thedemoinservice.com Open in urlscan Pro
2606:4700:3037::6815:393 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cutt.ly/2wg3tcQg
Effective URL:
https://thedemoinservice.com/mx/ad59ada36a812fad0/
Submission: On August 17 via manual (August 17th 2023, 11:05:36 pm UTC) from MX — Scanned from DE

Summary HTTP 57 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 17 domains to perform 57 HTTP transactions. The main IP is 2606:4700:3037::6815:393, located in United States and belongs to CLOUDFLARENET, US. The main domain is thedemoinservice.com.
TLS certificate: Issued by GTS CA 1P5 on August 12th 2023. Valid for: 3 months.

This is the only time thedemoinservice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:1e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:10:... 2606:4700:10::ac43:8ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 19	2606:4700:303... 2606:4700:3037::6815:393	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	137.117.58.204 137.117.58.204	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.156.61.227 108.156.61.227	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
2	20.119.174.243 20.119.174.243	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	64.185.227.156 64.185.227.156	18450 (WEBNX) (WEBNX)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
57	19

1 2606:4700:10::6816:1e8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:8ee (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:3037::6815:393 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

thedemoinservice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 137.117.58.204 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.estafeta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

demo.tutorialzine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.61.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-61-227.ams1.r.cloudfront.net

d33v4339jhl8k0.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.185.227.156 (Los Angeles, United States)

ASN18450 (WEBNX, US)
PTR: 64-185-227-156.static.webnx.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	thedemoinservice.com 3 redirects thedemoinservice.com	477 KB
12	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	288 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1132 r.clarity.ms — Cisco Umbrella Rank: 9181 c.clarity.ms — Cisco Umbrella Rank: 1734	27 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	29 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5345	578 B
3	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 2706	719 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 122	462 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62	21 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1179	35 KB
2	cutt.ly 2 redirects cutt.ly — Cisco Umbrella Rank: 64301	863 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 279	760 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2820	222 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 985	30 KB
1	cloudfront.net d33v4339jhl8k0.cloudfront.net	40 KB
1	tutorialzine.com demo.tutorialzine.com	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	968 B
1	estafeta.com www.estafeta.com — Cisco Umbrella Rank: 278036	6 KB
57	17

	Domain	Requested by
19	thedemoinservice.com	3 redirects thedemoinservice.com
12	www.googletagmanager.com	thedemoinservice.com www.googletagmanager.com
3	www.google.de	thedemoinservice.com
3	fonts.gstatic.com	thedemoinservice.com fonts.googleapis.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	www.google-analytics.com	thedemoinservice.com www.google-analytics.com
2	c.clarity.ms	1 redirects
2	r.clarity.ms	www.clarity.ms
2	maxcdn.bootstrapcdn.com	thedemoinservice.com
2	www.clarity.ms	thedemoinservice.com www.clarity.ms
2	region1.analytics.google.com	www.googletagmanager.com
2	cutt.ly	2 redirects
1	c.bing.com	1 redirects
1	api.ipify.org	thedemoinservice.com
1	code.jquery.com	thedemoinservice.com
1	d33v4339jhl8k0.cloudfront.net	thedemoinservice.com
1	demo.tutorialzine.com	thedemoinservice.com
1	fonts.googleapis.com	thedemoinservice.com
1	www.google.com	thedemoinservice.com
1	www.estafeta.com	thedemoinservice.com
1	www.gstatic.com	thedemoinservice.com
57	21

This site contains links to these domains. Also see Links.

Domain
www.araskargo.com.tr

Subject Issuer	Validity	Valid
thedemoinservice.com GTS CA 1P5	`2023-08-12` - `2023-11-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.estafeta.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-27` - `2024-01-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
tutorialzine.com E1	`2023-08-08` - `2023-11-06`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://thedemoinservice.com/mx/ad59ada36a812fad0/
Frame ID: 85ED9D741D401F33D7D59D851F520B80
Requests: 41 HTTP requests in this frame

Frame: https://thedemoinservice.com/mx/ad59ada36a812fad0/source/index.html
Frame ID: EA93B8F43986C67801704C4A7BAD2309
Requests: 12 HTTP requests in this frame

Frame: https://thedemoinservice.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Frame ID: 56EDE67C6FD3DDC7D8E94AF644FDF97D
Requests: 2 HTTP requests in this frame

Frame: https://thedemoinservice.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Frame ID: CDBEC5A9D6AC56503D8699C672B21181
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Estafeta

Page URL History Show full URLs

http://cutt.ly/2wg3tcQg HTTP 301
https://cutt.ly/2wg3tcQg HTTP 301
https://thedemoinservice.com/mx/ HTTP 302
https://thedemoinservice.com/mx/ad59ada36a812fad0/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

95 %
HTTPS

77 %
IPv6

17
Domains

21
Subdomains

19
IPs

5
Countries

953 kB
Transfer

2095 kB
Size

18
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.araskargo.com.tr/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cutt.ly/2wg3tcQg HTTP 301
https://cutt.ly/2wg3tcQg HTTP 301
https://thedemoinservice.com/mx/ HTTP 302
https://thedemoinservice.com/mx/ad59ada36a812fad0/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://thedemoinservice.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://thedemoinservice.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Request Chain 49

https://thedemoinservice.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://thedemoinservice.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Request Chain 51

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F106636405394620955B15175A892234&RedC=c.clarity.ms&MXFR=0E0F63338E9162172ED370438A916CCB HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F106636405394620955B15175A892234&MUID=2EE09DACAAA0665520008EDCAB7267F4

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
thedemoinservice.com/mx/ad59ada36a812fad0/
Redirect Chain

http://cutt.ly/2wg3tcQg
https://cutt.ly/2wg3tcQg
https://thedemoinservice.com/mx/
https://thedemoinservice.com/mx/ad59ada36a812fad0/

121 KB
21 KB

172ms
171ms

Document
text/html

2606:4700:3037::6815:393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 426ba77d98172f7f96da66e022728ab3fcab94e616cf7b7e8e5c0d81c337576d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f858feeaf76bbd7-FRA
content-encoding: br
content-type: text/html
date: Thu, 17 Aug 2023 23:05:30 GMT
last-modified: Thu, 17 Aug 2023 15:42:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rc33NVnkIpWbZJHVkZFI2sy1SywPE3x6iRMXVDxO6B%2FAnRBXdE7OVSs7eIuWDrhzhWvrqCQ1wcmRp0ZVwXs8lz6fcvW3%2BYAp3iu6DIUmGcY9zsL7DvMZYayHDQ4pp1tZRirz4t%2BTE9%2FMSkwmQujlgI6fQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f858febec1ebbd7-FRA
content-type: text/html; charset=UTF-8
date: Thu, 17 Aug 2023 23:05:30 GMT
location: ad59ada36a812fad0/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ghs0R2kb0kmEAcvj2buepbG8xjbOL941UJ%2F%2B5EtxzryhPILp9nhDPXzyHzTudytFtf3FBqs6bCRYC04X1I49s00Tv%2FElrr2n37dOxEvbv2M701CqzcE%2Fvp15ETUWPhgg0EpG13XJVXF2CF9qFl%2F2A%2FPsmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
x-powered-by: PHP/7.0.33

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 17 Aug 2023 21:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4867
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 17 Aug 2023 23:44:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 177 KB
65 KB 43ms
21ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-8037954-1&l=dataLayer&cx=c

Requested by

Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b40e7288c0c75dbce2df04fb4c8d08d82efb6400bc3e9f872699a26f49f4f786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66144
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 22:21:39 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Aug 2023 23:05:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 160 KB
59 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PC2TX6J

Requested by

Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9e3d431a63554f1c6ba5881f2502183c5cd59c7dc77f2aaa7f75f5fa36c4833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59859
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 22:21:39 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Aug 2023 23:05:30 GMT

GET
H3 200 js Show response
thedemoinservice.com/mx/ad59ada36a812fad0/index_files/ 242 KB
243 KB 319ms
319ms Script
text/plain 2606:4700:3037::6815:393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/index_files/js
Requested by: Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c7ca88164b9bfea7c25524a39047d090f9798724efd79e387ed5d575dd946e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/mx/ad59ada36a812fad0/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 17 Aug 2023 08:10:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3c971-60319f1705300"
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWiiWlIgggVLyWiiYv02f%2FbYFwvqUm7LAiHsKTrW2UP%2BKQZkOJgohTzzcwwDurd4Usl%2BT%2BA%2BWKZeCJxwULPrZH8PRLxA458Jnsno02k3lSswCmTJM1jSSiGoVsNKgg%2B%2BVbcnkK%2FJN7ru5EiVAYb8PsM7FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7f858ff08ec09007-FRA
alt-svc: h3=":443"; ma=86400
content-length: 248177

GET
H3 200 analytics.js.download Show response
thedemoinservice.com/mx/ad59ada36a812fad0/index_files/ 49 KB
21 KB 346ms
345ms Script
application/javascript 2606:4700:3037::6815:393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/index_files/analytics.js.download
Requested by: Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/mx/ad59ada36a812fad0/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 17 Aug 2023 08:10:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c43a-60319f1705300-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDkt%2ByW2rZH4rYe99YLAr7dP0FV3DoQt6edVcaNksKte8n4d17%2F7kzqJv9oRffzxrLFwJA2ZOWJ1X3bruxiGAjah2FUaEcUR%2BFh5kqzTMQULeQK7m0NUXXyBdXnYB%2FQqND%2FbzkXQQPrvqJpyb4rX0NK5og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7f858ff0cee09007-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gtm.js.download Show response
thedemoinservice.com/mx/ad59ada36a812fad0/index_files/ 99 KB
39 KB 175ms
174ms Script
application/javascript 2606:4700:3037::6815:393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/index_files/gtm.js.download
Requested by: Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14fc784e254479ca42dea6012c8b08033001618f683c8786a1a084af57d5da09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/mx/ad59ada36a812fad0/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 17 Aug 2023 08:10:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"18ae7-60319f1705300-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2sSVAi7PLsW3sqwfGnmHJAHWroL%2FSHeQ4n3u0KSQ8gPF9nR2I9fA3Jw9gyzs8W3Ps3CwZwLGnUx7yEv0rUFUwA4hAk6UjrHXTvpdNnkE6g7fjyBSVdQGEul4dlsxaUlMCoJOAPOPVHTeMfP%2F2gONLxG3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7f858ff0cee19007-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 js(1) Show response
thedemoinservice.com/mx/ad59ada36a812fad0/index_files/ 112 KB
113 KB 347ms
345ms Script
text/plain 2606:4700:3037::6815:393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/index_files/js(1)
Requested by: Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 572d9d21ca252f50deb992e706f0c30b17ee54f1829f790ceb3b69ab9484159d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/mx/ad59ada36a812fad0/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 17 Aug 2023 08:10:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1c0b1-60319f1705300"
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5Gy8WNWI%2F76QS1wEHGis90AB7TDTj%2Fmfcqi4yZVac%2B%2BUIvRP3IXYu7HU0SHXXNHAvXxlJqJTd1te9XdqFO%2B4CfFo9pzujrW0jOpnUf4JN1jzXuESuvnVb7R8vzK5RgkmVhnChjx2wTYaH8euqnBWFZvPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7f858ff0cee29007-FRA
alt-svc: h3=":443"; ma=86400
content-length: 114865

GET
H3 200 styles.f36a28b250612bd0.css
thedemoinservice.com/mx/ad59ada36a812fad0/index_files/ 145 KB
23 KB 510ms
510ms Stylesheet
text/css 2606:4700:3037::6815:393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/index_files/styles.f36a28b250612bd0.css
Requested by: Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 308cfefc405ad9f725f724c387dd928f026c8102602ca35bd8a96146d51e6a1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/mx/ad59ada36a812fad0/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Aug 2023 08:18:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"244c8-6031a0f3db800-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWySpzkRZ%2BRwrGN8d%2BLUgRAdQ2eRecMitUIuJtZJ1egfJkkkoDQlWte%2FtNltS3fBygBoss83%2FygJMZoeDBoC5x4koe%2F8Qbq24FsmZMYTEDCNRcn6Fh9nCi511hoI%2FCXkHJTnP6i8FiaIK0O00Xp3OiT%2BOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7f858fefce409007-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
76 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GNM0R0Q0YE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-8037954-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1fdaf8bf2f13a98f0a0bbf09c8b4b58e4c9ec9447f6ad225fcc3973842e911da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77908
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 17 Aug 2023 23:05:31 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 17ms
16ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2117456698&t=pageview&_s=1&dl=https%3A%2F%2Fthedemoinservice.com%2Fmx%2Fad59ada36a812fad0%2F&ul=en-us&de=UTF-8&dt=Estafeta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAUABEAAAACAAI~&jid=1585270393&gjid=1587687421&cid=2106379246.1692313531&tid=UA-8037954-1&_gid=518585600.1692313531&_r=1&gtm=457e38g0&jsscut=1&z=1742784884

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedemoinservice.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 23:05:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thedemoinservice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 66ms
21ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-8037954-1&cid=2106379246.1692313531&jid=1585270393&gjid=1587687421&_gid=518585600.1692313531&_u=aEBAAUAAEAAAACAAI~&z=1077557889

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedemoinservice.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 17 Aug 2023 23:05:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thedemoinservice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
88 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K8JS0LKB40&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC2TX6J

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e3e9f9be644121a39517c698c7eeaad11f022dc450e30ac0969159c74334a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89847
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 17 Aug 2023 23:05:31 GMT

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/ 25 KB
5 KB 35ms
6ms Stylesheet
text/css 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/m=el_main_css

Requested by

Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7db470720bc87269e9bf81c2da2649d4f59d54eb54ca5ed4547855758d6688a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 15:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4396
x-xss-protection: 0
last-modified: Sun, 12 Mar 2023 00:11:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 15:31:42 GMT

GET
H2 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
4 KB 32ms
5ms Image
image/svg+xml 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Requested by

Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 03:30:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Aug 2024 03:30:47 GMT

GET
H3 200 index.html Show response
thedemoinservice.com/mx/ad59ada36a812fad0/source/ Frame EA93 9 KB
3 KB 346ms
345ms Document
text/html 2606:4700:3037::6815:393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/source/index.html
Requested by: Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cfa0b1a4b3fb4b7bac8b6aae59f2b43f56946908cd4f19d899156e4c9604908

Request headers

Referer: https://thedemoinservice.com/mx/ad59ada36a812fad0/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f858ff0dee99007-FRA
content-encoding: br
content-type: text/html
date: Thu, 17 Aug 2023 23:05:31 GMT
last-modified: Thu, 17 Aug 2023 15:48:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5LddCVEKW3bvrXvzyoQGpHfTW59YvHu%2FGQH7vUaMt19DdhpvTHvKkgaiaAQv%2FSi9ID%2F6P8VcKdsPIqaliwYVxsaZycDn7CHTLk0J8cwmCLwF83dC0deBTr2Mp%2BMUOthXBu0g5Rq5bP%2BCNA9ANDJt4ax7%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

GET
H/1.1 200
OK logotipo-estafeta.svg
www.estafeta.com/-/media/Images/Estafeta/Brand/ 5 KB
6 KB 937ms
114ms Image
image/svg+xml 137.117.58.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.estafeta.com/-/media/Images/Estafeta/Brand/logotipo-estafeta.svg?la=es&hash=8921A2FC9CD511FCE66DB199D611F5205497DF86
Requested by: Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.117.58.204 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbc19bfa71f640d8cc998597c921aad4e7b9e914f95051db4d4e15feb42019f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 23:05:31 GMT
Last-Modified: Fri, 23 Jun 2017 20:30:40 GMT
ETag: 02d7cc54d3304937ac094ea751e47786
Content-Type: image/svg+xml
Cache-Control: public, max-age=604800
Content-Disposition: inline; filename="logotipo-estafeta.svg"
Accept-Ranges: bytes
Content-Length: 5298
Expires: Thu, 24 Aug 2023 23:05:31 GMT

GET
H3 200 menu-search.svg
thedemoinservice.com/mx/ad59ada36a812fad0/index_files/ 419 B
726 B 327ms
326ms Image
image/svg+xml 2606:4700:3037::6815:393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/index_files/menu-search.svg
Requested by: Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adc2ced09b773785c30a344ef321eb13f63dc5bde15cf59d16e304e42018f063

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/mx/ad59ada36a812fad0/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Aug 2023 08:10:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1a3-60319f1705300-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDb6TGPE4M79xsaLCiQYfPIMXPzs%2Fkp3dqRFpQkA15XgvkRg29wLM1Q2MiWP7110AR90pOlEiu60efx%2B30UnO2lFAOSi1ZFyjlVTBhr7HtLfdnCENGi93M6RPrMJ5labLk%2BYNvh1%2F%2FyXKmnhnCnF1cPFAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7f858ff0dee69007-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 menu-close.svg
thedemoinservice.com/mx/ad59ada36a812fad0/index_files/ 341 B
682 B 326ms
325ms Image
image/svg+xml 2606:4700:3037::6815:393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/index_files/menu-close.svg
Requested by: Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 184216e403ca61fe8f6a045a49561524ac23b975c06040b8c36a00b3574df36f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/mx/ad59ada36a812fad0/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Aug 2023 08:10:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"155-60319f1705300-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7SaDMLKpcCb48qniKcSDXvtIiTRC2zvPhOWKF7VDG24Lc2Iwb1gmQsWowxxJvZ08vLTWDc%2BaVPv24xsXpRx7qlNSrhZ8x%2F9tF7NRT0ovFhYFXbm2%2Be4btGzN6kStyCICJNV0V%2BsFrFoQSNY1L%2FqSe92gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7f858ff0dee89007-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 43ms
17ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8037954-1&cid=2106379246.1692313531&jid=1585270393&_u=aEBAAUAAEAAAACAAI~&z=1565748359

Requested by

Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 23:05:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 45ms
18ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8037954-1&cid=2106379246.1692313531&jid=1585270393&_u=aEBAAUAAEAAAACAAI~&z=1565748359

Requested by

Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 23:05:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 37ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K8JS0LKB40&gtm=45je38g0&_p=2117456698&_gaz=1&gcs=G1--&cid=2106379246.1692313531&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692313531&sct=1&seg=0&dl=https%3A%2F%2Fthedemoinservice.com%2Fmx%2Fad59ada36a812fad0%2F&dt=Estafeta&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8JS0LKB40&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 23:05:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thedemoinservice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 24ms
24ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K8JS0LKB40&cid=2106379246.1692313531&gtm=45je38g0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8JS0LKB40&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 23:05:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thedemoinservice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 17ms
16ms Image
text/html 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-K8JS0LKB40&v=3&t=t&pid=1425872367&cv=1&rv=38g0&tc=16&es=1&e=gtm.init_consent&eid=-1&u=AAAAAIA&ut=AABA&h=Ag&dl=thedemoinservice.com%2Fmx%2Fad59ada36a812fad0%2F&tdp=G-K8JS0LKB40;105757647;1;2;0&z=0

Requested by

Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 td
www.googletagmanager.com/ 0
15 B 15ms
13ms Image
image/gif 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=G-K8JS0LKB40&v=3&t=t&pid=1425872367&cv=1&rv=38g0&tc=16&es=1&e=gtm.init_consent&eid=-1&u=AAAAAIA&ut=AABA&h=Ag&dl=thedemoinservice.com%2Fmx%2Fad59ada36a812fad0%2F&tdp=G-K8JS0LKB40;105757647;1;2;0&z=0
Requested by: Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 23:05:31 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 31ms
29ms Image
text/html 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-K8JS0LKB40&v=3&t=t&pid=1425872367&cv=1&rv=38g0&tc=16&es=1&e=gtm.init&eid=0&u=AAAAAIA&ut=AABA&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemform.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdautoredact.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0

Requested by

Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K8JS0LKB40&cid=2106379246.1692313531&gtm=45je38g0&aip=1&z=1989762116

Requested by

Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 23:05:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 31ms
30ms Image
text/html 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-K8JS0LKB40&v=3&t=t&pid=1425872367&cv=1&rv=38g0&tc=16&es=1&e=gtag.config&eid=1&u=AAAAAIAAAAAAACA&ut=AABA&h=Ag&epr=1G.2G&tr=1gct&ti=1gct&z=0

Requested by

Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 27ms
27ms Image
text/html 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-K8JS0LKB40&v=3&t=t&pid=1425872367&cv=1&rv=38g0&tc=16&es=1&e=gtag.config&eid=2&u=AAAAAIAAAAAAACA&ut=AABA&h=Ag&z=0

Requested by

Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 24ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thedemoinservice.com/
Origin: https://thedemoinservice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:04:13 GMT
x-content-type-options: nosniff
age: 36078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:07:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Aug 2024 13:04:13 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 24ms
23ms Image
text/html 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-K8JS0LKB40&v=3&t=t&pid=1425872367&cv=1&rv=38g0&tc=16&e=gtm.init&eid=0&u=AAAAAIAAAAAAACA&ut=AABA&h=Ag&tr=5ogt1pdatav2.5ccdgafirst.5setproductsettings.5ogtgooglesignals.5ccdgaregscope.5ccdemdownload.5ccdemform.5ccdemoutboundclick.5ccdempageview.5ccdemscroll.5ccdemsitesearch.5ccdemvideo.5ccdconversionmarking.5ccdautoredact.5ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0

Requested by

Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GNM0R0Q0YE&gtm=45je38g0&_p=2117456698&_gaz=1&gcs=G1--&cid=2106379246.1692313531&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1692313531&sct=1&seg=0&dl=https%3A%2F%2Fthedemoinservice.com%2Fmx%2Fad59ada36a812fad0%2F&dt=Estafeta&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GNM0R0Q0YE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 23:05:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thedemoinservice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 21ms
21ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GNM0R0Q0YE&cid=2106379246.1692313531&gtm=45je38g0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GNM0R0Q0YE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 23:05:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thedemoinservice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 19ms
18ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GNM0R0Q0YE&cid=2106379246.1692313531&gtm=45je38g0&aip=1&z=1743623309

Requested by

Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 23:05:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i2ofhwl15k Show response
www.clarity.ms/tag/ 699 B
1 KB 119ms
100ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/i2ofhwl15k
Requested by: Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0fd46152641a6af5525abe6e4743b0526eac280dd5bfccdc333767c6ee56fa36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: -1
date: Thu, 17 Aug 2023 23:05:31 GMT
x-azure-ref: 20230817T230531Z-m3ttdq9ukx37p73zw089zmy9n4000000019g00000003vyhv
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 699
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.10/ 57 KB
24 KB 16ms
15ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.10/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/i2ofhwl15k
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
content-encoding: br
last-modified: Wed, 16 Aug 2023 12:51:31 GMT
etag: W/"0x8DB9E5783BA2A13"
vary: Accept-Encoding
x-azure-ref: 20230817T230531Z-m3ttdq9ukx37p73zw089zmy9n4000000019g00000003vykg
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 5ce8d1ae-801e-0077-5555-d0fb4f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ Frame EA93 141 KB
22 KB 36ms
17ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/source/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 617, 617
age: 13006373
cdn-cachedat: 2021-06-08 14:12:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e13cf0fb78f8eca91592f801b0f3a0eb
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 7f858ff348029136-FRA
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ Frame EA93 2 KB
968 B 39ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/source/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d243481a66bdffbe09bc2f74f8f1b57714dcd20963e8703c1372716d3fe689a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 17 Aug 2023 23:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 22:54:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Aug 2023 23:05:31 GMT

GET
H2 200 payment.css
demo.tutorialzine.com/2018/02/freebie-2-beautiful-checkout-forms/assets/css/ Frame EA93 2 KB
1 KB 150ms
103ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://demo.tutorialzine.com/2018/02/freebie-2-beautiful-checkout-forms/assets/css/payment.css
Requested by: Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/source/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 653e1c8e5c77bd94649b6db1e07147eb8c368b9d8da6714b361c99a6facdc2bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 Jun 2020 10:56:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5ed4dee5-91f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8yC3J73hndvxmqyrIFXCb%2B14S25H5nCkibtQPIHHbgv05%2FKPONUJZMBv1%2BUTo8c4F0NAWHuxvUpSHYywDWUa7nkU0It%2BRNEN49ckYOAv0pWTHobm9bvMPT1D%2Fj60bY1%2FezhBF1J9d8NDHFyalTGkcgPcEk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7f858ff37cc71e4b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.js Show response
thedemoinservice.com/mx/ad59ada36a812fad0/source/js/ Frame EA93 2 KB
1 KB 318ms
317ms Script
application/javascript 2606:4700:3037::6815:393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/source/js/main.js
Requested by: Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/source/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b715344944430a28b563b569b395b2a11958c792a4f45b1d5d4d2496888e155f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/mx/ad59ada36a812fad0/source/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Aug 2023 11:28:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"83d-6031cb4f22680-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSSRq758UrbSpXbcn5tudI5986pf3qwhAseOusZqfbsoG2pUX8lQTvSYJTuh0kysRwh0gACnyFD77t6J2N1kn1O4UOp2YYeTRzJ3iBBRJUU8FDaHgyDR%2Ff7hZecUfEIXQqyLAj1d%2FHoG0Lbr%2BxlKuBTrGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f858ff3384f9007-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jq.js Show response
thedemoinservice.com/mx/ad59ada36a812fad0/source/js/ Frame EA93 2 KB
906 B 325ms
324ms Script
application/javascript 2606:4700:3037::6815:393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/source/js/jq.js
Requested by: Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/source/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f12f8f25837d24afb18fc85977db8d1bbb897411f9fa54eb85e1fe80c802edd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/mx/ad59ada36a812fad0/source/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Aug 2023 11:28:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6ac-6031cb6da6e80-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0F5JH2Lv2Xs9WMlgdzcxVRb%2BjVCuYlq2HT%2FHdKeyyDQBTTBCxVlDJwLdQtnVrj3TzhmVpwt2ywJthHcwmInZOpKBsawxLP84ETI0uOQknP3j7vU9OHl%2BMkq0cQSryvuFyoGv5oZrrZheGhDtjD3evl1Dkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f858ff338509007-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 preload.js Show response
thedemoinservice.com/mx/ad59ada36a812fad0/source/js/ Frame EA93 229 B
646 B 321ms
320ms Script
application/javascript 2606:4700:3037::6815:393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/source/js/preload.js
Requested by: Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/source/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3d34aa3e66b335dcd5a8564b2a52f48612434e3e3ee87abfa7613f04084f97b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/mx/ad59ada36a812fad0/source/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Aug 2023 08:10:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e5-60319f1705300-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lgqmwh2VUqbmpsvVj8%2BaxS25%2BrB8cGso6rMRwBW9rZeb4zkkJ9qFOP5irvinsShujiMaEg111Fh%2FteokV8xtnkMGIblNpUEN4%2B5MJH%2FLfG5HG8NwlCxCObWhH2HKLLuaqn3mqcaScU4VjsVael31WS82Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f858ff338519007-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 file-LntcohjLaE.jpg
d33v4339jhl8k0.cloudfront.net/docs/assets/58dc0d15dd8c8e5c5730f697/images/5cb71e8d0428631d263c3f07/ Frame EA93 39 KB
40 KB 75ms
15ms Image
image/jpeg 108.156.61.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33v4339jhl8k0.cloudfront.net/docs/assets/58dc0d15dd8c8e5c5730f697/images/5cb71e8d0428631d263c3f07/file-LntcohjLaE.jpg
Requested by: Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/source/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-227.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d2074604d31a78f2ef846bb34df1fb0e842c12f8975763230dcd258952cda6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 16:47:44 GMT
via: 1.1 a5b856e4b06666713c5cc47a5b2ec7ae.cloudfront.net (CloudFront)
last-modified: Wed, 17 Apr 2019 12:39:42 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 22668
x-amz-server-side-encryption: AES256
etag: "6cacdb2e1fd2f1be2674bf6c2ab8b55e"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 40232
x-amz-cf-id: 0SNphdk64eaIv1RDdmyqsC7jeL660dICEaWybcONN03ESWPN4xy0eQ==

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ Frame EA93 85 KB
30 KB 27ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/source/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-15283"
vary: Accept-Encoding
x-hw: 1692313531.dop261.fr8.t,1692313531.cds330.fr8.hn,1692313531.cds133.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ Frame EA93 48 KB
13 KB 16ms
15ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/source/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 617, 617, 617
age: 17680225
cdn-cachedat: 2021-06-08 14:29:21
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 395e10f82368220a7b7579d8f1c28956
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 7f858ff539949136-FRA
cdn-requestpullsuccess: True

GET
H3

200

invisible.js Show response
thedemoinservice.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame 56ED
Redirect Chain

https://thedemoinservice.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://thedemoinservice.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

7 KB
4 KB

11ms
11ms

Script
application/javascript

2606:4700:3037::6815:393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thedemoinservice.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Requested by

Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/

Protocol

Server

2606:4700:3037::6815:393 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

086b9f9c3fd1adc0a45fde5b1d6a0edb92be1d2802013fb5a63c45cdc36aa03b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MO%2BGap04wza8XnEmLx9RySBOoUangRleNooRZHdprmDDU%2FQ%2Bvhc%2BGmW7RPFH0WgwH0RFJHKGhRNhmHUPYmJpASnnGyBrc11Z1hHAXxzJTUYaSA%2FoezlGVvipWlVhJV4dBRidhZ%2FpSLofCtixQLVUoVQWUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7f858ff368749007-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 17 Aug 2023 23:05:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iu6NQ6O6yV25CRsse3hL7i8A9tM652gOY6HZPuFccYVjaCQT97p8B8%2B4xtuFb36vEDcdwm6kGsugWru3ETJtOHAmHBtvidZfDODhkzvMYvwsps%2BfFNq6n50e9DC8pRg%2FaDlz6fRyFdjcNXsI7ckl30GP0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7f858ff358699007-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 7f858feeaf76bbd7 Show response
thedemoinservice.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 56ED 0
570 B 25ms
24ms XHR
text/plain 2606:4700:3037::6815:393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedemoinservice.com/cdn-cgi/challenge-platform/h/g/cv/result/7f858feeaf76bbd7
Requested by: Host: thedemoinservice.com
URL: https://thedemoinservice.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjrFYzryCQukTwnurPe2HnAgQ0nDdcnf1Y7myrblEkvopBRf7dY4UtJfZDTR%2F8jDot0S%2F%2BlYh0iCHtHxCdeA%2FFpcH2EvBwDm4whJuqocJxetBZGy2%2BBmkCwjeWiuj389EWQmAjyaLPgbd6DXqCpAbPrY9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7f858ff4490c9007-FRA
alt-svc: h3=":443"; ma=86400

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
300 B 412ms
196ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://thedemoinservice.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://thedemoinservice.com
Date: Thu, 17 Aug 2023 23:05:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H/1.1 200
OK / Show response
api.ipify.org/ Frame EA93 22 B
222 B 290ms
96ms Fetch
application/json 64.185.227.156
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/source/js/preload.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.185.227.156 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-227-156.static.webnx.com
Software: nginx/1.25.1 /
Resource Hash: 801a21c71663d5a32b9439e16e451cdf35401e612cd64733ebc75181929a4221

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 17 Aug 2023 23:05:31 GMT
Server: nginx/1.25.1
Connection: keep-alive
Content-Length: 22
Vary: Origin
Content-Type: application/json

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame EA93 12 KB
12 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thedemoinservice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 06:25:13 GMT
x-content-type-options: nosniff
age: 492018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12708
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 06:25:13 GMT

GET
H3

200

invisible.js Show response
thedemoinservice.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame CDBE
Redirect Chain

https://thedemoinservice.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://thedemoinservice.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

7 KB
4 KB

12ms
11ms

Script
application/javascript

2606:4700:3037::6815:393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thedemoinservice.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Requested by

Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/source/index.html

Protocol

Server

2606:4700:3037::6815:393 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abe998909481477cdf83f3d1c116f81f509d7d4336ef851511df7b000ed9c302

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:31 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivJdouN9ZcZBPUoLB2soJVVuKmFHjed1IJBilC0RnJadZxshpG%2BRkQfw9kIh7JYpiQAUB2TYjnPaTXbN%2BFxyQGnGKoHuQXEn%2Fm1hMItEaVjxpiB6ru3RKyrC%2FcL4cH4%2Bfghy9qwnfpQdeXCj9xA1GivkiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7f858ff5ba0c9007-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 17 Aug 2023 23:05:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmQuNvsWWo7p9va3183zf63xvk6wd5kdZh1FH11TdKfWbEuNfzhftn0qqU0eEwN7PX7BGUHVvASWqjw6YCZqizuuWKS9IK4INnMjpISAXc5lmrXNtMSQb4JIq381pSMLBx1JhieQIuBKpdeFJNAYFznTTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7f858ff599ff9007-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 7f858ff0dee99007 Show response
thedemoinservice.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame CDBE 0
567 B 20ms
19ms XHR
text/plain 2606:4700:3037::6815:393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thedemoinservice.com/cdn-cgi/challenge-platform/h/g/cv/result/7f858ff0dee99007
Requested by: Host: thedemoinservice.com
URL: https://thedemoinservice.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 17 Aug 2023 23:05:32 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RW%2Fca51fmZeAI685c0eYg9DNI34dqXgnt46hc0U3Uh90dbUjFoFEZP1vcBNCmv4Afy0pvcBNtLUlbJPkDt7B1%2BEqRGPdpDTSl9VmD74Pt3VCrGeaVDMjSUMC8Zbm8VEM4F9t3NFbJyocJZCpwovEqaljxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7f858ff70af39007-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F106636405394620955B15175A892234&RedC=c.clarity.ms&MXFR=0E0F63338E9162172ED370438A916CCB
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F106636405394620955B15175A892234&MUID=2EE09DACAAA0665520008EDCAB7267F4

42 B
442 B

28ms
27ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F106636405394620955B15175A892234&MUID=2EE09DACAAA0665520008EDCAB7267F4
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 23:05:31 GMT
last-modified: Tue, 06 Jun 2023 17:31:23 GMT
server: Microsoft-IIS/10.0
etag: "dca6ffb69c98d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 23:05:31 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6D514E318FC44EA98093B12B1144DD06 Ref B: FRAEDGE1222 Ref C: 2023-08-17T23:05:32Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F106636405394620955B15175A892234&MUID=2EE09DACAAA0665520008EDCAB7267F4
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
13ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-K8JS0LKB40&gtm=45je34a0&_p=2117456698&gcs=G1--&cid=2106379246.1692313531&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692313531&sct=1&seg=1&dl=https%3A%2F%2Fthedemoinservice.com%2Fmx%2Fad59ada36a812fad0%2F&dt=Estafeta&en=page_view
Requested by: Host: thedemoinservice.com
URL: https://thedemoinservice.com/mx/ad59ada36a812fad0/index_files/js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 23:05:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thedemoinservice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 18ms
17ms Image
text/html 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-K8JS0LKB40&v=3&t=t&pid=1425872367&cv=1&rv=38g0&tc=16&es=1&e=gtm.load&eid=10&u=AgAAAIAAAAAAACA&ut=AABA&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:32 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 15ms
14ms Image
text/html 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-K8JS0LKB40&v=3&t=t&pid=1425872367&cv=1&rv=38g0&tc=16&es=1&e=*&eid=18&u=AgAAAIAAAAAAACA&ut=AABA&h=Ag&epr=1G.2G.1G.2G&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thedemoinservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 23:05:32 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
300 B 99ms
97ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://thedemoinservice.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://thedemoinservice.com
Date: Thu, 17 Aug 2023 23:05:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cutt.ly/	1969-12-31 23:59:59	Name: PHPSESSID Value: n00apb5vfpuebuatfbsq0n11kf
.thedemoinservice.com/	1970-01-20 14:06:39	Name: _gid Value: GA1.2.518585600.1692313531
.thedemoinservice.com/	1970-01-20 14:05:13	Name: _gat_gtag_UA_8037954_1 Value: 1
.thedemoinservice.com/	1970-01-20 23:41:13	Name: _ga Value: GA1.1.2106379246.1692313531
.thedemoinservice.com/	1970-01-20 23:41:13	Name: _ga_GNM0R0Q0YE Value: GS1.1.1692313531.1.0.1692313531.60.0.0
www.clarity.ms/	1970-01-20 22:50:49	Name: CLID Value: 4d49cb422e474dc2a59525f966db4b6b.20230817.20240816
.thedemoinservice.com/	1970-01-20 22:50:49	Name: _clck Value: 1cfyt27\|2\|fe8\|0\|1324
.www.estafeta.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 31bc3c7203b4268bc47013b5a972dcdc3ce01d1029ed203c4c9078c48a5e377f
.thedemoinservice.com/	1970-01-20 22:50:49	Name: cf_clearance Value: VvOn9x0YvSpEzNRjbl4FnJmqCKgSxB3jUAXNnUI0vEo-1692313532-0-1-44e038f1.d1f0edb9.16404a6-0.2.1692313532
.thedemoinservice.com/	1970-01-20 14:06:39	Name: _clsk Value: 1rtaqir\|1692313532126\|1\|1\|r.clarity.ms/collect
.thedemoinservice.com/	1970-01-20 23:41:13	Name: _ga_K8JS0LKB40 Value: GS1.1.1692313531.1.1.1692313532.59.0.0
.bing.com/	1970-01-20 23:26:49	Name: MUID Value: 2EE09DACAAA0665520008EDCAB7267F4
.c.bing.com/	1970-01-20 14:15:18	Name: MR Value: 0
.c.bing.com/	1970-01-20 23:26:49	Name: SRM_B Value: 2EE09DACAAA0665520008EDCAB7267F4
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 23:26:49	Name: MUID Value: 2EE09DACAAA0665520008EDCAB7267F4
.c.clarity.ms/	1970-01-20 14:15:18	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 14:05:14	Name: ANONCHK Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
c.bing.com
c.clarity.ms
code.jquery.com
cutt.ly
d33v4339jhl8k0.cloudfront.net
demo.tutorialzine.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
r.clarity.ms
region1.analytics.google.com
stats.g.doubleclick.net
thedemoinservice.com
www.clarity.ms
www.estafeta.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
108.156.61.227
137.117.58.204
20.119.174.243
2001:4860:4802:32::36
2001:4de0:ac18::1:a:3b
2606:4700:10::6816:1e8
2606:4700:10::ac43:8ee
2606:4700:3037::6815:393
2606:4700::6812:bcf
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:803::2008
2a00:1450:4001:806::2004
2a00:1450:4001:809::2003
2a00:1450:4001:810::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:400c:c07::9d
2a06:98c1:3120::3
64.185.227.156
68.219.88.97
086b9f9c3fd1adc0a45fde5b1d6a0edb92be1d2802013fb5a63c45cdc36aa03b
0fd46152641a6af5525abe6e4743b0526eac280dd5bfccdc333767c6ee56fa36
14fc784e254479ca42dea6012c8b08033001618f683c8786a1a084af57d5da09
184216e403ca61fe8f6a045a49561524ac23b975c06040b8c36a00b3574df36f
1cfa0b1a4b3fb4b7bac8b6aae59f2b43f56946908cd4f19d899156e4c9604908
1fdaf8bf2f13a98f0a0bbf09c8b4b58e4c9ec9447f6ad225fcc3973842e911da
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
308cfefc405ad9f725f724c387dd928f026c8102602ca35bd8a96146d51e6a1c
426ba77d98172f7f96da66e022728ab3fcab94e616cf7b7e8e5c0d81c337576d
572d9d21ca252f50deb992e706f0c30b17ee54f1829f790ceb3b69ab9484159d
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
653e1c8e5c77bd94649b6db1e07147eb8c368b9d8da6714b361c99a6facdc2bd
6c7ca88164b9bfea7c25524a39047d090f9798724efd79e387ed5d575dd946e4
7d2074604d31a78f2ef846bb34df1fb0e842c12f8975763230dcd258952cda6e
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7db470720bc87269e9bf81c2da2649d4f59d54eb54ca5ed4547855758d6688a0
801a21c71663d5a32b9439e16e451cdf35401e612cd64733ebc75181929a4221
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e3e9f9be644121a39517c698c7eeaad11f022dc450e30ac0969159c74334a25
9f12f8f25837d24afb18fc85977db8d1bbb897411f9fa54eb85e1fe80c802edd
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
abe998909481477cdf83f3d1c116f81f509d7d4336ef851511df7b000ed9c302
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
adc2ced09b773785c30a344ef321eb13f63dc5bde15cf59d16e304e42018f063
b40e7288c0c75dbce2df04fb4c8d08d82efb6400bc3e9f872699a26f49f4f786
b715344944430a28b563b569b395b2a11958c792a4f45b1d5d4d2496888e155f
c9e3d431a63554f1c6ba5881f2502183c5cd59c7dc77f2aaa7f75f5fa36c4833
cbc19bfa71f640d8cc998597c921aad4e7b9e914f95051db4d4e15feb42019f3
d243481a66bdffbe09bc2f74f8f1b57714dcd20963e8703c1372716d3fe689a5
d3d34aa3e66b335dcd5a8564b2a52f48612434e3e3ee87abfa7613f04084f97b
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

thedemoinservice.com Open in urlscan Pro 2606:4700:3037::6815:393 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

95 %HTTPS

77 %IPv6

17 Domains

21 Subdomains

19 IPs

5 Countries

953 kBTransfer

2095 kBSize

18 Cookies

1 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

thedemoinservice.com Open in urlscan Pro
2606:4700:3037::6815:393 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

95 %
HTTPS

77 %
IPv6

17
Domains

21
Subdomains

19
IPs

5
Countries

953 kB
Transfer

2095 kB
Size

18
Cookies

57 HTTP transactions
0 data transactions