19 IPs

4 Countries

2381 kBTransfer

4875 kBSize

17 Cookies

1 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ch365profile.net Open in urlscan Pro
172.67.210.183 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

92 %
HTTPS

33 %
IPv6

15
Domains

21
Subdomains

19
IPs

4
Countries

2381 kB
Transfer

4875 kB
Size

17
Cookies

64 HTTP transactions
1 data transactions