Submitted URL: http://url9615.anyvibes.com/ls/click?upn=5-2BUCn59MAkPYZJQLjHmdjSGW-2FgMLPgIB3QeTssvBLBI3KTEK-2F1Cyh437-2FjLY-2BUhUdlPD_391I...
Effective URL: https://funclub.rw/eSign/
Submission Tags: falconsandbox
Submission: On October 24 via api from US

Summary

This website contacted 13 IPs in 3 countries across 15 domains to perform 43 HTTP transactions. The main IP is 2606:4700:3033::ac43:b4ef, located in United States and belongs to CLOUDFLARENET, US. The main domain is funclub.rw.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 29th 2020. Valid for: a year.
This is the only time funclub.rw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
20 funclub.rw funclub.rw
4 pagead2.googlesyndication.com funclub.rw
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 stackpath.bootstrapcdn.com funclub.rw
stackpath.bootstrapcdn.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 certify.alexametrics.com funclub.rw
1 certify-js.alexametrics.com funclub.rw
1 cdnjs.cloudflare.com funclub.rw
1 code.jquery.com funclub.rw
1 www.googletagmanager.com funclub.rw
1 fonts.googleapis.com funclub.rw
1 url9615.anyvibes.com 1 redirects
43 17

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-29 -
2021-07-29
a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2020-09-22 -
2021-10-12
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA
2020-10-06 -
2021-10-16
a year crt.sh
certify-js.alexametrics.com
Amazon
2020-07-12 -
2021-08-12
a year crt.sh
*.gstatic.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
certify.alexametrics.com
Amazon
2020-07-12 -
2021-08-12
a year crt.sh
*.google.de
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.google.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh

This page contains 4 frames:

Primary Page: https://funclub.rw/eSign/
Frame ID: B3935AA4F02BA5931A66135BE95308B2
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/zrt_lookup.html
Frame ID: 0095CC8C9C8F22BBD9A5924FEB5B15EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8563519530061720&output=html&adk=1812271804&adf=3025194257&lmt=1603510558&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Ffunclub.rw%2FeSign%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603510558465&bpp=15&bdt=204&idt=116&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=594181835653&frm=20&pv=2&ga_vid=538335532.1603510559&ga_sid=1603510559&ga_hid=727592214&ga_fc=0&iag=0&icsg=535055&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2943983718866203&pem=151&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=136
Frame ID: 903D2D07D2A50470C5312033EEB19D30
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: 4A339AD2A9D5C61C474F880ED7952BE6
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://url9615.anyvibes.com/ls/click?upn=5-2BUCn59MAkPYZJQLjHmdjSGW-2FgMLPgIB3QeTssvBLBI3KTEK-2F1Cyh437-... HTTP 302
    https://funclub.rw/eSign/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

43
Requests

100 %
HTTPS

79 %
IPv6

15
Domains

17
Subdomains

13
IPs

3
Countries

847 kB
Transfer

1908 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://url9615.anyvibes.com/ls/click?upn=5-2BUCn59MAkPYZJQLjHmdjSGW-2FgMLPgIB3QeTssvBLBI3KTEK-2F1Cyh437-2FjLY-2BUhUdlPD_391I7BtNCk9rhLfO5-2B8eQ9Zq-2BCaJMUricWNIicTx96y0ILcsMteR7g667uTaAkCWWiovs-2BwADZOxr75EuFvPQ4QRhFqEAju6R7ATbp0xT7cHG5M6amHiR6s2v3JsyFXU511L46-2BW927ET3UfuBeaUsgFf9bs96guxn-2FI2JTn2CDNglZ0GKt5nEYvRGiWaSernGqMzNIXspxtvLb46U4Touu-2Fgs8np4Ls1Ne4EqeZ6lXr0SXeklM9W67hIU7Ko1I7IseTo3lRDfv5mfP-2B-2FHH4U-2FmYizkCddJa9UIyTiYEUItS1lrkY0nXTfawxAHuW5WBJmmjickrSKPncI6eSlpUOnATmb0-2F9tzyf3gp8lhwb165ZLpGx-2BJUWHYhUOdKWK5X5R8mJ9u9UrBmnHUQyIrxEMBBm5AUEkxRGQsisqwOCySs2-2BYc6nKtJpP5q9iDEN6BU5LVHmG5HYxD60AXCWBC6iqoL5bv3bpRdVIK7K6w1SXdNYgUbz4JiSU1d1TZtPYphbex8P7YjkwDO2Ms6eAcArDlZ17Ti6Im5nQy5WSrQv3cLK-2BlOQH3Yk1jpeeWnV5N37fJtZO3PS73UA8BdoPyA8ayFLEuO0U-2FPePAPvUjwOb6ZH78TJQAp8POhOOJnmcEYF3VlBEUXxlnZ3KaAZjZNoY4ok8FvJw-2BZs7jj6F1-2FlprzZbGUg8K0Key0BEGPDsr28ZFXJKcfajaX8m0lhUK-2BSLrDedqyme8LcxwQmD-2BQ9AkK7jU5HM-2B1GWQREhd1z-2FEDgdc5EeKWITc5Nu-2F4vvVrU0kqxoQ65NqMmGZMZpdTcGnS5YRbJ8UqQI1gv4fE7h7JRLSUxPPZOq5dRtIrxbyUT-2F-2FT1NmW4kBsCNjtphj38gclzMhzQuoCvwYh-2BxLlA-2FTgGOOVDHwkdbjW5JkiJe8c8kJahrcbNmpW62A38gRrFQ-2BHW1r8FPsboqLP3m1Ct6CHYa9Epxq1rg1DdAIweNgbOK-2BtkpNykTzC7C2b8Y6AfjffvAjiQE2JrR-2Bomf16f6PMSFD1-2FXibjuuT-2B1ZqxppCQ-3D-3D HTTP 302
    https://funclub.rw/eSign/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
funclub.rw/eSign/
Redirect Chain
  • http://url9615.anyvibes.com/ls/click?upn=5-2BUCn59MAkPYZJQLjHmdjSGW-2FgMLPgIB3QeTssvBLBI3KTEK-2F1Cyh437-2FjLY-2BUhUdlPD_391I7BtNCk9rhLfO5-2B8eQ9Zq-2BCaJMUricWNIicTx96y0ILcsMteR7g667uTaAkCWWiovs-2Bw...
  • https://funclub.rw/eSign/
20 KB
6 KB
Document
General
Full URL
https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
922e160c8a5ca6953e502c7448537511661e0dbb21f7fe920fa638d225c520cf

Request headers

:method
GET
:authority
funclub.rw
:scheme
https
:path
/eSign/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
404
date
Sat, 24 Oct 2020 03:35:58 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d852107b6d09dade53ed8ebfa1a80b3061603510557; expires=Mon, 23-Nov-20 03:35:57 GMT; path=/; domain=.funclub.rw; HttpOnly; SameSite=Lax; Secure
vary
Cookie,Accept-Encoding
composed-by
SPIP 3.2.1 @ www.spip.net + https://funclub.rw/local/config.txt
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-spip-cache
86400
last-modified
Sat, 24 Oct 2020 03:35:58 GMT
cf-cache-status
DYNAMIC
cf-request-id
05fa4673500000c29f0aa96000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7XGPzgpH8%2BqUIT5bcKZ0jf%2Bi7zVp2XMV6ozpkDjJpxAFBdeDIwN1gLvsgreX%2BREKQWldfxPiRFT0R0rJYphhOaqDFVEJmd9wpPs%2FERRsoEv82J5A6mMd"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5e70a6987811c29f-FRA
content-encoding
br

Redirect headers

Server
nginx
Date
Sat, 24 Oct 2020 03:35:57 GMT
Content-Type
text/html; charset=utf-8
Content-Length
48
Connection
keep-alive
Location
https://funclub.rw/eSign/
X-Robots-Tag
noindex, nofollow
bootstrap.min.css
funclub.rw/assets/bootstrap/css/
141 KB
18 KB
Stylesheet
General
Full URL
https://funclub.rw/assets/bootstrap/css/bootstrap.min.css
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 09 May 2019 14:52:58 GMT
server
cloudflare
age
2817
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=43upCjfOd8zEMNZqjB2IRMF2kce6C6IOHJLEpjj%2B5rPGyGnlMeXpR9S3Qj05z2IGLRIf%2Bcu5pGsVhaK2kwILbnJa%2BsvjR1w0CLUdvbao54rwzQg8Oy7l"}],"group":"cf-nel","max_age":604800}
content-type
text/css
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5e70a69d2c81c29f-FRA
cf-request-id
05fa46763b0000c29fe426b000000001
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
status
200
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
stylesheet.css
funclub.rw/assets/stylesheet/
19 KB
5 KB
Stylesheet
General
Full URL
https://funclub.rw/assets/stylesheet/stylesheet.css?t=150
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0c88d0a993d24cf5bf6daadde6341e82011c9f3340c20e75dedca297d3d2b47

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Jul 2020 09:35:27 GMT
server
cloudflare
age
2817
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L51%2FO3Vrw1iR5qg%2BeoUjxTlM44k48fhQ3Npnr2tNYu5swASEPwSGBdDBlGxCqZ50kKBhfRERYY1lBqhS%2FtGNypBKnzC6eNQszrQeKuodxOBxIc77zF2R"}],"group":"cf-nel","max_age":604800}
content-type
text/css
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5e70a69d2c83c29f-FRA
cf-request-id
05fa46763b0000c29fc98c5000000001
magnific-popup.min.css
funclub.rw/assets/stylesheet/
6 KB
2 KB
Stylesheet
General
Full URL
https://funclub.rw/assets/stylesheet/magnific-popup.min.css?t=3
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10fd74f8a0d2a4446db79aa5edcf6c5a3675f94c7360a405615f85a455d28442

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Jun 2019 13:27:34 GMT
server
cloudflare
age
2817
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2GZNYE%2FzGYlP09Dq%2F7oUGOF6nrRBC64rPKYysgEI%2BS7L9uQqfOTR7CHR5NExsOf3nThlOG%2B96MdxPyyFJYqAEqBH%2BY8gmMBVfIGG7oq9g%2FCH1SYqhHUO"}],"group":"cf-nel","max_age":604800}
content-type
text/css
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5e70a69d2c84c29f-FRA
cf-request-id
05fa46763c0000c29fb688a000000001
css
fonts.googleapis.com/
26 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e98a84d201a5ce748c59f64fe3b5341601b863b3fff7d63a045aa6f655edf08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Oct 2020 03:17:16 GMT
server
ESF
date
Sat, 24 Oct 2020 03:35:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Oct 2020 03:35:58 GMT
js
www.googletagmanager.com/gtag/
94 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-143968592-1
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fb1c60505b62218c999ae747448f8364911a4f3d83d04a89c74c9d35b5ec58f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37945
x-xss-protection
0
last-modified
Sat, 24 Oct 2020 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Oct 2020 03:35:58 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
131 KB
46 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15ef3bdcf9b61756713a5d64761b0d8c7e04f2be45bc87701e725451b911fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
45803
x-xss-protection
0
server
cafe
etag
337378925373862909
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 24 Oct 2020 03:35:58 GMT
siteon0.png
funclub.rw/IMG/
23 KB
23 KB
Image
General
Full URL
https://funclub.rw/IMG/siteon0.png?1561471474
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a1704500f1fc30b986e460f445fef3abd46d7e96f75ccc3ebaad51b3e3ee30a

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2817
status
200
content-length
23306
cf-request-id
05fa46765e0000c29fa4020000000001
last-modified
Tue, 25 Jun 2019 14:04:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3u92ZFoXSOc08M%2FLCY3qJ5ngIT09EDo%2FErChn41nMJeuRz32Gr4GAPzqlLL9Rkv8Ru4hQNAJ6Uok0OvANIKHZJ%2F5AIYUZTz6zhxdkvYWNtdAihg%2FQMJ9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5e70a69d6cb9c29f-FRA
7b81c9b6979a006c8751aecc7b5336.jpg
funclub.rw/local/cache-gd2/bb/
15 KB
15 KB
Image
General
Full URL
https://funclub.rw/local/cache-gd2/bb/7b81c9b6979a006c8751aecc7b5336.jpg?1593735383
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b6fd561fb7f7e5bc53d42ef77a3969685e2265ce1f99fa852144a183274280

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Jul 2020 00:16:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ltq1c9JyZPBrwpq7%2BAw%2FAMp9bQ1EIO3w5xpEJva6TZTmO56h%2BFr4Uc7DA7i2qVje7xFyQGDMbg%2BzkDe6cv5IQqSCr0XaYjtySTmFf9TKcWvv9VBT1dxE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5e70a69d6cbac29f-FRA
content-length
15078
cf-request-id
05fa46765f0000c29fc00ae000000001
1684b7e72c17c7c1cae616029efa57.jpg
funclub.rw/local/cache-gd2/05/
30 KB
30 KB
Image
General
Full URL
https://funclub.rw/local/cache-gd2/05/1684b7e72c17c7c1cae616029efa57.jpg?1600696192
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e096db1786e0a7d009bd49022302e1891737fa6d631814f63309359345ca1e1e

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
cf-cache-status
MISS
last-modified
Mon, 21 Sep 2020 13:49:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j8cWL%2FhBVG0lviRDgVYvHYgOlxHm2as8ybyV1sy2xqAFNdyTjRnK07yHuGGPXjDl4hCi40zQ7RxS9u98r0mFpDuAiJCFDlAnRz58Zo9lIsMTSZPkdgaQ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5e70a69d6cbcc29f-FRA
content-length
30738
cf-request-id
05fa46765f0000c29fc28ef000000001
790b1cb6c677f0e1b2b37d80134b52.jpg
funclub.rw/local/cache-gd2/7f/
39 KB
40 KB
Image
General
Full URL
https://funclub.rw/local/cache-gd2/7f/790b1cb6c677f0e1b2b37d80134b52.jpg?1595514570
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70acc3eb483706f959b170a9cb3c192a55b685f002834b33154047f8b0fbc976

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
cf-cache-status
MISS
last-modified
Thu, 23 Jul 2020 14:29:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TwkgbER9YKtyrmn5scseHcxR4ygm5FTq0pT1%2BmEOBYGl4MfIVYqK0uGH%2BOpNxnCsO0759UIkarh77HXBP5bEQS5Ff1eaTeSCgSD%2B2%2BgumxQmNfpEv2MS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5e70a69d6cbdc29f-FRA
content-length
40311
cf-request-id
05fa46765f0000c29f69938000000001
829f2c126709303a7a20da97edb978.jpg
funclub.rw/local/cache-gd2/ab/
17 KB
17 KB
Image
General
Full URL
https://funclub.rw/local/cache-gd2/ab/829f2c126709303a7a20da97edb978.jpg?1600895677
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ac54689f860863a578bbd4318705e0d792dbaed404ae7eaf4879cde857a02a9

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
cf-cache-status
MISS
last-modified
Wed, 23 Sep 2020 21:14:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ts9kwN7YW0uAbtvGyFy7DUOqXsBvgxVURRuGhMFW8hyJBeIo%2FfTfMQkOjalWJvbbFSBv5pVFy1Qf4P5kPWDDbLxIQMAGcz2hf9NyK2IEAKzMDkCNEV64"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5e70a69d6cbec29f-FRA
content-length
17169
cf-request-id
05fa46765f0000c29f0d121000000001
cfa03ad2b991fa907a1565416fd76c.jpg
funclub.rw/local/cache-gd2/96/
26 KB
26 KB
Image
General
Full URL
https://funclub.rw/local/cache-gd2/96/cfa03ad2b991fa907a1565416fd76c.jpg?1601539576
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c25c0fe08ab7103a116e4575393bf0a2d2c8ce3441e7b3e5a98c9d7a8cd6458b

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Oct 2020 08:06:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v%2BkZnrLCAJBtEfEtzoPe1XL8Hq4sNNAGmkpXyfyKhWlxLFzpNmgMNCKY0CqE4Z%2BiDafjA0ZzjUuWdAPFTjsS%2BRX2%2B%2BTdhK%2BJwyQi1RXeL1DR2PXaxLtj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5e70a69d6cbfc29f-FRA
content-length
26626
cf-request-id
05fa46765f0000c29fd5819000000001
855d479baacd8ad4c588b620ca09af.jpg
funclub.rw/local/cache-gd2/7b/
19 KB
19 KB
Image
General
Full URL
https://funclub.rw/local/cache-gd2/7b/855d479baacd8ad4c588b620ca09af.jpg?1576839924
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
031716f8f4775da8abce5728025b86b2ac9dd4e1bca4b01b4de2e4ba126cd24d

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Dec 2019 11:05:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r1AKKTnBB0oG8o8zsaV%2Bjxb9WtbHo2dWXiMWF2xMlrxkIwORBjHnPnDuKREE4Zqy9Y9s154w0cxNH7Avf3AdtHmvtvQT2STWMMlI8utxwk%2FvlcXOkkTA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5e70a69d6cc0c29f-FRA
content-length
19275
cf-request-id
05fa4676600000c29f682d0000000001
e12b5b3ecb20a1bea616ab90a0e9ac.jpg
funclub.rw/local/cache-gd2/53/
24 KB
25 KB
Image
General
Full URL
https://funclub.rw/local/cache-gd2/53/e12b5b3ecb20a1bea616ab90a0e9ac.jpg?1596470010
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e40f2671ad4df194e7f6af597dab780ed13d4651c613bde3ccabde35d9f03a2d

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 15:53:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5zZ1ETnSV6kFnw67Wv6mUcSygte2ROJLf523I9BEYxH8pbN03c%2BR8TXe6zNfgBhVADM9j6VkfZgGakN7Nmt4taHr4eTWz0NpNRf53WTGPLABJltM8Cbd"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5e70a69d6cc1c29f-FRA
content-length
24778
cf-request-id
05fa4676600000c29f73959000000001
049b29d6e5a22c7b61ddd9d6bb87b6.jpg
funclub.rw/local/cache-gd2/9d/
25 KB
25 KB
Image
General
Full URL
https://funclub.rw/local/cache-gd2/9d/049b29d6e5a22c7b61ddd9d6bb87b6.jpg?1601880400
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a61c2ad23fd3eb75a9dde7374794cf493eed3810fe086cdeace1d97acc04e4a3

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
cf-cache-status
MISS
last-modified
Mon, 05 Oct 2020 06:46:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Jx2izuMe5agZFybWjS2Zl8tNXFEjml2wImnKzVTWtiVLJSRktWVMwNFUo2BBmq6Rdos8%2BNUdcCsJgcs%2Fen8EK8QZFduo8ta51KFX1IEO5u%2BMbpOXxv%2By"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5e70a69d6cc2c29f-FRA
content-length
25316
cf-request-id
05fa4676600000c29fb1b1d000000001
email-decode.min.js
funclub.rw/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://funclub.rw/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
content-encoding
gzip
vary
Accept-Encoding
nel
{"report_to":"cf-nel","max_age":604800}
status
200
cf-request-id
05fa4676500000c29fe1bca000000001
last-modified
Wed, 21 Oct 2020 15:36:27 GMT
server
cloudflare
etag
W/"5f90557b-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3XDGyfidD3MlJtrzptu3pgCLnw40wxI2cveRxym8i9%2FOxzj0NOa1ShhaUifjt3gDKJ4BlVEa1TIhq%2FTt1YSI3r0JGka6umPrFL3fEt2jhStPwCwXMcsx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
5e70a69d4c9fc29f-FRA
expires
Mon, 26 Oct 2020 03:35:58 GMT
jquery-3.3.1.slim.min.js
code.jquery.com/
68 KB
24 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Origin
https://funclub.rw
Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
content-encoding
gzip
last-modified
Sat, 20 Jan 2018 17:26:44 GMT
server
nginx
status
200
etag
W/"5a637bd4-1111d"
vary
Accept-Encoding
x-hw
1603510558.dop227.fr8.t,1603510558.cds131.fr8.hn,1603510558.cds274.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24038
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/
21 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Request headers

Origin
https://funclub.rw
Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
199265
x-via
cfworker/kv
status
200
content-length
6646
cf-request-id
05fa46766b0000973cba2ac000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
etag
"5eb03fa9-520c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LWv1vDIvH7hTh6HCUe8OhK5G5M4PkQsdXja7%2FRO6XccWpdK9HqbVuyYdzUZJ01GkL%2FxkypQgCcq4T0x2K6rT9lZV3xFeI01ojUiiqePCG516XhCXEIs3ejPCNccAl4HjZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5e70a69d7eff973c-FRA
expires
Thu, 14 Oct 2021 03:35:58 GMT
bootstrap.min.js
funclub.rw/assets/bootstrap/js/
48 KB
13 KB
Script
General
Full URL
https://funclub.rw/assets/bootstrap/js/bootstrap.min.js
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 09 May 2019 14:52:58 GMT
server
cloudflare
age
2817
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eLDl28k8dr6jg24q8Y8Vx7wMGXwMzgvF4ZA%2FtTqMwTtkItdOYJzvKCO7yCAUayArG8hZkL1QiU3L7seVSqMZNKehFywsKbwdTQgaS8sx87N2xC05JL7m"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5e70a69d6cb6c29f-FRA
cf-request-id
05fa46765e0000c29f66297000000001
main.js
funclub.rw/assets/js/
2 KB
1 KB
Script
General
Full URL
https://funclub.rw/assets/js/main.js
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2959afd13d46e120e11e93534ac6177501cfab748e8523d1dc20c78a5f902b0b

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 24 May 2019 16:36:28 GMT
server
cloudflare
age
2817
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RwLGNW5SRsMPLD1QJi6fHefklYdoCThj4I6LvzXaxScVN8xQFdzjzcar0qIRdtFvSmFYNPfX5WGkTz4zsIvnGyrYEOu9reJPLMRjqtzO97hasP2g%2FmhB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5e70a69d6cb8c29f-FRA
cf-request-id
05fa46765e0000c29fec31d000000001
atrk.js
certify-js.alexametrics.com/
4 KB
5 KB
Script
General
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.94.77 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-94-77.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 16 Jun 2020 17:11:25 GMT
Via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Sat, 16 Mar 2019 16:01:33 GMT
Server
AmazonS3
Age
11183074
ETag
"96c08723796affab377d9bb08d631cd0"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Cache-Control
max-age=26920000
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
4264
X-Amz-Cf-Id
MuDaH8LdAjp6EUR_4k-7wH69eEaby7o3c6leV8nDxNl5ulStsqQKCA==
/
funclub.rw/
34 KB
34 KB
Image
General
Full URL
https://funclub.rw/
Requested by
Host: funclub.rw
URL: https://funclub.rw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://funclub.rw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
composed-by
SPIP 3.2.1 @ www.spip.net + https://funclub.rw/local/config.txt
x-spip-cache
86400
cf-request-id
05fa4676620000c29fdf1b9000000001
last-modified
Sat, 24 Oct 2020 03:35:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Cookie,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FJBEir4F%2BxFVqOt3Yg8s7ioGDpmWF3n99UVEo%2FYV%2BR%2FM1OvbZiRj6MYuc%2B2zB87EWDiVMWgExYunNRri3%2F8rBzOujcqSTa4xTSyFV0EIJu3%2FzvGw5Mtk"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=0
cf-ray
5e70a69d6cc4c29f-FRA
expires
Sat, 24 Oct 2020 03:35:58 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://funclub.rw
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 11:20:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
404125
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Tue, 19 Oct 2021 11:20:33 GMT
Poppins-Regular.ttf
funclub.rw/assets/fonts/poppins/
142 KB
62 KB
Font
General
Full URL
https://funclub.rw/assets/fonts/poppins/Poppins-Regular.ttf
Requested by
Host: funclub.rw
URL: https://funclub.rw/assets/stylesheet/stylesheet.css?t=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2425ebbc021bfdd18fe55edbeeb1539d22a217212c14430a7d4d75266a333bbc

Request headers

Origin
https://funclub.rw
Referer
https://funclub.rw/assets/stylesheet/stylesheet.css?t=150
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 May 2019 16:09:42 GMT
server
cloudflare
age
2817
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jrmJEFCkGzj7DXBWg7P2%2F6lJiDuoR96eOgjc08krU7eIXn63NQEEVzN1TSyF4yzukUDFqWYT6kwPijeZ3cvOQ81rMJ0w0Gy1AWs4P4al9qFxdDpHf5%2BJ"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5e70a69d6cc7c29f-FRA
cf-request-id
05fa4676660000c29fd8112000000001
fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://funclub.rw
Referer
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
status
200
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
77171
Sathu.ttf
funclub.rw/assets/fonts/
406 KB
95 KB
Font
General
Full URL
https://funclub.rw/assets/fonts/Sathu.ttf
Requested by
Host: funclub.rw
URL: https://funclub.rw/assets/stylesheet/stylesheet.css?t=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bf249b586427813ae0145fd10d15617604bf420ca73ccade3615f85ffcde9f0

Request headers

Origin
https://funclub.rw
Referer
https://funclub.rw/assets/stylesheet/stylesheet.css?t=150
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 Jan 2001 12:19:04 GMT
server
cloudflare
age
2817
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l9B5KZOmkOErocZkkhiHlZ2J0OlJx0g1UT9HPkUH%2FMJtE9XhA69fw0EakmYezu7NSY4pfpgRZwtlQ9QXS9UIBIZluDD%2BaHSJVkt3aGB2H7RqZelf24YI"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5e70a69d6cc9c29f-FRA
cf-request-id
05fa4676660000c29fa7859000000001
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://funclub.rw
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 11:20:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
231323
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Thu, 21 Oct 2021 11:20:35 GMT
ITCAvantGardeStd-Bk.otf
funclub.rw/assets/fonts/
30 KB
22 KB
Font
General
Full URL
https://funclub.rw/assets/fonts/ITCAvantGardeStd-Bk.otf
Requested by
Host: funclub.rw
URL: https://funclub.rw/assets/stylesheet/stylesheet.css?t=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9a6a06221f6af8eef23cb92f8ef979123e5fb7fb84aa0927f92deae576cfe1b

Request headers

Origin
https://funclub.rw
Referer
https://funclub.rw/assets/stylesheet/stylesheet.css?t=150
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Jan 2007 00:23:18 GMT
server
cloudflare
age
2817
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0LvO9R9kcR1eGij%2FsSR9SzBOqHCtev9pWWjJ%2BXDyCXKy7Gx%2B62fkdPuQhWalkaV4YUF2fxoCCOKNjKFmqRdo5LuGfqDR9gOqalLwL8NYXf%2FL9VyIzTM7"}],"group":"cf-nel","max_age":604800}
content-type
font/otf
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5e70a69d7ccac29f-FRA
cf-request-id
05fa4676670000c29f083c1000000001
atrk.gif
certify.alexametrics.com/
43 B
552 B
Image
General
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Error%20404%20-%20FunClub%20%7C%20Ruhago%2CBasketball%2CVolleyball%2CAmagare%2Cindi%20Mikino&time=1603510558445&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Ffunclub.rw%2FeSign%2F&random_number=20533523863&sess_cookie=e3786c6e17558ad5eeccdd891dc&sess_cookie_flag=1&user_cookie=e3786c6e17558ad5eeccdd891dc&user_cookie_flag=1&dynamic=true&domain=funclub.rw&account=+i3it1hNdI20fn&jsv=20130128&user_lang=en-US
Requested by
Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.206.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-206-68.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 23 Oct 2020 14:02:11 GMT
Via
1.1 d4ed28727dd020fd5850b309fbb1f2f5.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
53595
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
HAM50-C3
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
n0Ri7uxTgGlmH6_kbL3gKi6U7G71mGKlekeN43T7XBHIivoHvoqDxw==
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/
230 KB
87 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b93041c86419712e621598adda1d9749ce2855af2fd4d952873ef00905922730
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
88452
x-xss-protection
0
server
cafe
etag
16783570891068550005
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Oct 2020 03:35:58 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/ Frame 0095
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201021/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://funclub.rw/eSign/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://funclub.rw/eSign/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Fri, 23 Oct 2020 12:16:25 GMT
expires
Fri, 06 Nov 2020 12:16:25 GMT
content-type
text/html; charset=UTF-8
etag
5228831996244654541
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4745
x-xss-protection
0
age
55173
cache-control
public, max-age=1209600
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/
45 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143968592-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
1210
date
Sat, 24 Oct 2020 03:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Sat, 24 Oct 2020 05:15:48 GMT
collect
www.google-analytics.com/j/
1 B
405 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=727592214&t=pageview&_s=1&dl=https%3A%2F%2Ffunclub.rw%2FeSign%2F&ul=en-us&de=UTF-8&dt=Error%20404%20-%20FunClub%20%7C%20Ruhago%2CBasketball%2CVolleyball%2CAmagare%2Cindi%20Mikino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1550316794&gjid=420222172&cid=538335532.1603510559&tid=UA-143968592-1&_gid=360464.1603510559&_r=1&gtm=2ouae1&z=982883929
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Oct 2020 03:35:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://funclub.rw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
109 B
832 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=funclub.rw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Oct 2020 03:35:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
832 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=funclub.rw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Oct 2020 03:35:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 903D
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8563519530061720&output=html&adk=1812271804&adf=3025194257&lmt=1603510558&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Ffunclub.rw%2FeSign%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603510558465&bpp=15&bdt=204&idt=116&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=594181835653&frm=20&pv=2&ga_vid=538335532.1603510559&ga_sid=1603510559&ga_hid=727592214&ga_fc=0&iag=0&icsg=535055&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2943983718866203&pem=151&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=136
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8563519530061720&output=html&adk=1812271804&adf=3025194257&lmt=1603510558&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Ffunclub.rw%2FeSign%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603510558465&bpp=15&bdt=204&idt=116&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=594181835653&frm=20&pv=2&ga_vid=538335532.1603510559&ga_sid=1603510559&ga_hid=727592214&ga_fc=0&iag=0&icsg=535055&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2943983718866203&pem=151&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=136
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://funclub.rw/eSign/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://funclub.rw/eSign/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 24 Oct 2020 03:35:58 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 24-Oct-2020 03:50:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Oct 2020 03:35:58 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77e75934de7a7d9b475ed5205181eed15c424e1ead2039ada5818432e841bc9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603453024747546"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27565
x-xss-protection
0
expires
Sat, 24 Oct 2020 03:35:58 GMT
sodar
pagead2.googlesyndication.com/getconfig/
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201021&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
262240e87471709fcb0f36e5f313e76646007b668901cc99b7565113826284c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Oct 2020 03:35:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6512
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 03:35:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601937181905197"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6302
x-xss-protection
0
expires
Sat, 24 Oct 2020 03:35:59 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame 4A33
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/218/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://funclub.rw/eSign/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://funclub.rw/eSign/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Fri, 23 Oct 2020 23:28:02 GMT
expires
Sat, 23 Oct 2021 23:28:02 GMT
last-modified
Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
14877
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/
0
110 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gda_r20201021&jk=2943983718866203&bg=!-Pul-9vNAAVp0lmVaVhQcbJ3sp0WWQIAAABoUgAAAAwKAPTjnF22DVfAp_E3f4TH50n5mMQ6lQ6a0zkuSitDAAqIzGdMTNufozZw4LcpyyREcZWvMa7tldSUqRSMbD9QJk3bZI-lGJQHf0epTCRa8EV6ESCU9EmDYu4bKHIaIlhBFREpNQdwGag3_TeQoezwNGrmqyXNo-_du7GuXalpMZjeqMPiJSbbhTE9_HhpAnKT3HPEva4PZGtdU_d0iRvRgbgHXxsbE7CoTxo1d3yEmLroeqALqN3kirJ0yL91RsVReF-iaUjR2SuLU9GKUUifw6TQxxVlBqg6gH2vZ6RYl6oybtOyEiY2lo5NbZ2mIVcgKV2HU8_VmQGjSHvluBjckkE4chLb7SzwccgIob5xSiNMEusc-Hj2U0vfiOWDoR8yyk_1MzGjiiCjQigwwsTS09JIND3HfCx0p45LLm3bsYhNN0OsMtKcEYoXGa11vd1I2wdX8LByuDB6OW17ydlU4wbmErGaZ-ZpuSt2lE9QQMzJjtG0vKK8fEyK7j1NiLsVIPguPhVnVBk0LJm7xzSVCZ_An5_TtmsTf_9pPyOu_G1sXxXXSAa5JsLAVLd1EBCLsEtVtbsmliKvGpoXFswBlLMGe584TlGentBC6p_KMfVBsvJ51LU6w_IMH607Y8p_UNRWlycRbEGeJj_nBSfYrEdcc6dCMD3nKXB1U1gFJXMVoIFNLzgWVr7lYLPrjtAsxJSVQRZRhvdrnJImhMN6PREqpwqMnp81TIW1c9yv2-NFIWsxRbmUTYxoky3C6KH6zVaTVZE8XEK0dmOUXs_ofwhtudrx94qIUpO2R0uTBrdFE2SK0uDflM32hTHRbBDNXDzRoiY1jamnnhQNdUdvAhKIgZBI-b-ZKrd3mgk-HKdQx6Clowj5T2lnytE
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://funclub.rw/eSign/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Oct 2020 03:35:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| gtag object| dataLayer object| adsbygoogle object| _atrk_opts function| scrollFunction function| topFunction function| $ function| jQuery function| Popper object| bootstrap function| openCity function| atrk boolean| _atrk_fired object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
.funclub.rw/ Name: _gid
Value: GA1.2.360464.1603510559
.funclub.rw/ Name: __auc
Value: e3786c6e17558ad5eeccdd891dc
.funclub.rw/ Name: _gat_gtag_UA_143968592_1
Value: 1
.funclub.rw/ Name: __asc
Value: e3786c6e17558ad5eeccdd891dc
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.funclub.rw/ Name: _ga
Value: GA1.2.538335532.1603510559
.funclub.rw/ Name: __cfduid
Value: d852107b6d09dade53ed8ebfa1a80b3061603510557

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
certify-js.alexametrics.com
certify.alexametrics.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
funclub.rw
googleads.g.doubleclick.net
pagead2.googlesyndication.com
stackpath.bootstrapcdn.com
tpc.googlesyndication.com
url9615.anyvibes.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
143.204.94.77
167.89.118.52
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:3b
2606:4700:3033::ac43:b4ef
2606:4700::6810:125e
2a00:1450:4001:800::2002
2a00:1450:4001:801::200a
2a00:1450:4001:806::2008
2a00:1450:4001:808::2003
2a00:1450:4001:816::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:824::200e
54.192.206.68
031716f8f4775da8abce5728025b86b2ac9dd4e1bca4b01b4de2e4ba126cd24d
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
10fd74f8a0d2a4446db79aa5edcf6c5a3675f94c7360a405615f85a455d28442
15ef3bdcf9b61756713a5d64761b0d8c7e04f2be45bc87701e725451b911fd6b
1a1704500f1fc30b986e460f445fef3abd46d7e96f75ccc3ebaad51b3e3ee30a
1e98a84d201a5ce748c59f64fe3b5341601b863b3fff7d63a045aa6f655edf08
2425ebbc021bfdd18fe55edbeeb1539d22a217212c14430a7d4d75266a333bbc
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
262240e87471709fcb0f36e5f313e76646007b668901cc99b7565113826284c8
2959afd13d46e120e11e93534ac6177501cfab748e8523d1dc20c78a5f902b0b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
47b6fd561fb7f7e5bc53d42ef77a3969685e2265ce1f99fa852144a183274280
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70acc3eb483706f959b170a9cb3c192a55b685f002834b33154047f8b0fbc976
77e75934de7a7d9b475ed5205181eed15c424e1ead2039ada5818432e841bc9f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ac54689f860863a578bbd4318705e0d792dbaed404ae7eaf4879cde857a02a9
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bf249b586427813ae0145fd10d15617604bf420ca73ccade3615f85ffcde9f0
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
922e160c8a5ca6953e502c7448537511661e0dbb21f7fe920fa638d225c520cf
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a61c2ad23fd3eb75a9dde7374794cf493eed3810fe086cdeace1d97acc04e4a3
b93041c86419712e621598adda1d9749ce2855af2fd4d952873ef00905922730
c25c0fe08ab7103a116e4575393bf0a2d2c8ce3441e7b3e5a98c9d7a8cd6458b
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e096db1786e0a7d009bd49022302e1891737fa6d631814f63309359345ca1e1e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40f2671ad4df194e7f6af597dab780ed13d4651c613bde3ccabde35d9f03a2d
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f0c88d0a993d24cf5bf6daadde6341e82011c9f3340c20e75dedca297d3d2b47
f9a6a06221f6af8eef23cb92f8ef979123e5fb7fb84aa0927f92deae576cfe1b
fb1c60505b62218c999ae747448f8364911a4f3d83d04a89c74c9d35b5ec58f9