funclub.rw Open in urlscan Pro
2606:4700:3033::ac43:b4ef Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://url9615.anyvibes.com/ls/click?upn=5-2BUCn59MAkPYZJQLjHmdjSGW-2FgMLPgIB3QeTssvBLBI3KTEK-2F1Cyh437-2FjLY-2BUhUdlPD_391I...
Effective URL:
https://funclub.rw/eSign/
Submission Tags: falconsandbox
Submission: On October 24 via api (October 24th 2020, 3:36:17 am UTC) from US

Summary HTTP 43 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 15 domains to perform 43 HTTP transactions. The main IP is 2606:4700:3033::ac43:b4ef, located in United States and belongs to CLOUDFLARENET, US. The main domain is funclub.rw.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 29th 2020. Valid for: a year.

This is the only time funclub.rw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.52 167.89.118.52	11377 (SENDGRID) (SENDGRID)
20	2606:4700:303... 2606:4700:3033::ac43:b4ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.94.77 143.204.94.77	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	54.192.206.68 54.192.206.68	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
43	13

1 167.89.118.52 (United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x52.outbound-mail.sendgrid.net

url9615.anyvibes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:3033::ac43:b4ef (United States)

ASN13335 (CLOUDFLARENET, US)

funclub.rw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.77 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-77.fra50.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.206.68 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-206-68.ham50.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	funclub.rw funclub.rw	478 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	146 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	doubleclick.net googleads.g.doubleclick.net
2	gstatic.com fonts.gstatic.com	18 KB
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	5 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	83 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	832 B
1	google.de adservice.google.de	832 B
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	jquery.com code.jquery.com	24 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	anyvibes.com 1 redirects url9615.anyvibes.com	228 B
43	15

	Domain	Requested by
20	funclub.rw	funclub.rw
4	pagead2.googlesyndication.com	funclub.rw pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	stackpath.bootstrapcdn.com	funclub.rw stackpath.bootstrapcdn.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	certify.alexametrics.com	funclub.rw
1	certify-js.alexametrics.com	funclub.rw
1	cdnjs.cloudflare.com	funclub.rw
1	code.jquery.com	funclub.rw
1	www.googletagmanager.com	funclub.rw
1	fonts.googleapis.com	funclub.rw
1	url9615.anyvibes.com	1 redirects
43	17

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-29` - `2021-07-29`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://funclub.rw/eSign/
Frame ID: B3935AA4F02BA5931A66135BE95308B2
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/zrt_lookup.html
Frame ID: 0095CC8C9C8F22BBD9A5924FEB5B15EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8563519530061720&output=html&adk=1812271804&adf=3025194257&lmt=1603510558&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Ffunclub.rw%2FeSign%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603510558465&bpp=15&bdt=204&idt=116&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=594181835653&frm=20&pv=2&ga_vid=538335532.1603510559&ga_sid=1603510559&ga_hid=727592214&ga_fc=0&iag=0&icsg=535055&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2943983718866203&pem=151&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=136
Frame ID: 903D2D07D2A50470C5312033EEB19D30
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: 4A339AD2A9D5C61C474F880ED7952BE6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://url9615.anyvibes.com/ls/click?upn=5-2BUCn59MAkPYZJQLjHmdjSGW-2FgMLPgIB3QeTssvBLBI3KTEK-2F1Cyh437-... HTTP 302
https://funclub.rw/eSign/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

43
Requests

100 %
HTTPS

79 %
IPv6

15
Domains

17
Subdomains

13
IPs

3
Countries

847 kB
Transfer

1908 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/pg/FunClubRw

Search URL Search Domain Scan URL

URL: https://twitter.com/FunClubRw

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCkqKsWuCwOF5wwevo8fwoEg

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://url9615.anyvibes.com/ls/click?upn=5-2BUCn59MAkPYZJQLjHmdjSGW-2FgMLPgIB3QeTssvBLBI3KTEK-2F1Cyh437-2FjLY-2BUhUdlPD_391I7BtNCk9rhLfO5-2B8eQ9Zq-2BCaJMUricWNIicTx96y0ILcsMteR7g667uTaAkCWWiovs-2BwADZOxr75EuFvPQ4QRhFqEAju6R7ATbp0xT7cHG5M6amHiR6s2v3JsyFXU511L46-2BW927ET3UfuBeaUsgFf9bs96guxn-2FI2JTn2CDNglZ0GKt5nEYvRGiWaSernGqMzNIXspxtvLb46U4Touu-2Fgs8np4Ls1Ne4EqeZ6lXr0SXeklM9W67hIU7Ko1I7IseTo3lRDfv5mfP-2B-2FHH4U-2FmYizkCddJa9UIyTiYEUItS1lrkY0nXTfawxAHuW5WBJmmjickrSKPncI6eSlpUOnATmb0-2F9tzyf3gp8lhwb165ZLpGx-2BJUWHYhUOdKWK5X5R8mJ9u9UrBmnHUQyIrxEMBBm5AUEkxRGQsisqwOCySs2-2BYc6nKtJpP5q9iDEN6BU5LVHmG5HYxD60AXCWBC6iqoL5bv3bpRdVIK7K6w1SXdNYgUbz4JiSU1d1TZtPYphbex8P7YjkwDO2Ms6eAcArDlZ17Ti6Im5nQy5WSrQv3cLK-2BlOQH3Yk1jpeeWnV5N37fJtZO3PS73UA8BdoPyA8ayFLEuO0U-2FPePAPvUjwOb6ZH78TJQAp8POhOOJnmcEYF3VlBEUXxlnZ3KaAZjZNoY4ok8FvJw-2BZs7jj6F1-2FlprzZbGUg8K0Key0BEGPDsr28ZFXJKcfajaX8m0lhUK-2BSLrDedqyme8LcxwQmD-2BQ9AkK7jU5HM-2B1GWQREhd1z-2FEDgdc5EeKWITc5Nu-2F4vvVrU0kqxoQ65NqMmGZMZpdTcGnS5YRbJ8UqQI1gv4fE7h7JRLSUxPPZOq5dRtIrxbyUT-2F-2FT1NmW4kBsCNjtphj38gclzMhzQuoCvwYh-2BxLlA-2FTgGOOVDHwkdbjW5JkiJe8c8kJahrcbNmpW62A38gRrFQ-2BHW1r8FPsboqLP3m1Ct6CHYa9Epxq1rg1DdAIweNgbOK-2BtkpNykTzC7C2b8Y6AfjffvAjiQE2JrR-2Bomf16f6PMSFD1-2FXibjuuT-2B1ZqxppCQ-3D-3D HTTP 302
https://funclub.rw/eSign/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request / Show response
funclub.rw/eSign/
Redirect Chain

http://url9615.anyvibes.com/ls/click?upn=5-2BUCn59MAkPYZJQLjHmdjSGW-2FgMLPgIB3QeTssvBLBI3KTEK-2F1Cyh437-2FjLY-2BUhUdlPD_391I7BtNCk9rhLfO5-2B8eQ9Zq-2BCaJMUricWNIicTx96y0ILcsMteR7g667uTaAkCWWiovs-2Bw...
https://funclub.rw/eSign/

20 KB
6 KB

793ms
742ms

Document
text/html

2606:4700:3033::ac43:b4ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://funclub.rw/eSign/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 922e160c8a5ca6953e502c7448537511661e0dbb21f7fe920fa638d225c520cf

Request headers

:method: GET
:authority: funclub.rw
:scheme: https
:path: /eSign/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 404
date: Sat, 24 Oct 2020 03:35:58 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d852107b6d09dade53ed8ebfa1a80b3061603510557; expires=Mon, 23-Nov-20 03:35:57 GMT; path=/; domain=.funclub.rw; HttpOnly; SameSite=Lax; Secure
vary: Cookie,Accept-Encoding
composed-by: SPIP 3.2.1 @ www.spip.net + https://funclub.rw/local/config.txt
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-spip-cache: 86400
last-modified: Sat, 24 Oct 2020 03:35:58 GMT
cf-cache-status: DYNAMIC
cf-request-id: 05fa4673500000c29f0aa96000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7XGPzgpH8%2BqUIT5bcKZ0jf%2Bi7zVp2XMV6ozpkDjJpxAFBdeDIwN1gLvsgreX%2BREKQWldfxPiRFT0R0rJYphhOaqDFVEJmd9wpPs%2FERRsoEv82J5A6mMd"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5e70a6987811c29f-FRA
content-encoding: br

Redirect headers

Server: nginx
Date: Sat, 24 Oct 2020 03:35:57 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 48
Connection: keep-alive
Location: https://funclub.rw/eSign/
X-Robots-Tag: noindex, nofollow

GET
H2 200 bootstrap.min.css
funclub.rw/assets/bootstrap/css/ 141 KB
18 KB 18ms
16ms Stylesheet
text/css 2606:4700:3033::ac43:b4ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://funclub.rw/assets/bootstrap/css/bootstrap.min.css
Requested by: Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 May 2019 14:52:58 GMT
server: cloudflare
age: 2817
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=43upCjfOd8zEMNZqjB2IRMF2kce6C6IOHJLEpjj%2B5rPGyGnlMeXpR9S3Qj05z2IGLRIf%2Bcu5pGsVhaK2kwILbnJa%2BsvjR1w0CLUdvbao54rwzQg8Oy7l"}],"group":"cf-nel","max_age":604800}
content-type: text/css
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e70a69d2c81c29f-FRA
cf-request-id: 05fa46763b0000c29fe426b000000001

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 25ms
9ms Stylesheet
text/css 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: funclub.rw
URL: https://funclub.rw/eSign/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 stylesheet.css
funclub.rw/assets/stylesheet/ 19 KB
5 KB 17ms
16ms Stylesheet
text/css 2606:4700:3033::ac43:b4ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://funclub.rw/assets/stylesheet/stylesheet.css?t=150
Requested by: Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0c88d0a993d24cf5bf6daadde6341e82011c9f3340c20e75dedca297d3d2b47

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Jul 2020 09:35:27 GMT
server: cloudflare
age: 2817
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L51%2FO3Vrw1iR5qg%2BeoUjxTlM44k48fhQ3Npnr2tNYu5swASEPwSGBdDBlGxCqZ50kKBhfRERYY1lBqhS%2FtGNypBKnzC6eNQszrQeKuodxOBxIc77zF2R"}],"group":"cf-nel","max_age":604800}
content-type: text/css
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e70a69d2c83c29f-FRA
cf-request-id: 05fa46763b0000c29fc98c5000000001

GET
H2 200 magnific-popup.min.css
funclub.rw/assets/stylesheet/ 6 KB
2 KB 12ms
11ms Stylesheet
text/css 2606:4700:3033::ac43:b4ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://funclub.rw/assets/stylesheet/magnific-popup.min.css?t=3
Requested by: Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10fd74f8a0d2a4446db79aa5edcf6c5a3675f94c7360a405615f85a455d28442

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jun 2019 13:27:34 GMT
server: cloudflare
age: 2817
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2GZNYE%2FzGYlP09Dq%2F7oUGOF6nrRBC64rPKYysgEI%2BS7L9uQqfOTR7CHR5NExsOf3nThlOG%2B96MdxPyyFJYqAEqBH%2BY8gmMBVfIGG7oq9g%2FCH1SYqhHUO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e70a69d2c84c29f-FRA
cf-request-id: 05fa46763c0000c29fb688a000000001

GET
H2 200 css
fonts.googleapis.com/ 26 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap

Requested by

Host: funclub.rw
URL: https://funclub.rw/eSign/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e98a84d201a5ce748c59f64fe3b5341601b863b3fff7d63a045aa6f655edf08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 24 Oct 2020 03:17:16 GMT
server: ESF
date: Sat, 24 Oct 2020 03:35:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Oct 2020 03:35:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
38 KB 41ms
15ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-143968592-1

Requested by

Host: funclub.rw
URL: https://funclub.rw/eSign/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb1c60505b62218c999ae747448f8364911a4f3d83d04a89c74c9d35b5ec58f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37945
x-xss-protection: 0
last-modified: Sat, 24 Oct 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 24 Oct 2020 03:35:58 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 131 KB
46 KB 47ms
21ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: funclub.rw
URL: https://funclub.rw/eSign/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15ef3bdcf9b61756713a5d64761b0d8c7e04f2be45bc87701e725451b911fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45803
x-xss-protection: 0
server: cafe
etag: 337378925373862909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 24 Oct 2020 03:35:58 GMT

GET
H2 200 siteon0.png
funclub.rw/IMG/ 23 KB
23 KB 15ms
11ms Image
image/png 2606:4700:3033::ac43:b4ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funclub.rw/IMG/siteon0.png?1561471474
Requested by: Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a1704500f1fc30b986e460f445fef3abd46d7e96f75ccc3ebaad51b3e3ee30a

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2817
status: 200
content-length: 23306
cf-request-id: 05fa46765e0000c29fa4020000000001
last-modified: Tue, 25 Jun 2019 14:04:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3u92ZFoXSOc08M%2FLCY3qJ5ngIT09EDo%2FErChn41nMJeuRz32Gr4GAPzqlLL9Rkv8Ru4hQNAJ6Uok0OvANIKHZJ%2F5AIYUZTz6zhxdkvYWNtdAihg%2FQMJ9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e70a69d6cb9c29f-FRA

GET
H2 200 7b81c9b6979a006c8751aecc7b5336.jpg
funclub.rw/local/cache-gd2/bb/ 15 KB
15 KB 635ms
630ms Image
image/jpeg 2606:4700:3033::ac43:b4ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funclub.rw/local/cache-gd2/bb/7b81c9b6979a006c8751aecc7b5336.jpg?1593735383
Requested by: Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b6fd561fb7f7e5bc53d42ef77a3969685e2265ce1f99fa852144a183274280

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
cf-cache-status: MISS
last-modified: Fri, 03 Jul 2020 00:16:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ltq1c9JyZPBrwpq7%2BAw%2FAMp9bQ1EIO3w5xpEJva6TZTmO56h%2BFr4Uc7DA7i2qVje7xFyQGDMbg%2BzkDe6cv5IQqSCr0XaYjtySTmFf9TKcWvv9VBT1dxE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5e70a69d6cbac29f-FRA
content-length: 15078
cf-request-id: 05fa46765f0000c29fc00ae000000001

GET
H2 200 1684b7e72c17c7c1cae616029efa57.jpg
funclub.rw/local/cache-gd2/05/ 30 KB
30 KB 612ms
607ms Image
image/jpeg 2606:4700:3033::ac43:b4ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funclub.rw/local/cache-gd2/05/1684b7e72c17c7c1cae616029efa57.jpg?1600696192
Requested by: Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e096db1786e0a7d009bd49022302e1891737fa6d631814f63309359345ca1e1e

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
cf-cache-status: MISS
last-modified: Mon, 21 Sep 2020 13:49:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j8cWL%2FhBVG0lviRDgVYvHYgOlxHm2as8ybyV1sy2xqAFNdyTjRnK07yHuGGPXjDl4hCi40zQ7RxS9u98r0mFpDuAiJCFDlAnRz58Zo9lIsMTSZPkdgaQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5e70a69d6cbcc29f-FRA
content-length: 30738
cf-request-id: 05fa46765f0000c29fc28ef000000001

GET
H2 200 790b1cb6c677f0e1b2b37d80134b52.jpg
funclub.rw/local/cache-gd2/7f/ 39 KB
40 KB 638ms
634ms Image
image/jpeg 2606:4700:3033::ac43:b4ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funclub.rw/local/cache-gd2/7f/790b1cb6c677f0e1b2b37d80134b52.jpg?1595514570
Requested by: Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70acc3eb483706f959b170a9cb3c192a55b685f002834b33154047f8b0fbc976

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Jul 2020 14:29:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TwkgbER9YKtyrmn5scseHcxR4ygm5FTq0pT1%2BmEOBYGl4MfIVYqK0uGH%2BOpNxnCsO0759UIkarh77HXBP5bEQS5Ff1eaTeSCgSD%2B2%2BgumxQmNfpEv2MS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5e70a69d6cbdc29f-FRA
content-length: 40311
cf-request-id: 05fa46765f0000c29f69938000000001

GET
H2 200 829f2c126709303a7a20da97edb978.jpg
funclub.rw/local/cache-gd2/ab/ 17 KB
17 KB 640ms
636ms Image
image/jpeg 2606:4700:3033::ac43:b4ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funclub.rw/local/cache-gd2/ab/829f2c126709303a7a20da97edb978.jpg?1600895677
Requested by: Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ac54689f860863a578bbd4318705e0d792dbaed404ae7eaf4879cde857a02a9

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
cf-cache-status: MISS
last-modified: Wed, 23 Sep 2020 21:14:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ts9kwN7YW0uAbtvGyFy7DUOqXsBvgxVURRuGhMFW8hyJBeIo%2FfTfMQkOjalWJvbbFSBv5pVFy1Qf4P5kPWDDbLxIQMAGcz2hf9NyK2IEAKzMDkCNEV64"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5e70a69d6cbec29f-FRA
content-length: 17169
cf-request-id: 05fa46765f0000c29f0d121000000001

GET
H2 200 cfa03ad2b991fa907a1565416fd76c.jpg
funclub.rw/local/cache-gd2/96/ 26 KB
26 KB 645ms
641ms Image
image/jpeg 2606:4700:3033::ac43:b4ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funclub.rw/local/cache-gd2/96/cfa03ad2b991fa907a1565416fd76c.jpg?1601539576
Requested by: Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c25c0fe08ab7103a116e4575393bf0a2d2c8ce3441e7b3e5a98c9d7a8cd6458b

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
cf-cache-status: MISS
last-modified: Thu, 01 Oct 2020 08:06:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v%2BkZnrLCAJBtEfEtzoPe1XL8Hq4sNNAGmkpXyfyKhWlxLFzpNmgMNCKY0CqE4Z%2BiDafjA0ZzjUuWdAPFTjsS%2BRX2%2B%2BTdhK%2BJwyQi1RXeL1DR2PXaxLtj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5e70a69d6cbfc29f-FRA
content-length: 26626
cf-request-id: 05fa46765f0000c29fd5819000000001

GET
H2 200 855d479baacd8ad4c588b620ca09af.jpg
funclub.rw/local/cache-gd2/7b/ 19 KB
19 KB 642ms
638ms Image
image/jpeg 2606:4700:3033::ac43:b4ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funclub.rw/local/cache-gd2/7b/855d479baacd8ad4c588b620ca09af.jpg?1576839924
Requested by: Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 031716f8f4775da8abce5728025b86b2ac9dd4e1bca4b01b4de2e4ba126cd24d

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Dec 2019 11:05:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r1AKKTnBB0oG8o8zsaV%2Bjxb9WtbHo2dWXiMWF2xMlrxkIwORBjHnPnDuKREE4Zqy9Y9s154w0cxNH7Avf3AdtHmvtvQT2STWMMlI8utxwk%2FvlcXOkkTA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5e70a69d6cc0c29f-FRA
content-length: 19275
cf-request-id: 05fa4676600000c29f682d0000000001

GET
H2 200 e12b5b3ecb20a1bea616ab90a0e9ac.jpg
funclub.rw/local/cache-gd2/53/ 24 KB
25 KB 639ms
635ms Image
image/jpeg 2606:4700:3033::ac43:b4ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funclub.rw/local/cache-gd2/53/e12b5b3ecb20a1bea616ab90a0e9ac.jpg?1596470010
Requested by: Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e40f2671ad4df194e7f6af597dab780ed13d4651c613bde3ccabde35d9f03a2d

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
cf-cache-status: MISS
last-modified: Mon, 03 Aug 2020 15:53:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5zZ1ETnSV6kFnw67Wv6mUcSygte2ROJLf523I9BEYxH8pbN03c%2BR8TXe6zNfgBhVADM9j6VkfZgGakN7Nmt4taHr4eTWz0NpNRf53WTGPLABJltM8Cbd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5e70a69d6cc1c29f-FRA
content-length: 24778
cf-request-id: 05fa4676600000c29f73959000000001

GET
H2 200 049b29d6e5a22c7b61ddd9d6bb87b6.jpg
funclub.rw/local/cache-gd2/9d/ 25 KB
25 KB 617ms
614ms Image
image/jpeg 2606:4700:3033::ac43:b4ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funclub.rw/local/cache-gd2/9d/049b29d6e5a22c7b61ddd9d6bb87b6.jpg?1601880400
Requested by: Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a61c2ad23fd3eb75a9dde7374794cf493eed3810fe086cdeace1d97acc04e4a3

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Oct 2020 06:46:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Jx2izuMe5agZFybWjS2Zl8tNXFEjml2wImnKzVTWtiVLJSRktWVMwNFUo2BBmq6Rdos8%2BNUdcCsJgcs%2Fen8EK8QZFduo8ta51KFX1IEO5u%2BMbpOXxv%2By"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5e70a69d6cc2c29f-FRA
content-length: 25316
cf-request-id: 05fa4676600000c29fb1b1d000000001

GET
H2 200 email-decode.min.js Show response
funclub.rw/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 8ms
7ms Script
application/javascript 2606:4700:3033::ac43:b4ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://funclub.rw/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: funclub.rw
URL: https://funclub.rw/eSign/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
content-encoding: gzip
vary: Accept-Encoding
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 05fa4676500000c29fe1bca000000001
last-modified: Wed, 21 Oct 2020 15:36:27 GMT
server: cloudflare
etag: W/"5f90557b-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3XDGyfidD3MlJtrzptu3pgCLnw40wxI2cveRxym8i9%2FOxzj0NOa1ShhaUifjt3gDKJ4BlVEa1TIhq%2FTt1YSI3r0JGka6umPrFL3fEt2jhStPwCwXMcsx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5e70a69d4c9fc29f-FRA
expires: Mon, 26 Oct 2020 03:35:58 GMT

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 26ms
9ms Script
application/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Origin: https://funclub.rw
Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
status: 200
etag: W/"5a637bd4-1111d"
vary: Accept-Encoding
x-hw: 1603510558.dop227.fr8.t,1603510558.cds131.fr8.hn,1603510558.cds274.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24038

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 29ms
11ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Requested by: Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Request headers

Origin: https://funclub.rw
Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199265
x-via: cfworker/kv
status: 200
content-length: 6646
cf-request-id: 05fa46766b0000973cba2ac000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LWv1vDIvH7hTh6HCUe8OhK5G5M4PkQsdXja7%2FRO6XccWpdK9HqbVuyYdzUZJ01GkL%2FxkypQgCcq4T0x2K6rT9lZV3xFeI01ojUiiqePCG516XhCXEIs3ejPCNccAl4HjZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5e70a69d7eff973c-FRA
expires: Thu, 14 Oct 2021 03:35:58 GMT

GET
H2 200 bootstrap.min.js Show response
funclub.rw/assets/bootstrap/js/ 48 KB
13 KB 19ms
13ms Script
application/javascript 2606:4700:3033::ac43:b4ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://funclub.rw/assets/bootstrap/js/bootstrap.min.js
Requested by: Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 May 2019 14:52:58 GMT
server: cloudflare
age: 2817
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eLDl28k8dr6jg24q8Y8Vx7wMGXwMzgvF4ZA%2FtTqMwTtkItdOYJzvKCO7yCAUayArG8hZkL1QiU3L7seVSqMZNKehFywsKbwdTQgaS8sx87N2xC05JL7m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e70a69d6cb6c29f-FRA
cf-request-id: 05fa46765e0000c29f66297000000001

GET
H2 200 main.js Show response
funclub.rw/assets/js/ 2 KB
1 KB 15ms
10ms Script
application/javascript 2606:4700:3033::ac43:b4ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://funclub.rw/assets/js/main.js
Requested by: Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2959afd13d46e120e11e93534ac6177501cfab748e8523d1dc20c78a5f902b0b

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 May 2019 16:36:28 GMT
server: cloudflare
age: 2817
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RwLGNW5SRsMPLD1QJi6fHefklYdoCThj4I6LvzXaxScVN8xQFdzjzcar0qIRdtFvSmFYNPfX5WGkTz4zsIvnGyrYEOu9reJPLMRjqtzO97hasP2g%2FmhB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e70a69d6cb8c29f-FRA
cf-request-id: 05fa46765e0000c29fec31d000000001

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
5 KB 71ms
22ms Script
text/javascript 143.204.94.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.77 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-77.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Jun 2020 17:11:25 GMT
Via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 11183074
ETag: "96c08723796affab377d9bb08d631cd0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Cache-Control: max-age=26920000
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 4264
X-Amz-Cf-Id: MuDaH8LdAjp6EUR_4k-7wH69eEaby7o3c6leV8nDxNl5ulStsqQKCA==

GET
H2 200 /
funclub.rw/ 34 KB
34 KB 756ms
756ms Image
text/html 2606:4700:3033::ac43:b4ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funclub.rw/
Requested by: Host: funclub.rw
URL: https://funclub.rw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://funclub.rw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
composed-by: SPIP 3.2.1 @ www.spip.net + https://funclub.rw/local/config.txt
x-spip-cache: 86400
cf-request-id: 05fa4676620000c29fdf1b9000000001
last-modified: Sat, 24 Oct 2020 03:35:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FJBEir4F%2BxFVqOt3Yg8s7ioGDpmWF3n99UVEo%2FYV%2BR%2FM1OvbZiRj6MYuc%2B2zB87EWDiVMWgExYunNRri3%2F8rBzOujcqSTa4xTSyFV0EIJu3%2FzvGw5Mtk"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=0
cf-ray: 5e70a69d6cc4c29f-FRA
expires: Sat, 24 Oct 2020 03:35:58 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://funclub.rw
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 11:20:33 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 404125
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 19 Oct 2021 11:20:33 GMT

GET
H2 200 Poppins-Regular.ttf
funclub.rw/assets/fonts/poppins/ 142 KB
62 KB 23ms
22ms Font
font/ttf 2606:4700:3033::ac43:b4ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://funclub.rw/assets/fonts/poppins/Poppins-Regular.ttf
Requested by: Host: funclub.rw
URL: https://funclub.rw/assets/stylesheet/stylesheet.css?t=150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2425ebbc021bfdd18fe55edbeeb1539d22a217212c14430a7d4d75266a333bbc

Request headers

Origin: https://funclub.rw
Referer: https://funclub.rw/assets/stylesheet/stylesheet.css?t=150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 May 2019 16:09:42 GMT
server: cloudflare
age: 2817
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jrmJEFCkGzj7DXBWg7P2%2F6lJiDuoR96eOgjc08krU7eIXn63NQEEVzN1TSyF4yzukUDFqWYT6kwPijeZ3cvOQ81rMJ0w0Gy1AWs4P4al9qFxdDpHf5%2BJ"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e70a69d6cc7c29f-FRA
cf-request-id: 05fa4676660000c29fd8112000000001

GET
H2 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 23ms
8ms Font
font/woff2 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://funclub.rw
Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

GET
H2 200 Sathu.ttf
funclub.rw/assets/fonts/ 406 KB
95 KB 28ms
27ms Font
font/ttf 2606:4700:3033::ac43:b4ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://funclub.rw/assets/fonts/Sathu.ttf
Requested by: Host: funclub.rw
URL: https://funclub.rw/assets/stylesheet/stylesheet.css?t=150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bf249b586427813ae0145fd10d15617604bf420ca73ccade3615f85ffcde9f0

Request headers

Origin: https://funclub.rw
Referer: https://funclub.rw/assets/stylesheet/stylesheet.css?t=150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 Jan 2001 12:19:04 GMT
server: cloudflare
age: 2817
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l9B5KZOmkOErocZkkhiHlZ2J0OlJx0g1UT9HPkUH%2FMJtE9XhA69fw0EakmYezu7NSY4pfpgRZwtlQ9QXS9UIBIZluDD%2BaHSJVkt3aGB2H7RqZelf24YI"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e70a69d6cc9c29f-FRA
cf-request-id: 05fa4676660000c29fa7859000000001

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://funclub.rw
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 11:20:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 231323
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Thu, 21 Oct 2021 11:20:35 GMT

GET
H2 200 ITCAvantGardeStd-Bk.otf
funclub.rw/assets/fonts/ 30 KB
22 KB 12ms
12ms Font
font/otf 2606:4700:3033::ac43:b4ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://funclub.rw/assets/fonts/ITCAvantGardeStd-Bk.otf
Requested by: Host: funclub.rw
URL: https://funclub.rw/assets/stylesheet/stylesheet.css?t=150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9a6a06221f6af8eef23cb92f8ef979123e5fb7fb84aa0927f92deae576cfe1b

Request headers

Origin: https://funclub.rw
Referer: https://funclub.rw/assets/stylesheet/stylesheet.css?t=150
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Jan 2007 00:23:18 GMT
server: cloudflare
age: 2817
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0LvO9R9kcR1eGij%2FsSR9SzBOqHCtev9pWWjJ%2BXDyCXKy7Gx%2B62fkdPuQhWalkaV4YUF2fxoCCOKNjKFmqRdo5LuGfqDR9gOqalLwL8NYXf%2FL9VyIzTM7"}],"group":"cf-nel","max_age":604800}
content-type: font/otf
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e70a69d7ccac29f-FRA
cf-request-id: 05fa4676670000c29f083c1000000001

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 75ms
24ms Image
image/gif 54.192.206.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Error%20404%20-%20FunClub%20%7C%20Ruhago%2CBasketball%2CVolleyball%2CAmagare%2Cindi%20Mikino&time=1603510558445&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Ffunclub.rw%2FeSign%2F&random_number=20533523863&sess_cookie=e3786c6e17558ad5eeccdd891dc&sess_cookie_flag=1&user_cookie=e3786c6e17558ad5eeccdd891dc&user_cookie_flag=1&dynamic=true&domain=funclub.rw&account=+i3it1hNdI20fn&jsv=20130128&user_lang=en-US
Requested by: Host: funclub.rw
URL: https://funclub.rw/eSign/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.206.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-206-68.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 14:02:11 GMT
Via: 1.1 d4ed28727dd020fd5850b309fbb1f2f5.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 53595
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: HAM50-C3
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: n0Ri7uxTgGlmH6_kbL3gKi6U7G71mGKlekeN43T7XBHIivoHvoqDxw==

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/ 230 KB
87 KB 50ms
36ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b93041c86419712e621598adda1d9749ce2855af2fd4d952873ef00905922730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88452
x-xss-protection: 0
server: cafe
etag: 16783570891068550005
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Oct 2020 03:35:58 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/ Frame 0095 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201021/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://funclub.rw/eSign/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://funclub.rw/eSign/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Fri, 23 Oct 2020 12:16:25 GMT
expires: Fri, 06 Nov 2020 12:16:25 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 55173
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
19 KB 25ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143968592-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 1210
date: Sat, 24 Oct 2020 03:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Sat, 24 Oct 2020 05:15:48 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
405 B 38ms
12ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=727592214&t=pageview&_s=1&dl=https%3A%2F%2Ffunclub.rw%2FeSign%2F&ul=en-us&de=UTF-8&dt=Error%20404%20-%20FunClub%20%7C%20Ruhago%2CBasketball%2CVolleyball%2CAmagare%2Cindi%20Mikino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1550316794&gjid=420222172&cid=538335532.1603510559&tid=UA-143968592-1&_gid=360464.1603510559&_r=1&gtm=2ouae1&z=982883929

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 24 Oct 2020 03:35:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://funclub.rw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
832 B 34ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=funclub.rw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Oct 2020 03:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
832 B 35ms
14ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=funclub.rw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Oct 2020 03:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 903D 0
0 60ms
60ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8563519530061720&output=html&adk=1812271804&adf=3025194257&lmt=1603510558&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Ffunclub.rw%2FeSign%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603510558465&bpp=15&bdt=204&idt=116&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=594181835653&frm=20&pv=2&ga_vid=538335532.1603510559&ga_sid=1603510559&ga_hid=727592214&ga_fc=0&iag=0&icsg=535055&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2943983718866203&pem=151&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=136

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8563519530061720&output=html&adk=1812271804&adf=3025194257&lmt=1603510558&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Ffunclub.rw%2FeSign%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603510558465&bpp=15&bdt=204&idt=116&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=594181835653&frm=20&pv=2&ga_vid=538335532.1603510559&ga_sid=1603510559&ga_hid=727592214&ga_fc=0&iag=0&icsg=535055&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2943983718866203&pem=151&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=136
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://funclub.rw/eSign/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://funclub.rw/eSign/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 24 Oct 2020 03:35:58 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 24-Oct-2020 03:50:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sat, 24 Oct 2020 03:35:58 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77e75934de7a7d9b475ed5205181eed15c424e1ead2039ada5818432e841bc9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603453024747546"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27565
x-xss-protection: 0
expires: Sat, 24 Oct 2020 03:35:58 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 39ms
24ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201021&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

262240e87471709fcb0f36e5f313e76646007b668901cc99b7565113826284c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Oct 2020 03:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6512
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 03:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601937181905197"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6302
x-xss-protection: 0
expires: Sat, 24 Oct 2020 03:35:59 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame 4A33 0
0 26ms
12ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/218/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://funclub.rw/eSign/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://funclub.rw/eSign/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Fri, 23 Oct 2020 23:28:02 GMT
expires: Sat, 23 Oct 2021 23:28:02 GMT
last-modified: Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14877
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
110 B 15ms
15ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gda_r20201021&jk=2943983718866203&bg=!-Pul-9vNAAVp0lmVaVhQcbJ3sp0WWQIAAABoUgAAAAwKAPTjnF22DVfAp_E3f4TH50n5mMQ6lQ6a0zkuSitDAAqIzGdMTNufozZw4LcpyyREcZWvMa7tldSUqRSMbD9QJk3bZI-lGJQHf0epTCRa8EV6ESCU9EmDYu4bKHIaIlhBFREpNQdwGag3_TeQoezwNGrmqyXNo-_du7GuXalpMZjeqMPiJSbbhTE9_HhpAnKT3HPEva4PZGtdU_d0iRvRgbgHXxsbE7CoTxo1d3yEmLroeqALqN3kirJ0yL91RsVReF-iaUjR2SuLU9GKUUifw6TQxxVlBqg6gH2vZ6RYl6oybtOyEiY2lo5NbZ2mIVcgKV2HU8_VmQGjSHvluBjckkE4chLb7SzwccgIob5xSiNMEusc-Hj2U0vfiOWDoR8yyk_1MzGjiiCjQigwwsTS09JIND3HfCx0p45LLm3bsYhNN0OsMtKcEYoXGa11vd1I2wdX8LByuDB6OW17ydlU4wbmErGaZ-ZpuSt2lE9QQMzJjtG0vKK8fEyK7j1NiLsVIPguPhVnVBk0LJm7xzSVCZ_An5_TtmsTf_9pPyOu_G1sXxXXSAa5JsLAVLd1EBCLsEtVtbsmliKvGpoXFswBlLMGe584TlGentBC6p_KMfVBsvJ51LU6w_IMH607Y8p_UNRWlycRbEGeJj_nBSfYrEdcc6dCMD3nKXB1U1gFJXMVoIFNLzgWVr7lYLPrjtAsxJSVQRZRhvdrnJImhMN6PREqpwqMnp81TIW1c9yv2-NFIWsxRbmUTYxoky3C6KH6zVaTVZE8XEK0dmOUXs_ofwhtudrx94qIUpO2R0uTBrdFE2SK0uDflM32hTHRbBDNXDzRoiY1jamnnhQNdUdvAhKIgZBI-b-ZKrd3mgk-HKdQx6Clowj5T2lnytE

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://funclub.rw/eSign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Oct 2020 03:35:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.funclub.rw/	1970-01-19 13:26:36	Name: _gid Value: GA1.2.360464.1603510559
.funclub.rw/	1970-01-19 22:12:12	Name: __auc Value: e3786c6e17558ad5eeccdd891dc
.funclub.rw/	1970-01-19 13:25:10	Name: _gat_gtag_UA_143968592_1 Value: 1
.funclub.rw/	1970-01-19 13:25:12	Name: __asc Value: e3786c6e17558ad5eeccdd891dc
.doubleclick.net/	1970-01-19 13:25:11	Name: test_cookie Value: CheckForPermission
.funclub.rw/	1970-01-20 06:56:22	Name: _ga Value: GA1.2.538335532.1603510559
.funclub.rw/	1970-01-19 14:08:22	Name: __cfduid Value: d852107b6d09dade53ed8ebfa1a80b3061603510557

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
certify-js.alexametrics.com
certify.alexametrics.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
funclub.rw
googleads.g.doubleclick.net
pagead2.googlesyndication.com
stackpath.bootstrapcdn.com
tpc.googlesyndication.com
url9615.anyvibes.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
143.204.94.77
167.89.118.52
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:3b
2606:4700:3033::ac43:b4ef
2606:4700::6810:125e
2a00:1450:4001:800::2002
2a00:1450:4001:801::200a
2a00:1450:4001:806::2008
2a00:1450:4001:808::2003
2a00:1450:4001:816::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:824::200e
54.192.206.68
031716f8f4775da8abce5728025b86b2ac9dd4e1bca4b01b4de2e4ba126cd24d
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
10fd74f8a0d2a4446db79aa5edcf6c5a3675f94c7360a405615f85a455d28442
15ef3bdcf9b61756713a5d64761b0d8c7e04f2be45bc87701e725451b911fd6b
1a1704500f1fc30b986e460f445fef3abd46d7e96f75ccc3ebaad51b3e3ee30a
1e98a84d201a5ce748c59f64fe3b5341601b863b3fff7d63a045aa6f655edf08
2425ebbc021bfdd18fe55edbeeb1539d22a217212c14430a7d4d75266a333bbc
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
262240e87471709fcb0f36e5f313e76646007b668901cc99b7565113826284c8
2959afd13d46e120e11e93534ac6177501cfab748e8523d1dc20c78a5f902b0b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
47b6fd561fb7f7e5bc53d42ef77a3969685e2265ce1f99fa852144a183274280
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70acc3eb483706f959b170a9cb3c192a55b685f002834b33154047f8b0fbc976
77e75934de7a7d9b475ed5205181eed15c424e1ead2039ada5818432e841bc9f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ac54689f860863a578bbd4318705e0d792dbaed404ae7eaf4879cde857a02a9
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bf249b586427813ae0145fd10d15617604bf420ca73ccade3615f85ffcde9f0
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
922e160c8a5ca6953e502c7448537511661e0dbb21f7fe920fa638d225c520cf
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a61c2ad23fd3eb75a9dde7374794cf493eed3810fe086cdeace1d97acc04e4a3
b93041c86419712e621598adda1d9749ce2855af2fd4d952873ef00905922730
c25c0fe08ab7103a116e4575393bf0a2d2c8ce3441e7b3e5a98c9d7a8cd6458b
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e096db1786e0a7d009bd49022302e1891737fa6d631814f63309359345ca1e1e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40f2671ad4df194e7f6af597dab780ed13d4651c613bde3ccabde35d9f03a2d
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f0c88d0a993d24cf5bf6daadde6341e82011c9f3340c20e75dedca297d3d2b47
f9a6a06221f6af8eef23cb92f8ef979123e5fb7fb84aa0927f92deae576cfe1b
fb1c60505b62218c999ae747448f8364911a4f3d83d04a89c74c9d35b5ec58f9

funclub.rw Open in urlscan Pro 2606:4700:3033::ac43:b4ef Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

100 %HTTPS

79 %IPv6

15 Domains

17 Subdomains

13 IPs

3 Countries

847 kBTransfer

1908 kBSize

7 Cookies

3 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

funclub.rw Open in urlscan Pro
2606:4700:3033::ac43:b4ef Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

100 %
HTTPS

79 %
IPv6

15
Domains

17
Subdomains

13
IPs

3
Countries

847 kB
Transfer

1908 kB
Size

7
Cookies

43 HTTP transactions
0 data transactions