www.ramadan2020.app Open in urlscan Pro
142.250.186.147 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ramadan2020.app/
Submission: On October 25 via manual (October 25th 2021, 5:11:25 pm UTC) from EG — Scanned from DE

Summary HTTP 79 Redirects Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 43 domains to perform 79 HTTP transactions. The main IP is 142.250.186.147, located in United States and belongs to GOOGLE, US. The main domain is www.ramadan2020.app.
TLS certificate: Issued by GTS CA 1D4 on September 20th 2021. Valid for: 3 months.

This is the only time www.ramadan2020.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	142.250.186.147 142.250.186.147	15169 (GOOGLE) (GOOGLE)
1	142.250.185.138 142.250.185.138	15169 (GOOGLE) (GOOGLE)
2	45.56.91.11 45.56.91.11	63949 (LINODE-AP...) (LINODE-AP Linode)
12	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY)
8	172.217.18.97 172.217.18.97	15169 (GOOGLE) (GOOGLE)
1	172.67.221.197 172.67.221.197	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.71.57 172.67.71.57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
3	51.89.24.70 51.89.24.70	16276 (OVH) (OVH)
1	67.202.94.93 67.202.94.93	32748 (STEADFAST) (STEADFAST)
1	13.225.78.128 13.225.78.128	16509 (AMAZON-02) (AMAZON-02)
1	3.121.175.251 3.121.175.251	16509 (AMAZON-02) (AMAZON-02)
3	13.225.78.97 13.225.78.97	16509 (AMAZON-02) (AMAZON-02)
1	45.55.96.63 45.55.96.63	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	146.59.148.16 146.59.148.16	16276 (OVH) (OVH)
1 2	172.67.13.182 172.67.13.182	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	104.18.28.199 104.18.28.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
1	13.225.78.23 13.225.78.23	16509 (AMAZON-02) (AMAZON-02)
1	208.100.17.186 208.100.17.186	32748 (STEADFAST) (STEADFAST)
1	13.225.78.102 13.225.78.102	16509 (AMAZON-02) (AMAZON-02)
5	52.208.103.128 52.208.103.128	16509 (AMAZON-02) (AMAZON-02)
1	104.21.78.98 104.21.78.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1	13.224.196.9 13.224.196.9	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 10	52.30.14.23 52.30.14.23	16509 (AMAZON-02) (AMAZON-02)
3 3	52.214.235.66 52.214.235.66	16509 (AMAZON-02) (AMAZON-02)
2 2	52.17.185.148 52.17.185.148	16509 (AMAZON-02) (AMAZON-02)
1	51.144.7.192 51.144.7.192	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.17.176.161 52.17.176.161	16509 (AMAZON-02) (AMAZON-02)
3 3	34.232.235.22 34.232.235.22	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	69.169.85.6 69.169.85.6	29838 (AMC) (AMC)
1	34.247.104.176 34.247.104.176	16509 (AMAZON-02) (AMAZON-02)
1 1	44.193.191.16 44.193.191.16	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.253.137.48 34.253.137.48	16509 (AMAZON-02) (AMAZON-02)
1 1	199.127.207.182 199.127.207.182	26120 (RHYTHMONE) (RHYTHMONE)
1	72.251.232.228 72.251.232.228	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	3.120.29.221 3.120.29.221	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	46.228.164.13 46.228.164.13	56396 (AMOBEE) (AMOBEE)
2 2	185.33.223.178 185.33.223.178	29990 (ASN-APPNEX) (ASN-APPNEX)
79	34

4 142.250.186.147 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f19.1e100.net

www.ramadan2020.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.56.91.11 (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li893-11.members.linode.com

fontlibrary.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f1.1e100.net

lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.221.197 (United States)

ASN13335 (CLOUDFLARENET, US)

statt.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.71.57 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.24.70 (France)

ASN16276 (OVH, FR)
PTR: ip70.ip-51-89-24.eu

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.93 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.128 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-128.fra2.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.175.251 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-175-251.eu-central-1.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.97 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-97.fra2.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.55.96.63 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.148.16 (Norway) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-2.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.13.182 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.28.199 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.105.34 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.23 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-23.fra2.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.186 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip186.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.102 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-102.fra2.r.cloudfront.net

onetag-geo-grouping.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.208.103.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.78.98 (United States)

ASN13335 (CLOUDFLARENET, US)

a.dtssrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.131 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.196.9 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-9.fra2.r.cloudfront.net

audex.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.30.14.23 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.214.235.66 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-235-66.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.185.148 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-185-148.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.144.7.192 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.cintnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.176.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-176-161.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.232.235.22 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-235-22.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.85.6 (United States)

ASN29838 (AMC, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.104.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.193.191.16 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-191-16.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.137.48 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-137-48.eu-west-1.compute.amazonaws.com

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.182 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

dt-secure.videohub.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.232.228 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.150 (Southampton, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.29.221 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-29-221.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.178 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	crwdcntrl.net 1 redirects tags.crwdcntrl.net bcp.crwdcntrl.net sync.crwdcntrl.net	24 KB
12	imgur.com i.imgur.com	565 KB
9	tynt.com cdn.tynt.com ic.tynt.com de.tynt.com	8 KB
8	googleusercontent.com lh5.googleusercontent.com lh4.googleusercontent.com lh3.googleusercontent.com
4	doubleclick.net 3 redirects cm.g.doubleclick.net	943 B
4	ramadan2020.app www.ramadan2020.app	110 KB
3	clickagy.com 3 redirects aorta.clickagy.com	2 KB
3	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com onetag-geo-grouping.s-onetag.com	12 KB
3	dtscout.com t.dtscout.com	10 KB
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	614 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com	941 B
2	tidaltv.com 2 redirects sync.tidaltv.com	685 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	avct.cloud 2 redirects ads.avct.cloud	896 B
2	tapad.com 2 redirects pixel.tapad.com	914 B
2	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	906 B
2	bluekai.com tags.bluekai.com	633 B
2	fontlibrary.org fontlibrary.org	80 KB
1	turn.com 1 redirects d.turn.com	411 B
1	mathtag.com 1 redirects sync.mathtag.com	615 B
1	adgrx.com cm.adgrx.com	408 B
1	videohub.tv 1 redirects dt-secure.videohub.tv	547 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	626 B
1	ml314.com ml314.com	422 B
1	ib-ibi.com global.ib-ibi.com	72 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	krxd.net beacon.krxd.net	337 B
1	cintnetworks.com c.cintnetworks.com	328 B
1	avocet.io 1 redirects ads.avocet.io	204 B
1	userreport.com audex.userreport.com	432 B
1	adsrvr.org match.adsrvr.org	265 B
1	dtssrv.com a.dtssrv.com	557 B
1	onaudience.com 1 redirects pixel.onaudience.com	400 B
1	dtscdn.com t.dtscdn.com	407 B
1	sharethis.com pd.sharethis.com	88 B
1	amung.us whos.amung.us	146 B
1	gstatic.com fonts.gstatic.com	13 KB
1	waust.at waust.at	18 KB
1	statt.cc statt.cc	44 KB
1	googleapis.com fonts.googleapis.com	1 KB
0	clrstm.com Failed sync.tag.clrstm.com Failed
79	43

	Domain	Requested by
12	i.imgur.com	www.ramadan2020.app
10	sync.crwdcntrl.net	1 redirects bcp.crwdcntrl.net
7	ic.tynt.com	www.ramadan2020.app
5	bcp.crwdcntrl.net	tags.crwdcntrl.net bcp.crwdcntrl.net
4	cm.g.doubleclick.net	3 redirects bcp.crwdcntrl.net
4	www.ramadan2020.app	www.ramadan2020.app
3	aorta.clickagy.com	3 redirects
3	tags.crwdcntrl.net	t.dtscout.com tags.crwdcntrl.net
3	t.dtscout.com	waust.at t.dtscout.com
3	lh3.googleusercontent.com	www.ramadan2020.app
3	lh5.googleusercontent.com	www.ramadan2020.app
2	secure.adnxs.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	pm.w55c.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	sync.tidaltv.com	2 redirects
2	dpm.demdex.net	2 redirects
2	ads.avct.cloud	2 redirects
2	pixel.tapad.com	2 redirects
2	tags.bluekai.com	www.ramadan2020.app bcp.crwdcntrl.net
2	lh4.googleusercontent.com	www.ramadan2020.app
2	fontlibrary.org	www.ramadan2020.app fontlibrary.org
1	d.turn.com	1 redirects
1	sync.mathtag.com	1 redirects
1	cm.adgrx.com	bcp.crwdcntrl.net
1	dt-secure.videohub.tv	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	ml314.com	bcp.crwdcntrl.net
1	global.ib-ibi.com	bcp.crwdcntrl.net
1	idsync.rlcdn.com	bcp.crwdcntrl.net
1	beacon.krxd.net	bcp.crwdcntrl.net
1	c.cintnetworks.com	bcp.crwdcntrl.net
1	ads.avocet.io	1 redirects
1	audex.userreport.com	bcp.crwdcntrl.net
1	match.adsrvr.org	bcp.crwdcntrl.net
1	a.dtssrv.com	t.dtscout.com
1	onetag-geo-grouping.s-onetag.com	get.s-onetag.com
1	de.tynt.com	cdn.tynt.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	cdn.tynt.com	waust.at
1	mwzeom.zeotap.com	www.ramadan2020.app
1	spl.zeotap.com	1 redirects
1	pixel.onaudience.com	1 redirects
1	t.dtscdn.com	t.dtscout.com
1	pd.sharethis.com	t.dtscout.com
1	get.s-onetag.com	t.dtscout.com
1	whos.amung.us	waust.at
1	fonts.gstatic.com	fonts.googleapis.com
1	waust.at	www.ramadan2020.app
1	statt.cc	www.ramadan2020.app
1	fonts.googleapis.com	www.ramadan2020.app
0	sync.tag.clrstm.com Failed	bcp.crwdcntrl.net
79	52

This site contains no links.

Subject Issuer	Validity	Valid
www.ramadan2020.app GTS CA 1D4	`2021-09-20` - `2021-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
fontlibrary.org R3	`2021-10-02` - `2021-12-31`	3 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-15` - `2022-05-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.dtscout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-03` - `2021-11-03`	a year	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.s-onetag.com Amazon	`2021-02-03` - `2022-03-04`	a year	crt.sh
sharethis.com Amazon	`2021-09-01` - `2022-09-30`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
t.dtscdn.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-03` - `2021-11-15`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-10-18` - `2022-04-26`	6 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.userreport.com Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
*.cintnetworks.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-04` - `2022-11-04`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.ib-ibi.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-03-08`	a year	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.ramadan2020.app/
Frame ID: DF49CAA5DC9B40A946789C8D63A2CD53
Requests: 54 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01635181880331944F637BDA5FA75
Frame ID: 15A830B05F2B2EDBF8CA5DA24FCD676E
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 71D16A7A003234075ECBA0764253F004
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Frame ID: A14EE18A5E05668E13AE35C596B4773B
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

تسجل في القرعة للحصول على رحلة حج مجانية

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

79
Requests

99 %
HTTPS

0 %
IPv6

43
Domains

52
Subdomains

34
IPs

7
Countries

890 kB
Transfer

1263 kB
Size

44
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://pixel.onaudience.com/?partner=137085098&mapped=51A01635181880331944F637BDA5FA75 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=8c70125407e5f85b HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f973c7d7-39c6-425d-71b5-f1a66a59f49d&reqId=c9154e45-a96b-46aa-5e49-fbf7c4a9806f&zcluid=8c70125407e5f85b&zdid=1332 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f973c7d7-39c6-425d-71b5-f1a66a59f49d&reqId=c9154e45-a96b-46aa-5e49-fbf7c4a9806f&zcluid=8c70125407e5f85b&zdid=1332&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEOjVXMAkmaEseRHFelTWFss&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f973c7d7-39c6-425d-71b5-f1a66a59f49d&reqId=c9154e45-a96b-46aa-5e49-fbf7c4a9806f&zcluid=8c70125407e5f85b&zdid=1332

Request Chain 58

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=5b61a9638ced611662a35cbe78508062&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=5b61a9638ced611662a35cbe78508062&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=67f17cc6-2416-4f92-aaf1-e971aa79b691

Request Chain 59

https://ads.avocet.io/getuid?url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 307
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=365a2e4c-877d-484b-850c-a586cd4ccf21

Request Chain 60

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=5b61a9638ced611662a35cbe78508062&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=5b61a9638ced611662a35cbe78508062&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=91847605067562544301876560138332229569

Request Chain 64

https://aorta.clickagy.com/pixel.gif?ch=120&cm=5b61a9638ced611662a35cbe78508062 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzplY2NlNjRlNDQ0NGYwYTY2MGRhNmQ4YmVkYjg3OGEwNw HTTP 302
https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEECnubolODuDSl79pPrZy0M&google_cver=1 HTTP 302
https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:ecce64e4444f0a660da6d8bedb878a07/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=120&cm=5b61a9638ced611662a35cbe78508062 HTTP 302
https://idsync.rlcdn.com/420246.gif?partner_uid=c:ecce64e4444f0a660da6d8bedb878a07

Request Chain 67

https://sync.srv.stackadapt.com/sync?nid=lotame HTTP 302
https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-39cc994f-4732-47ec-5457-6af8dead01ce$ip$216.131.114.187

Request Chain 68

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 HTTP 302
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=94daf1d5-25b4-49da-a737-87e60d8019a1?gdpr=1&gdpr_consent=

Request Chain 69

https://dt-secure.videohub.tv/v1/usync/lo HTTP 303
https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-f6c5ab6087a5dd5fd31e025356f3f758

Request Chain 71

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=85bf6176-e539-4c00-8200-c1d5535ca441

Request Chain 72

https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=ddb17daa-936b-40c2-b6b0-1188cc15c4c4-6176e53a-5553

Request Chain 73

https://pm.w55c.net/ping_match.gif?st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_ HTTP 302
https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=XC4BuomL1MF3vk5

Request Chain 74

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YXblOgAL29gPiAAT HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YXblOgAL29gPiAAT&_test=YXblOgAL29gPiAAT

Request Chain 77

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/5b61a9638ced611662a35cbe78508062/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4403427910505436999

Request Chain 78

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=975502879%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D975502879%252Ftpid%253D%2524UID%252Ftp%253DANXS HTTP 302
https://sync.crwdcntrl.net/map/c=281/rand=975502879/tpid=4256195952185179224/tp=ANXS

79 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.ramadan2020.app/ 399 KB
97 KB 333ms
211ms Document
text/html 142.250.186.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ramadan2020.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f19.1e100.net

Software

GSE /

Resource Hash

963abd139526fc02397d054a4c80fdbfbd66690291ec92470724a23681658c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.ramadan2020.app
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
expires: Mon, 25 Oct 2021 17:11:19 GMT
date: Mon, 25 Oct 2021 17:11:19 GMT
cache-control: private, max-age=0
last-modified: Mon, 25 Oct 2021 16:03:35 GMT
etag: W/"723d1b67086244f7df01baf0f672f1c6fe1b4ee2edfc2a0fd3db68991c85dba5"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 99275
server: GSE

GET
H2 200 css
fonts.googleapis.com/ 1023 B
1 KB 38ms
16ms Stylesheet
text/css 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Asap

Requested by

Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

4833ea19effcc4e63b391362c9fd83b5ba806692ade5412def93a492c32aee6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 16:58:50 GMT
server: ESF
date: Mon, 25 Oct 2021 17:11:19 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 25 Oct 2021 17:11:19 GMT

GET
H2 200 droid-arabic-kufi
fontlibrary.org/face/ 1 KB
421 B 470ms
153ms Stylesheet
text/css 45.56.91.11
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://fontlibrary.org/face/droid-arabic-kufi
Requested by: Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 45.56.91.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li893-11.members.linode.com
Software: nginx /
Resource Hash: 3694ec04d92e37cfacf4b749bc79c5c009c879c7548ecc91aff4f9ae1ef2d0cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:19 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=UTF-8

GET
H2 200 A3S0ODA.jpg
i.imgur.com/ 117 KB
117 KB 31ms
7ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/A3S0ODA.jpg

Requested by

Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8b862071be60fd71779cdad3f4f02db7060fb2ba93cf74e9224ef35de868e220

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:19 GMT
x-content-type-options: nosniff
age: 2789411
x-cache: HIT, HIT
content-length: 119920
x-served-by: cache-bwi5178-BWI, cache-hhn4080-HHN
last-modified: Fri, 15 Mar 2019 22:16:53 GMT
server: cat factory 1.0
x-timer: S1635181879.473124,VS0,VE0
etag: "01652c554021c5e8eae75a80cec63c53"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 13

GET
H2 404 4Ywe7ZKM0a1D9yYIjpoM08aJ91jie2Oa5-ntDUXMSEuhwWAQ34FVV21ZXlMEhctrSQ4QSWwDO3dC0OTnYpwy2JYx_zjNBEHq92UitEd_OrME26wgbpH8=s0-d
lh5.googleusercontent.com/proxy/ 0
0 105ms
84ms Image
text/html 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh5.googleusercontent.com/proxy/4Ywe7ZKM0a1D9yYIjpoM08aJ91jie2Oa5-ntDUXMSEuhwWAQ34FVV21ZXlMEhctrSQ4QSWwDO3dC0OTnYpwy2JYx_zjNBEHq92UitEd_OrME26wgbpH8=s0-d
Requested by: Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 6G3R3Bw.png
i.imgur.com/ 20 KB
20 KB 8ms
6ms Image
image/png 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/6G3R3Bw.png

Requested by

Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

4ca5acf90352059c1dae7726028c062425b787f14eb37f515095784bb3babe70

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:19 GMT
x-content-type-options: nosniff
age: 2792297
x-cache: HIT, HIT
content-length: 20017
x-served-by: cache-bwi5167-BWI, cache-hhn4080-HHN
last-modified: Thu, 02 May 2019 15:57:35 GMT
server: cat factory 1.0
x-timer: S1635181880.536549,VS0,VE0
etag: "a98c07813360e98e1eb16569a35a3187"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 4

GET
H2 200 3rAWst3.jpg
i.imgur.com/ 10 KB
10 KB 8ms
6ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/3rAWst3.jpg

Requested by

Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

a97edd3a20c514e19b12bdfe4d88ac2130a9d446a1c56b481f4622792d510275

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:19 GMT
x-content-type-options: nosniff
age: 3994623
x-cache: HIT, HIT
content-length: 10307
x-served-by: cache-bwi5160-BWI, cache-hhn4080-HHN
last-modified: Mon, 27 Aug 2018 06:32:54 GMT
server: cat factory 1.0
x-timer: S1635181880.536624,VS0,VE0
etag: "b685a1bdbd1f4341f20eb154e2980e58"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 5

GET
H2 404 ReJABePIlbHl_30uU8jp8a6d5zXC-I-K7DO6DVOqguYxjdxfBfTmhMMlnO0BRtij5pLgGuKxg51ZA4wrg1xKwyBzClQoB27afYHU3hcRdw1Bshk=s0-d
lh4.googleusercontent.com/proxy/ 0
0 103ms
81ms Image
text/html 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh4.googleusercontent.com/proxy/ReJABePIlbHl_30uU8jp8a6d5zXC-I-K7DO6DVOqguYxjdxfBfTmhMMlnO0BRtij5pLgGuKxg51ZA4wrg1xKwyBzClQoB27afYHU3hcRdw1Bshk=s0-d
Requested by: Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 JAj8rQK.png
i.imgur.com/ 69 KB
69 KB 9ms
6ms Image
image/png 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/JAj8rQK.png

Requested by

Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

920ad89079c52b27750e326fa29dcf65f0e50144e62753ed80c815c12bee8ed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:19 GMT
x-content-type-options: nosniff
age: 2789012
x-cache: HIT, HIT
content-length: 70230
x-served-by: cache-bwi5181-BWI, cache-hhn4080-HHN
last-modified: Mon, 27 Aug 2018 06:21:39 GMT
server: cat factory 1.0
x-timer: S1635181880.537950,VS0,VE0
etag: "f81ff666ec551617021dfe279a991e9a"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 7

GET
H2 404 XFrTgvH06FgoPdXXfZeIZtKt7cSuX1_6DAGN0mR75D96e2Gz5iRVmvYNogEBzdAcjdqiHISyTrWRJCMZRMH6hEO4wHucNK9IfIIIT9uyrlb1324Q=s0-d
lh3.googleusercontent.com/proxy/ 0
0 97ms
71ms Image
text/html 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/proxy/XFrTgvH06FgoPdXXfZeIZtKt7cSuX1_6DAGN0mR75D96e2Gz5iRVmvYNogEBzdAcjdqiHISyTrWRJCMZRMH6hEO4wHucNK9IfIIIT9uyrlb1324Q=s0-d
Requested by: Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 TtZFUiN.jpg
i.imgur.com/ 11 KB
11 KB 10ms
8ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/TtZFUiN.jpg

Requested by

Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

6a4b528d033c6c47cc9ce644a09fc0ee5cb613426fc582b00c28ebb431c1bdcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:19 GMT
x-content-type-options: nosniff
age: 3998401
x-cache: HIT, HIT
content-length: 10982
x-served-by: cache-bwi5174-BWI, cache-hhn4080-HHN
last-modified: Mon, 27 Aug 2018 06:29:38 GMT
server: cat factory 1.0
x-timer: S1635181880.539266,VS0,VE0
etag: "22710226206c6edfa5c1728c6372db92"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 2824

GET
H2 200 gIJMm0l.jpg
i.imgur.com/ 47 KB
47 KB 15ms
13ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/gIJMm0l.jpg

Requested by

Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

d6d3f0c5ae10995c795e47b9783b1a461a1d1a5c69c6a1bfeaec403d5a8a3af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:19 GMT
x-content-type-options: nosniff
age: 2197335
x-cache: HIT, HIT
content-length: 47862
x-served-by: cache-bwi5145-BWI, cache-hhn4080-HHN
last-modified: Mon, 27 Aug 2018 06:20:10 GMT
server: cat factory 1.0
x-timer: S1635181880.539348,VS0,VE0
etag: "1ff3a47cc1a253f5f2505060c121d46e"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 5

GET
H2 200 FhujCw2.png
i.imgur.com/ 63 KB
64 KB 10ms
7ms Image
image/png 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/FhujCw2.png

Requested by

Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8b0007652a414c94278f56ee68ff2bf63d53c2a58a3cfaf2bd8c9a05518c5a1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:19 GMT
x-content-type-options: nosniff
age: 2784809
x-cache: HIT, HIT
content-length: 64843
x-served-by: cache-bwi5172-BWI, cache-hhn4080-HHN
last-modified: Mon, 27 Aug 2018 06:24:10 GMT
server: cat factory 1.0
x-timer: S1635181880.539362,VS0,VE0
etag: "febb8d1a7cf0d3e6090bf68e3bc88cb3"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 5

GET
H2 200 OBmw9Rg.jpg
i.imgur.com/ 115 KB
116 KB 9ms
7ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/OBmw9Rg.jpg

Requested by

Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

61e9bd1c5de201a7f9d9135c793cbbd15c47d242a7d4a82bdc3dc00c5da24078

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:19 GMT
x-content-type-options: nosniff
age: 2793085
x-cache: HIT, HIT
content-length: 118197
x-served-by: cache-bwi5158-BWI, cache-hhn4080-HHN
last-modified: Mon, 27 Aug 2018 06:27:00 GMT
server: cat factory 1.0
x-timer: S1635181880.539416,VS0,VE0
etag: "f39cfc4e24a0e5e092f6ac69d92bff77"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 5

GET
H2 403 OmeyupHFoh8l3DFOjTa3dVrLZEAE56vmcvJYXpbklFTG0uy5cZRPkFd0Lt-pE0L-m7O9uRWD2Vj7j5zviiU0GIqZYUfKcG03GZ7yMA_5s2sZXg64r3q9_FCrtzaDesWcLLliUGNZ9I6_LtQWnj4
lh3.googleusercontent.com/proxy/ 0
0 41ms
16ms Image
text/html 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/proxy/OmeyupHFoh8l3DFOjTa3dVrLZEAE56vmcvJYXpbklFTG0uy5cZRPkFd0Lt-pE0L-m7O9uRWD2Vj7j5zviiU0GIqZYUfKcG03GZ7yMA_5s2sZXg64r3q9_FCrtzaDesWcLLliUGNZ9I6_LtQWnj4
Requested by: Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 u9tMvhg.jpg
i.imgur.com/ 48 KB
48 KB 14ms
12ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/u9tMvhg.jpg

Requested by

Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

bd9e90d57eefa03a41b08a2515f7643643467c6abbd7dcc4f2a515d099aed262

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:19 GMT
x-content-type-options: nosniff
age: 3398298
x-cache: HIT, HIT
content-length: 49075
x-served-by: cache-bwi5137-BWI, cache-hhn4080-HHN
last-modified: Mon, 27 Aug 2018 06:22:57 GMT
server: cat factory 1.0
x-timer: S1635181880.539479,VS0,VE0
etag: "62f12e616452678e2092bef20a44772a"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 5

GET
H2 200 IFiRfJa.jpg
i.imgur.com/ 1 KB
1 KB 14ms
13ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/IFiRfJa.jpg

Requested by

Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

42e2300c53dbfcd389c88271aba89b5c17986c74c40614ae5c38183a015f4233

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:19 GMT
x-content-type-options: nosniff
age: 2792296
x-cache: HIT, HIT
content-length: 1309
x-served-by: cache-bwi5167-BWI, cache-hhn4080-HHN
last-modified: Mon, 27 Aug 2018 06:40:20 GMT
server: cat factory 1.0
x-timer: S1635181880.539758,VS0,VE0
etag: "b2b8705fe9d171cc9d0f06d0b86ea504"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 5

GET
H2 200 rRIzlQj.jpg
i.imgur.com/ 1 KB
2 KB 14ms
13ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/rRIzlQj.jpg

Requested by

Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

dc2d569100ac9907327e71ebeaf836b420f7571288ceef174a1bf83a31def4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:19 GMT
x-content-type-options: nosniff
age: 1661164
x-cache: HIT, HIT
content-length: 1431
x-served-by: cache-bwi5177-BWI, cache-hhn4080-HHN
last-modified: Mon, 27 Aug 2018 06:41:18 GMT
server: cat factory 1.0
x-timer: S1635181880.539868,VS0,VE0
etag: "f02392e4ede2f94166fd2db0274f83a5"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 5

GET
H2 200 vNboUp7.png
i.imgur.com/ 60 KB
61 KB 14ms
13ms Image
image/png 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/vNboUp7.png

Requested by

Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

6b12da4280d0e6636ca5d13955ec42b9abcf4ab92f5bdd36935f3925600f6216

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:19 GMT
x-content-type-options: nosniff
age: 5541447
x-cache: HIT, HIT
content-length: 61792
x-served-by: cache-bwi5150-BWI, cache-hhn4080-HHN
last-modified: Mon, 27 Aug 2018 06:25:36 GMT
server: cat factory 1.0
x-timer: S1635181880.541854,VS0,VE0
etag: "a513b5954e9c4012eb77203bae960b34"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 6

GET
H2 200 2093.jpg
statt.cc/wp-content/uploads/2018/04/ 43 KB
44 KB 79ms
27ms Image
image/jpeg 172.67.221.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statt.cc/wp-content/uploads/2018/04/2093.jpg
Requested by: Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61d2cf33a08e6a7ff160be17be55dd90c05053714b67f9758b97dac5203d8821

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291875
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44494
last-modified: Sat, 21 Apr 2018 16:50:35 GMT
server: cloudflare
etag: "5adb6bdb-adce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9q6TvKwwkFVTJkAAp%2FvbTDHD16CM7zd9hN3tZBlhpkekLMXXcMzWPsOSLQJLvTjCrQhPQCKYZ5KsV%2FeXSnb7HPtntaj0lFHQTBU3x5P2GSeEirz6qkP7o4rIGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a3d103b7bcf4138-PRG
expires: Sun, 21 Nov 2021 08:06:44 GMT

GET
H2 404 0FmbmGf46W5NR5FW3qWccRs0i5TP7hYgqpbyv5OePTnc_-krJjETarHkLlTO9Ush7pVmdVk6Z51U4N4PbmQhMNlwvhgZeUjjv71-1_BHxs-fcL2KP2DH=s0-d
lh5.googleusercontent.com/proxy/ 0
0 373ms
356ms Image
text/html 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh5.googleusercontent.com/proxy/0FmbmGf46W5NR5FW3qWccRs0i5TP7hYgqpbyv5OePTnc_-krJjETarHkLlTO9Ush7pVmdVk6Z51U4N4PbmQhMNlwvhgZeUjjv71-1_BHxs-fcL2KP2DH=s0-d
Requested by: Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 t.js Show response
waust.at/ 28 KB
18 KB 64ms
25ms Script
application/x-javascript 172.67.71.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/t.js
Requested by: Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5fec3422ba1298063b09932cc3848c5d1fca91a1dac4747b5b445ea7462c2fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 773
last-modified: Mon, 03 May 2021 17:48:39 GMT
server: cloudflare
etag: W/"60903777-7065"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHjWoA1wG098t9LY1rcbu%2B66Y7AWrR1GaZ3t%2BCxS5he4ZDWmhlgO%2Bw6eDxEznH15SS6jvt8FaMDzKKbYi%2FmtiSIXze2nmKRurRDIsYsUeKKjWW4GcRzdLcb2"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6a3d103b6caff9d6-PRG
expires: Tue, 26 Oct 2021 16:58:26 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh4.googleusercontent.com/proxy/ReJABePIlbHl_30uU8jp8a6d5zXC-I-K7DO6DVOqguYxjdxfBfTmhMMlnO0BRtij5pLgGuKxg51ZA4wrg1xKwyBzClQoB27afYHU3hcRdw1Bshk=s0-d
Requested by: Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/proxy/XFrTgvH06FgoPdXXfZeIZtKt7cSuX1_6DAGN0mR75D96e2Gz5iRVmvYNogEBzdAcjdqiHISyTrWRJCMZRMH6hEO4wHucNK9IfIIIT9uyrlb1324Q=s0-d
Requested by: Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh5.googleusercontent.com/proxy/0FmbmGf46W5NR5FW3qWccRs0i5TP7hYgqpbyv5OePTnc_-krJjETarHkLlTO9Ush7pVmdVk6Z51U4N4PbmQhMNlwvhgZeUjjv71-1_BHxs-fcL2KP2DH=s0-d
Requested by: Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 404 like.png
www.ramadan2020.app/images/ 4 KB
4 KB 219ms
218ms Image
text/html 142.250.186.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ramadan2020.app/images/like.png

Requested by

Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f19.1e100.net

Software

GSE /

Resource Hash

26591ced192665fde3c7d960db16259abd7f9d6765a01c6f756a0244331fc6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /images/like.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ramadan2020.app
referer: https://www.ramadan2020.app/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 1620
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 404 bubble.png
www.ramadan2020.app/images/ 4 KB
4 KB 244ms
243ms Image
text/html 142.250.186.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ramadan2020.app/images/bubble.png

Requested by

Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f19.1e100.net

Software

GSE /

Resource Hash

26591ced192665fde3c7d960db16259abd7f9d6765a01c6f756a0244331fc6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /images/bubble.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ramadan2020.app
referer: https://www.ramadan2020.app/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 1620
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 404 share.png
www.ramadan2020.app/images/ 4 KB
4 KB 210ms
209ms Image
text/html 142.250.186.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ramadan2020.app/images/share.png

Requested by

Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f19.1e100.net

Software

GSE /

Resource Hash

6915ff135031ab7a28374f006f49db26407d725e1961930647b0c154cd16e272

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /images/share.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ramadan2020.app
referer: https://www.ramadan2020.app/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 1620
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 DroidArabicKufiRegular.ttf
fontlibrary.org/assets/fonts/droid-arabic-kufi/6afbe2c8257159c2fefd1b43cd951ba3/a9b030e29a35f523a137ee0175be419f/ 79 KB
80 KB 463ms
154ms Font
application/font-sfnt 45.56.91.11
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://fontlibrary.org/assets/fonts/droid-arabic-kufi/6afbe2c8257159c2fefd1b43cd951ba3/a9b030e29a35f523a137ee0175be419f/DroidArabicKufiRegular.ttf
Requested by: Host: fontlibrary.org
URL: https://fontlibrary.org/face/droid-arabic-kufi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 45.56.91.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li893-11.members.linode.com
Software: nginx /
Resource Hash: ae57aea1cb701121475bcd38a9264115c401927701f4b04a54f9166143c52fe0

Request headers

Referer: https://fontlibrary.org/face/droid-arabic-kufi
Origin: https://www.ramadan2020.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:20 GMT
last-modified: Tue, 04 Dec 2012 09:42:08 GMT
server: nginx
etag: "13d48-4d003ade83c00-gzip"
content-type: application/font-sfnt
access-control-allow-origin: *
cache-control: max-age=290304000, public
accept-ranges: bytes
content-length: 81224

GET
H2 200 KFO9CniXp96a4Tc2EZzSuDAoKsE61phJW34.woff2
fonts.gstatic.com/s/asap/v15/ 13 KB
13 KB 58ms
17ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/asap/v15/KFO9CniXp96a4Tc2EZzSuDAoKsE61phJW34.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Asap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

3728895eb8d0e25f94db6198ab080c2bd47980353e7523f26a3c24374d0ba552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ramadan2020.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 08:58:27 GMT
x-content-type-options: nosniff
age: 288772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13124
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 16:32:48 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 08:58:27 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 8 KB
9 KB 357ms
9ms Script
application/javascript 51.89.24.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.ramadan2020.app%2F&j=
Requested by: Host: waust.at
URL: https://waust.at/t.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.70 , France, ASN16276 (OVH, FR),
Reverse DNS: ip70.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b51a0c0eb85129fc4dc139287e94e52a2518048ce32ac81d5baa2052d0433167

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 17:11:20 GMT
X-T: 0.715
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: ger1
Expires: Mon, 25 Oct 2021 17:11:19 GMT

GET
H2 200 / Show response
whos.amung.us/pingjs/ 30 B
146 B 458ms
112ms Script
text/javascript 67.202.94.93
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=64hv5wag3m&t=%D8%AA%D8%B3%D8%AC%D9%84%20%D9%81%D9%8A%20%D8%A7%D9%84%D9%82%D8%B1%D8%B9%D8%A9%20%D9%84%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D8%B1%D8%AD%D9%84%D8%A9%20%D8%AD%D8%AC%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9&c=t&x=https%3A%2F%2Fwww.ramadan2020.app%2F&y=&a=0&d=1.007&v=27&r=7433
Requested by: Host: waust.at
URL: https://waust.at/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.94.93 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: c544c74f906e7120f64a325eaca537478803ab520269019aa5f430d490b088dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:20 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK / Show response
t.dtscout.com/idg/ Frame 15A8 1 KB
752 B 27ms
12ms Document
text/html 51.89.24.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=51A01635181880331944F637BDA5FA75
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.ramadan2020.app%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.70 , France, ASN16276 (OVH, FR),
Reverse DNS: ip70.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d31ff06de175c09de958e1668bf4c9f1dc972cac23b4aba13cefe070a7f15aa7

Request headers

Host: t.dtscout.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ramadan2020.app/
Accept-Encoding: gzip, deflate, br
Cookie: m=1; b=1; st=1; oa=1; df=1635181880; l=51A01635181880331944F637BDA5FA75
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 25 Oct 2021 17:11:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Mon, 25 Oct 2021 17:11:19 GMT
Cache-Control: no-cache
Content-Encoding: gzip

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 30 KB
10 KB 468ms
7ms Script
text/javascript 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.ramadan2020.app%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 13:27:46 GMT
server: AmazonS3
age: 45243
etag: W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 25 Oct 2021 04:37:18 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: w0ZTjXqBcRghzOubQTO1ZbE7AxL5tkkHnRZ9hfMHlWVJa9VsZFcZlg==

GET
H/1.1 204
No Content dtscout Show response
pd.sharethis.com/pd/ 0
88 B 41ms
8ms Script
text/plain 3.121.175.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pd.sharethis.com/pd/dtscout
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.ramadan2020.app%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.175.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-175-251.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 25 Oct 2021 17:11:20 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 50 B
318 B 24ms
9ms Script
application/javascript 51.89.24.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=ramadan2020.app&_ss=2y0dm1mhqt&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=5ty6&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.ramadan2020.app%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.70 , France, ASN16276 (OVH, FR),
Reverse DNS: ip70.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 76cec2dc664efb9f0dc2389fe9aa7d2d2d4def1b08cfbdbf6c50cde993509f92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 17:11:20 GMT
X-T: 0.199
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Mon, 25 Oct 2021 17:11:19 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 41 KB
13 KB 688ms
7ms Script
text/javascript 13.225.78.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.ramadan2020.app%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-97.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 352b946d2aa4d0b2da6236769fbb46cab48ee1d8378df1dd5b28aa84fa875536

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 04:15:57 GMT
content-encoding: gzip
etag: W/"8f03358821acd3f05de8b930eb1e5ef2"
last-modified: Tue, 19 Oct 2021 13:13:55 GMT
server: AmazonS3
age: 46525
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: gXx63XcHaYc_cXdtA2fYXTiIRGYqPzvKHWHsp9D_O2vCa2HT2DD_SQ==

GET
H/1.1 200
OK / Show response
t.dtscdn.com/widget/ 0
407 B 358ms
90ms Script
application/javascript 45.55.96.63
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01635181880331944F637BDA5FA75&nid=0&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fwww.ramadan2020.app%2F&r=
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.ramadan2020.app%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.96.63 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 16:34:35 GMT
X-T: 0.87
x-server: web12.ny1.dtscdn.com
Cache-Control: no-cache
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Expires: Mon, 25 Oct 2021 16:34:34 GMT

GET
H/1.1 200
OK 27675
tags.bluekai.com/site/ 62 B
329 B 180ms
143ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/27675?id=51A01635181880331944F637BDA5FA75&ret=html&phint=__bk_t%3D%D8%AA%D8%B3%D8%AC%D9%84%20%D9%81%D9%8A%20%D8%A7%D9%84%D9%82%D8%B1%D8%B9%D8%A9%20%D9%84%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D8%B1%D8%AD%D9%84%D8%A9%20%D8%AD%D8%AC%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9&phint=__bk_k%3D%D8%B3%D9%81%D8%B1%2C%D8%B3%D9%8A%D8%A7%D8%AD%D8%A9%2C%D9%88%D8%B8%D8%A7%D8%A6%D9%81%2C%D8%B9%D9%85%D9%84%2C%2C%D9%88%D8%B8%D8%A7%D8%A6%D9%81%20%D9%82%D8%B7%D8%B1%2C%D9%88%D8%B8%D8%A7%D8%A6%D9%81%20%D8%A7%D9%84%D8%A3%D8%B1%D8%AF%D9%86%2C%2C%D9%88%D8%B8%D8%A7%D8%A6%D9%81%20%D8%B4%D8%A7%D8%BA%D8%B1%D8%A9%2C%D8%B3%D9%81%D8%B1%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%2C%D8%A7%D9%84%D8%B3%D9%81%D8%B1%20%D8%A7%D9%84%D9%89%20%D8%A3%D9%85%D8%B1%D9%83%D9%8A%D8%A7%2C%D8%A7%D9%84%D8%B3%D9%81%D8%B1%20%D8%A7%D9%84%D9%89%20%D8%AA%D8%B1%D9%83%D9%8A%D8%A7%2C%D8%A7%D9%84%D8%B3%D9%81%D8%B1%2C%D8%A7%D9%84%D9%89%20%D9%83%D9%86%D8%AF%D8%A7%2C%D8%A7%D9%84%D8%B3%D9%81%D8%B1%2C%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D9%83%D9%85%D8%AA%D8%B7%D9%88%D8%B9%2C%D8%A7%D9%84%D8%B3%D9%81%D8%B1%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%202018%2C%D8%A7%D9%84%D8%B3%D9%81%D8%B1%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D8%A7%D9%84%D9%89%20%D8%A3%D9%88%D8%B1%D9%88%D8%A8%D8%A7%2C%D8%A7%D9%84%D8%B3%D9%81%D8%B1%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%2C&phint=__bk_l%3Dhttps%3A%2F%2Fwww.ramadan2020.app%2F&r=20081657
Requested by: Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 17:11:20 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: bbef
Content-Type: image/gif

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=51A01635181880331944F637BDA5FA75
https://spl.zeotap.com/?zdid=1332&zcluid=8c70125407e5f85b
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f973c7d7-39c6-425d-71b5-f1a66a59f49d&reqId=c9154e45-a96b-46aa-5e49-fbf7c4a9806f&zclui...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f973c7d7-39c6-425d-71b5-f1a66a59f49d&reqId=c9154e45-a96b-46aa-5e49-fbf7c4a9806f&zclu...
https://mwzeom.zeotap.com/mw?google_gid=CAESEOjVXMAkmaEseRHFelTWFss&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f973c7d7-39c6-425d-71b5-f1a66a59f49d&reqId=c9154e45-a96b-46aa-5e49-fbf...

95 B
164 B

42ms
42ms

Image
image/png

172.67.13.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEOjVXMAkmaEseRHFelTWFss&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f973c7d7-39c6-425d-71b5-f1a66a59f49d&reqId=c9154e45-a96b-46aa-5e49-fbf7c4a9806f&zcluid=8c70125407e5f85b&zdid=1332
Requested by: Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.13.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:20 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://www.ramadan2020.app
access-control-allow-credentials: true
cf-ray: 6a3d1041be692790-PRG
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEOjVXMAkmaEseRHFelTWFss&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f973c7d7-39c6-425d-71b5-f1a66a59f49d&reqId=c9154e45-a96b-46aa-5e49-fbf7c4a9806f&zcluid=8c70125407e5f85b&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 105ms
49ms Script
application/javascript 104.18.28.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.28.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:37 GMT
server: cloudflare
age: 81270
etag: W/"612951fd-431d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6a3d10413a5df9d2-PRG
expires: Thu, 28 Oct 2021 17:11:20 GMT

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e119d54f77ab175a1af13b742102c9062ce8db77ac8c104e4beb1246c7bd035f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 338ms
109ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!64hv5wag3m&lm=0&ts=1635181880563&dn=TC&iso=0&img=https%3A%2F%2Fi.imgur.com%2FA3S0ODA.jpg&ct=%D8%B3%D8%AC%D9%84%20%D9%81%D9%8A%20%D8%A7%D9%84%D9%82%D8%B1%D8%B9%D8%A9%20%D9%84%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%8A%20%D8%B1%D8%AD%D9%84%D8%A9%20%D8%AD%D8%AC%20%D9%85%D8%AF%D9%81%D9%88%D8%B9%D8%A9%20%D8%A7%D9%84%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20-%20%D8%A7%D8%B6%D8%BA%D8%B7%20%D9%87%D9%86%D8%A7%20%D9%84%D9%84%D8%AA%D8%B3%D8%AC%D9%8A%D9%84&t=%D8%AA%D8%B3%D8%AC%D9%84%20%D9%81%D9%8A%20%D8%A7%D9%84%D9%82%D8%B1%D8%B9%D8%A9%20%D9%84%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D8%B1%D8%AD%D9%84%D8%A9%20%D8%AD%D8%AC%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9
Requested by: Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:20 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
961 B 351ms
117ms Fetch
application/json 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.23 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-23.fra2.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:21 GMT
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront), 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1, FRA2-C2
x-amzn-requestid: 92cedd9f-50a3-478b-87fe-8004c7300ba0
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: HxjA9HJvCYcF5YA=
content-length: 555
x-amz-cf-id: zBVDCTYG3oFx9riXK_5Cc5B6BLViLZ-lL7-i5EDCTOkG1QLB7QRp6g==

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 341ms
111ms Script
application/javascript 208.100.17.186
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!64hv5wag3m&dn=TC&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.186 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip186.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:20 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Tue, 26 Oct 2021 17:11:21 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 110ms
110ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!64hv5wag3m&lm=0&ts=1635181880563&dn=TC&iso=0&img=https%3A%2F%2Fi.imgur.com%2FA3S0ODA.jpg&ct=%D8%B3%D8%AC%D9%84%20%D9%81%D9%8A%20%D8%A7%D9%84%D9%82%D8%B1%D8%B9%D8%A9%20%D9%84%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%8A%20%D8%B1%D8%AD%D9%84%D8%A9%20%D8%AD%D8%AC%20%D9%85%D8%AF%D9%81%D9%88%D8%B9%D8%A9%20%D8%A7%D9%84%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20-%20%D8%A7%D8%B6%D8%BA%D8%B7%20%D9%87%D9%86%D8%A7%20%D9%84%D9%84%D8%AA%D8%B3%D8%AC%D9%8A%D9%84&t=%D8%AA%D8%B3%D8%AC%D9%84%20%D9%81%D9%8A%20%D8%A7%D9%84%D9%82%D8%B1%D8%B9%D8%A9%20%D9%84%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D8%B1%D8%AD%D9%84%D8%A9%20%D8%AD%D8%AC%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9
Requested by: Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:20 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 110ms
110ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!64hv5wag3m&lm=0&ts=1635181880563&dn=TC&iso=0&img=https%3A%2F%2Fi.imgur.com%2FA3S0ODA.jpg&ct=%D8%B3%D8%AC%D9%84%20%D9%81%D9%8A%20%D8%A7%D9%84%D9%82%D8%B1%D8%B9%D8%A9%20%D9%84%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%8A%20%D8%B1%D8%AD%D9%84%D8%A9%20%D8%AD%D8%AC%20%D9%85%D8%AF%D9%81%D9%88%D8%B9%D8%A9%20%D8%A7%D9%84%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20-%20%D8%A7%D8%B6%D8%BA%D8%B7%20%D9%87%D9%86%D8%A7%20%D9%84%D9%84%D8%AA%D8%B3%D8%AC%D9%8A%D9%84&t=%D8%AA%D8%B3%D8%AC%D9%84%20%D9%81%D9%8A%20%D8%A7%D9%84%D9%82%D8%B1%D8%B9%D8%A9%20%D9%84%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D8%B1%D8%AD%D9%84%D8%A9%20%D8%AD%D8%AC%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9
Requested by: Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:21 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 112ms
112ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!64hv5wag3m&lm=0&ts=1635181880563&dn=TC&iso=0&img=https%3A%2F%2Fi.imgur.com%2FA3S0ODA.jpg&ct=%D8%B3%D8%AC%D9%84%20%D9%81%D9%8A%20%D8%A7%D9%84%D9%82%D8%B1%D8%B9%D8%A9%20%D9%84%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%8A%20%D8%B1%D8%AD%D9%84%D8%A9%20%D8%AD%D8%AC%20%D9%85%D8%AF%D9%81%D9%88%D8%B9%D8%A9%20%D8%A7%D9%84%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20-%20%D8%A7%D8%B6%D8%BA%D8%B7%20%D9%87%D9%86%D8%A7%20%D9%84%D9%84%D8%AA%D8%B3%D8%AC%D9%8A%D9%84
Requested by: Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:21 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ 1 KB
832 B 491ms
7ms Fetch
application/json 13.225.78.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-102.fra2.r.cloudfront.net
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 13:08:47 GMT
content-encoding: gzip
server: restify
age: 14554
vary: Accept-Encoding,origin
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: https://www.ramadan2020.app
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Fm1eYEKRATe_nZEgK5KZeoxqDX29LTYnFVYSt-OxSRjrV5k0ZKBO6Q==
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 110ms
110ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!64hv5wag3m&lm=0&ts=1635181880563&dn=TC&iso=0&img=https%3A%2F%2Fi.imgur.com%2FA3S0ODA.jpg&ct=%D8%B3%D8%AC%D9%84%20%D9%81%D9%8A%20%D8%A7%D9%84%D9%82%D8%B1%D8%B9%D8%A9%20%D9%84%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%8A%20%D8%B1%D8%AD%D9%84%D8%A9%20%D8%AD%D8%AC%20%D9%85%D8%AF%D9%81%D9%88%D8%B9%D8%A9%20%D8%A7%D9%84%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20-%20%D8%A7%D8%B6%D8%BA%D8%B7%20%D9%87%D9%86%D8%A7%20%D9%84%D9%84%D8%AA%D8%B3%D8%AC%D9%8A%D9%84
Requested by: Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:21 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 110ms
110ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!64hv5wag3m&lm=0&ts=1635181880563&dn=TC&iso=0&img=https%3A%2F%2Fi.imgur.com%2FA3S0ODA.jpg
Requested by: Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:21 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 110ms
110ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!64hv5wag3m&lm=0&ts=1635181880563&dn=TC&iso=0
Requested by: Host: www.ramadan2020.app
URL: https://www.ramadan2020.app/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:21 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ 4 KB
1 KB 24ms
8ms XHR
application/json 13.225.78.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-97.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer: https://www.ramadan2020.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 25 Oct 2021 05:41:17 GMT
content-encoding: gzip
age: 42371
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 19 Oct 2021 13:13:55 GMT
server: AmazonS3
etag: W/"6db43f44304c37d76768275ee4f01ba4"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: LjaUiFveFxVKZiN6sj-5wXBVD-rGNNhhU4z8Adk0TmvqzRaKBCzt8A==

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 618 B
1 KB 149ms
76ms XHR
application/json 52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: bccde2dcbc95005c3e7b97bc6807edbbd79d763652c12f7febb9190c99b4bf1c

Request headers

Referer: https://www.ramadan2020.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:21 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.ramadan2020.app
cache-control: no-cache
x-server: 10.45.19.77
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 618
expires: 0

POST
H2 200 a
a.dtssrv.com/ 0
557 B 187ms
132ms Ping
text/html 104.21.78.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=51A01635181880331944F637BDA5FA75&k=lotpano&v=f4bfa89c24679351bbde302a6eec16d539382e32b8f744c88d717e671da18d35
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.ramadan2020.app%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.78.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ramadan2020.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 25 Oct 2021 17:11:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wEY%2Be8ddbZ54yiPVfR3SyG4YoOTJPEI52zHEf6P8r78dAg9mipZmcgi0DprWKMfK7UWHdG84x1XMWtBNt9X1p36WiKr7o%2BPYBCEHWTfsNZdx7mwTQAjaxCGp1EH%2F8I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 6a3d1049691c2778-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 71D1 2 KB
1 KB 7ms
7ms Document
text/html 13.225.78.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-97.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

:method: GET
:authority: tags.crwdcntrl.net
:scheme: https
:path: /lt/shared/2/lt.iframe.html?c=3825
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ramadan2020.app/
accept-encoding: gzip, deflate, br
cookie: _cc_dc=1; _cc_id=5b61a9638ced611662a35cbe78508062; _cc_cc="ACZ4XmNQME0yM0y0NDO2SE5NMTM0NDMzSjQ2TU5KNbcwNbAwMDNiAILEsqeWIBoCeH%2FdO6XK%2BFGW4T8jI8PxTVNYYOyPny1hzOV%2FCuEqjh5ihrEvnXrEBmPv3ndZAMb%2B0HAfzj68eA7cxHdLEOzpJ9RhytdseMoNY0%2F8OEEbxgYA48JCBQ%3D%3D"; _cc_aud="ABR4XmNgYGBILHtqCaQggJmBgWsGmLmoFUQyPqwHkgBhIQUj"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ramadan2020.app/

Response headers

content-type: text/html
last-modified: Mon, 01 Feb 2021 20:35:17 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Mon, 25 Oct 2021 07:50:02 GMT
cache-control: max-age: 86400
etag: W/"6fcf4f5197ab24c92d090f6ac8d87e01"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: efGt7OGdK2kJHpCgKnwFIw99wCBHcoZQzcnuzXUIX30Op6STJWIzNg==
age: 33680

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame A14E 3 KB
3 KB 31ms
31ms Document
text/html 52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: aed440687d53532c50a7b3a87f5213aab5cfe582d4b84a772544d5d0ea341714

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tags.crwdcntrl.net/
accept-encoding: gzip, deflate, br
cookie: _cc_dc=1; _cc_id=5b61a9638ced611662a35cbe78508062; _cc_cc="ACZ4XmNQME0yM0y0NDO2SE5NMTM0NDMzSjQ2TU5KNbcwNbAwMDNiAILEsqeWIBoCeH%2FdO6XK%2BFGW4T8jI8PxTVNYYOyPny1hzOV%2FCuEqjh5ihrEvnXrEBmPv3ndZAMb%2B0HAfzj68eA7cxHdLEOzpJ9RhytdseMoNY0%2F8OEEbxgYA48JCBQ%3D%3D"; _cc_aud="ABR4XmNgYGBILHtqCaQggJmBgWsGmLmoFUQyPqwHkgBhIQUj"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tags.crwdcntrl.net/

Response headers

date: Mon, 25 Oct 2021 17:11:21 GMT
content-type: text/html
content-length: 3304
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.8.128
server: Jetty(9.4.38.v20210224)

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A14E 70 B
265 B 104ms
37ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK ltm
audex.userreport.com/sync/put/ Frame A14E 43 B
432 B 334ms
12ms Image
image/gif 13.224.196.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audex.userreport.com/sync/put/ltm?ltmid=5b61a9638ced611662a35cbe78508062
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-9.fra2.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 17:11:22 GMT
Via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.18.0
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: 1uuE_w0vZCmIAG0nHYXH978tlQHyEHocmKv15HiS9T_jGeGO55kLyQ==

GET
H2

200

tpid=67f17cc6-2416-4f92-aaf1-e971aa79b691
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame A14E
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=5b61a9638ced611662a35cbe78508062&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=5b61a9638ced611662a35cbe78508062&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=67f17cc6-2416-4f92-aaf1-e971aa79b691

49 B
265 B

102ms
33ms

Image
image/gif

52.30.14.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=67f17cc6-2416-4f92-aaf1-e971aa79b691
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:21 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.11.87
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=67f17cc6-2416-4f92-aaf1-e971aa79b691
date: Mon, 25 Oct 2021 17:11:21 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

403

tpid=365a2e4c-877d-484b-850c-a586cd4ccf21
sync.crwdcntrl.net/map/c=10492/tp=AVCT/ Frame A14E
Redirect Chain

https://ads.avocet.io/getuid?url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D
https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=365a2e4c-877d-484b-850c-a586cd4ccf21

49 B
268 B

30ms
30ms

Image
image/gif

52.30.14.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=365a2e4c-877d-484b-850c-a586cd4ccf21
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.18.40
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=365a2e4c-877d-484b-850c-a586cd4ccf21
date: Mon, 25 Oct 2021 17:11:21 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 111
content-type: text/html; charset=utf-8

GET
H2

200

tpid=91847605067562544301876560138332229569
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame A14E
Redirect Chain

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=5b61a9638ced611662a35cbe78508062&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=5b61a9638ced611662a35cbe78508062&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=91847605067562544301876560138332229569

49 B
265 B

39ms
39ms

Image
image/gif

52.30.14.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=91847605067562544301876560138332229569
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.21.229
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

DCS: dcs-prod-irl1-2-v019-06bdc6eea.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 3i/QDYO6T+s=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=91847605067562544301876560138332229569
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK identity
c.cintnetworks.com/ Frame A14E 0
328 B 192ms
34ms Image
text/plain 51.144.7.192
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.cintnetworks.com/identity?a=5461&id=Lotame:5b61a9638ced611662a35cbe78508062
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.144.7.192 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 17:11:21 GMT
Vary: Origin
P3P: CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."
Arr-Disable-Session-Affinity: true
Cache-Control: max-age=60, private, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=5
Content-Length: 0

GET sync
sync.tag.clrstm.com/lotame/ Frame A14E 0
0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame A14E 0
337 B 107ms
31ms Image
text/plain 52.17.176.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=5b61a9638ced611662a35cbe78508062
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.176.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-176-161.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:21 GMT
cache-control: private, no-cache, no-store
x-request-time: D=24 t=1635181881
x-served-by: beacon-n007-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

451

420246.gif
idsync.rlcdn.com/ Frame A14E
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=120&cm=5b61a9638ced611662a35cbe78508062
https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzplY2NlNjRlNDQ0NGYwYTY2MGRhNmQ4YmVkYjg3OGEwNw
https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEECnubolODuDSl79pPrZy0M&google_cver=1
https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:ecce64e4444f0a660da6d8bedb878a07/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=120&cm=5b61a9638ced611662a35cbe78508062
https://idsync.rlcdn.com/420246.gif?partner_uid=c:ecce64e4444f0a660da6d8bedb878a07

0
66 B

58ms
22ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:ecce64e4444f0a660da6d8bedb878a07
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:22 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Mon, 25 Oct 2021 17:11:22 GMT
server: Aorta/20210715-1901da7
access-control-allow-origin
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
Content-Type: application/json
Location: https://idsync.rlcdn.com/420246.gif?partner_uid=c:ecce64e4444f0a660da6d8bedb878a07
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Aorta-Region: us-east-1
Connection: keep-alive
X-Aorta-Host: ip-10-42-17-189.ec2.internal
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length: 0

GET
H/1.0 200
OK image.sbxx
global.ib-ibi.com/ Frame A14E 0
72 B 357ms
85ms Image
text/plain 69.169.85.6
AMC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=5b61a9638ced611662a35cbe78508062
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_256_CBC
Server: 69.169.85.6 , United States, ASN29838 (AMC, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H/1.1 200
OK utsync.ashx
ml314.com/ Frame A14E 43 B
422 B 141ms
29ms Image
image/gif 34.247.104.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50146&et=0&fp=5b61a9638ced611662a35cbe78508062&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.104.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 17:11:22 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Tue, 26 Oct 2021 13:11:22 GMT

GET
H2

200

tpid=0-39cc994f-4732-47ec-5457-6af8dead01ce$ip$216.131.114.187
bcp.crwdcntrl.net/map/c=6569/tp=STKA/ Frame A14E
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=lotame
https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-39cc994f-4732-47ec-5457-6af8dead01ce$ip$216.131.114.187

49 B
264 B

35ms
35ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-39cc994f-4732-47ec-5457-6af8dead01ce$ip$216.131.114.187
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.0.155
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Location: https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-39cc994f-4732-47ec-5457-6af8dead01ce$ip$216.131.114.187
Date: Mon, 25 Oct 2021 17:11:22 GMT
Connection: keep-alive
Content-Length: 130
Content-Type: text/html; charset=utf-8

GET
H2

200

tpid=94daf1d5-25b4-49da-a737-87e60d8019a1
bcp.crwdcntrl.net/map/c=6584/tp=VIDO/ Frame A14E
Redirect Chain

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695
https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=94daf1d5-25b4-49da-a737-87e60d8019a1?gdpr=1&gdpr_consent=

49 B
264 B

34ms
34ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=94daf1d5-25b4-49da-a737-87e60d8019a1?gdpr=1&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.19.77
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:22 GMT
server: Apache-Coyote/1.1
location: https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=94daf1d5-25b4-49da-a737-87e60d8019a1?gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

tpid=CI-f6c5ab6087a5dd5fd31e025356f3f758
bcp.crwdcntrl.net/map/c=6220/tp=TRMR/ Frame A14E
Redirect Chain

https://dt-secure.videohub.tv/v1/usync/lo
https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-f6c5ab6087a5dd5fd31e025356f3f758

49 B
264 B

34ms
34ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-f6c5ab6087a5dd5fd31e025356f3f758
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.18.49
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Location: https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-f6c5ab6087a5dd5fd31e025356f3f758
Date: Mon, 25 Oct 2021 17:11:22 GMT
useSecure: true
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame A14E 43 B
408 B 511ms
159ms Image
image/gif 72.251.232.228
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=lotame&AG_REDIR=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D363%2Ftp%3DADGR%2Ftpid%3D__AG_UID__
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.232.228 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 17:11:22 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: sjc-delivery-2
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame A14E
Redirect Chain

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=85bf6176-e539-4c00-8200-c1d5535ca441

49 B
264 B

32ms
32ms

Image
image/gif

52.30.14.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=85bf6176-e539-4c00-8200-c1d5535ca441
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.22.36
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Date: Mon, 25 Oct 2021 17:11:22 GMT
Server: MT3 4044 0c7f252 master zrh-pixel-x24 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=85bf6176-e539-4c00-8200-c1d5535ca441
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 25 Oct 2021 17:11:21 GMT

GET
H2

200

tpid=ddb17daa-936b-40c2-b6b0-1188cc15c4c4-6176e53a-5553
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame A14E
Redirect Chain

https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=ddb17daa-936b-40c2-b6b0-1188cc15c4c4-6176e53a-5553

49 B
264 B

34ms
34ms

Image
image/gif

52.30.14.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=ddb17daa-936b-40c2-b6b0-1188cc15c4c4-6176e53a-5553
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.1.74
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:22 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=ddb17daa-936b-40c2-b6b0-1188cc15c4c4-6176e53a-5553
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

tpid=XC4BuomL1MF3vk5
sync.crwdcntrl.net/map/c=1818/tp=DTXU/ Frame A14E
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_
https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=XC4BuomL1MF3vk5

49 B
264 B

33ms
33ms

Image
image/gif

52.30.14.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=XC4BuomL1MF3vk5
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.19.42
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 17:11:21 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-00eeed23208b59ecc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=XC4BuomL1MF3vk5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

tpid=YXblOgAL29gPiAAT&_test=YXblOgAL29gPiAAT
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame A14E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YXblOgAL29gPiAAT
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YXblOgAL29gPiAAT&_test=YXblOgAL29gPiAAT

49 B
265 B

33ms
33ms

Image
image/gif

52.30.14.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YXblOgAL29gPiAAT&_test=YXblOgAL29gPiAAT
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.23.192
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1635181883.809895,VS0,VE0
x-served-by: cache-hhn4050-HHN
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YXblOgAL29gPiAAT&_test=YXblOgAL29gPiAAT
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame A14E 170 B
188 B 26ms
25ms Image
image/png 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 5907
tags.bluekai.com/site/ Frame A14E 62 B
304 B 152ms
152ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=9b670abed1f9dead3cc6674704795d07
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 17:11:22 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2

200

tpid=4403427910505436999
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame A14E
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/5b61a9638ced611662a35cbe78508062/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4403427910505436999

49 B
265 B

33ms
33ms

Image
image/gif

52.30.14.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4403427910505436999
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.31.145
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4403427910505436999
pragma: no-cache
date: Mon, 25 Oct 2021 17:11:21 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=975502879/tpid=4256195952185179224/ Frame A14E
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=975502879%2Ftpid%3D%24UID%2Ftp%3DANXS
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D975502879%252Ftpid%253D%2524UID%252Ftp%253DANXS
https://sync.crwdcntrl.net/map/c=281/rand=975502879/tpid=4256195952185179224/tp=ANXS

49 B
264 B

33ms
33ms

Image
image/gif

52.30.14.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/rand=975502879/tpid=4256195952185179224/tp=ANXS
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=116%2C115%2C106%2C97%2C94%2C92%2C90%2C80%2C79%2C78%2C61%2C54%2C50%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Oct 2021 17:11:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.23.63
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 25 Oct 2021 17:11:22 GMT
X-Proxy-Origin: 216.131.114.187; 216.131.114.187; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5c391819-0641-41f6-a03b-242ad892c514
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.crwdcntrl.net/map/c=281/rand=975502879/tpid=4256195952185179224/tp=ANXS
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.tag.clrstm.com
URL: https://sync.tag.clrstm.com/lotame/sync?uid=5b61a9638ced611662a35cbe78508062

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dtscout.com/	1970-01-19 22:13:06	Name: m Value: 1
.dtscout.com/	1970-01-19 22:13:19	Name: b Value: 1
.dtscout.com/	1970-01-19 22:13:05	Name: st Value: 1
.dtscout.com/	1970-01-19 22:13:16	Name: oa Value: 1
.dtscout.com/	1970-01-20 00:37:01	Name: df Value: 1635181880
.dtscout.com/	1970-01-20 00:21:11	Name: l Value: 51A01635181880331944F637BDA5FA75
.ramadan2020.app/	1970-01-20 00:18:18	Name: __dtsu Value: 51A01635181880331944F637BDA5FA75
.onaudience.com/	1970-01-20 06:58:37	Name: cookie Value: 8c70125407e5f85b
.onaudience.com/	1970-01-19 22:14:28	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-20 06:58:37	Name: zc Value: f973c7d7-39c6-425d-71b5-f1a66a59f49d
.zeotap.com/	1970-01-19 22:14:28	Name: zsc Value: %AB%EEj%8B%DE%18%18%D1%A3%0F%2C%B3o%07%DFB%12rd%27%93i%E2%5D%FC+%C9%24r%F1%1A%FEy%8C%AD%5E%BF%B2%C0Q%9D6%F8%C8U%F5%8F%40i%F0%ED%AA%7D%C2%D1%DD%A4x%0B%12%8C%8BU%03%C7%96%EB%D6%BAkA%86%3C%12%92%A2%98PI%C4%E3%02%EA
.doubleclick.net/	1970-01-20 15:44:13	Name: IDE Value: AHWqTUn9RJCuGQPCzWNv9vsNQY93yL0g-pf6gIgPpsSmaE4aLxfyQFh3WAWpbIFG2io
.dtscdn.com/	1970-01-20 02:30:47	Name: uid Value: 51A01635181880331944F637BDA5FA75
.ramadan2020.app/	1970-01-19 22:13:01	Name: lotame_domain_check Value: ramadan2020.app
.crwdcntrl.net/	1970-01-20 04:41:49	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 04:41:49	Name: _cc_id Value: 5b61a9638ced611662a35cbe78508062
.crwdcntrl.net/	1970-01-20 04:41:49	Name: _cc_cc Value: "ACZ4XmNQME0yM0y0NDO2SE5NMTM0NDMzSjQ2TU5KNbcwNbAwMDNiAILEsqeWIBoCeH%2FdO6XK%2BFGW4T8jI8PxTVNYYOyPny1hzOV%2FCuEqjh5ihrEvnXrEBmPv3ndZAMb%2B0HAfzj68eA7cxHdLEOzpJ9RhytdseMoNY0%2F8OEEbxgYA48JCBQ%3D%3D"
.crwdcntrl.net/	1970-01-20 04:41:49	Name: _cc_aud Value: "ABR4XmNgYGBILHtqCaQggJmBgWsGmLmoFUQyPqwHkgBhIQUj"
.ramadan2020.app/	1970-01-20 04:41:49	Name: _cc_id Value: 5b61a9638ced611662a35cbe78508062
.ramadan2020.app/	1970-01-20 04:41:49	Name: _cc_cc Value: ACZ4XmNQME0yM0y0NDO2SE5NMTM0NDMzSjQ2TU5KNbcwNbAwMDNiAILEsqeWIBoCeH%2FdO6XK%2BFGW4T8jI8PxTVNYYOyPny1hzOV%2FCuEqjh5ihrEvnXrEBmPv3ndZAMb%2B0HAfzj68eA7cxHdLEOzpJ9RhytdseMoNY0%2F8OEEbxgYA48JCBQ%3D%3D
.ramadan2020.app/	1970-01-20 04:41:49	Name: _cc_aud Value: ABR4XmNgYGBILHtqCaQggJmBgWsGmLmoFUQyPqwHkgBhIQUj
.ramadan2020.app/	1970-01-19 22:23:06	Name: panoramaId_expiry Value: 1635786681692
.ramadan2020.app/	1970-01-19 22:23:06	Name: panoramaId Value: f4bfa89c24679351bbde302a6eec16d539382e32b8f744c88d717e671da18d35
.tapad.com/	1970-01-19 23:39:25	Name: TapAd_TS Value: 1635181881846
.tapad.com/	1970-01-19 23:39:25	Name: TapAd_DID Value: 67f17cc6-2416-4f92-aaf1-e971aa79b691
.tapad.com/	1970-01-19 23:39:25	Name: TapAd_3WAY_SYNCS Value:
.krxd.net/	1970-01-20 02:32:13	Name: _kuid_ Value: OcT7Cz-t
ads.avct.cloud/	1970-01-20 06:58:37	Name: uuid Value: 365a2e4c-877d-484b-850c-a586cd4ccf21
.demdex.net/	1970-01-20 02:32:13	Name: demdex Value: 91847605067562544301876560138332229569
.dpm.demdex.net/	1970-01-20 02:32:13	Name: dpm Value: 91847605067562544301876560138332229569
.mathtag.com/	1970-01-20 07:38:57	Name: uuid Value: 85bf6176-e539-4c00-8200-c1d5535ca441
.tidaltv.com/	1970-01-20 06:58:37	Name: tidal_ttid Value: 94daf1d5-25b4-49da-a737-87e60d8019a1
.sitescout.com/	1970-01-20 06:58:37	Name: ssi Value: ddb17daa-936b-40c2-b6b0-1188cc15c4c4#1635181882125
.tidaltv.com/	1970-01-20 06:58:37	Name: sync-his Value: "H4sIAAAAAAAAADM0sjQ0szI0NAAA7E2sngkAAAA="
.sitescout.com/	1970-01-19 22:56:13	Name: _ssuma Value: eyI3IjoxNjM1MTgxODgyMTUzfQ
.w55c.net/	1970-01-20 07:43:16	Name: wfivefivec Value: XC4BuomL1MF3vk5
.w55c.net/	1970-01-19 22:56:13	Name: matchlotame Value: 5
.adnxs.com/	1970-01-20 00:22:37	Name: uuid2 Value: 4256195952185179224
.turn.com/	1970-01-20 02:32:13	Name: uid Value: 4403427910505436999
.videohub.tv/	1970-01-20 06:58:37	Name: UIXX_UPDT Value: "UILO=1635181882272"
.videohub.tv/	1970-01-20 06:58:37	Name: uid Value: CI-f6c5ab6087a5dd5fd31e025356f3f758
sync.srv.stackadapt.com/	1970-01-20 06:58:37	Name: sa-user-id Value: s%3A0-39cc994f-4732-47ec-5457-6af8dead01ce.yl6%2BzgV%2FgvfSVgZGDVz8%2BiPtRnlKkRSoeW6ZntiTTGE
.srv.stackadapt.com/	1970-01-20 06:58:37	Name: sa-user-id-v2 Value: s%3A0-39cc994f-4732-47ec-5457-6af8dead01ce%24ip%24216.131.114.187.yypsVdYcpCqp02gzwUPQsKqZHkxw2SpdwlNnzsermWU
.everesttech.net/	1970-01-20 06:58:37	Name: everest_g_v2 Value: g_surferid~YXblOgAL29gPiAAT

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lh3.googleusercontent.com/proxy/OmeyupHFoh8l3DFOjTa3dVrLZEAE56vmcvJYXpbklFTG0uy5cZRPkFd0Lt-pE0L-m7O9uRWD2Vj7j5zviiU0GIqZYUfKcG03GZ7yMA_5s2sZXg64r3q9_FCrtzaDesWcLLliUGNZ9I6_LtQWnj4 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://lh3.googleusercontent.com/proxy/XFrTgvH06FgoPdXXfZeIZtKt7cSuX1_6DAGN0mR75D96e2Gz5iRVmvYNogEBzdAcjdqiHISyTrWRJCMZRMH6hEO4wHucNK9IfIIIT9uyrlb1324Q=s0-d Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lh4.googleusercontent.com/proxy/ReJABePIlbHl_30uU8jp8a6d5zXC-I-K7DO6DVOqguYxjdxfBfTmhMMlnO0BRtij5pLgGuKxg51ZA4wrg1xKwyBzClQoB27afYHU3hcRdw1Bshk=s0-d Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lh5.googleusercontent.com/proxy/4Ywe7ZKM0a1D9yYIjpoM08aJ91jie2Oa5-ntDUXMSEuhwWAQ34FVV21ZXlMEhctrSQ4QSWwDO3dC0OTnYpwy2JYx_zjNBEHq92UitEd_OrME26wgbpH8=s0-d Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lh5.googleusercontent.com/proxy/0FmbmGf46W5NR5FW3qWccRs0i5TP7hYgqpbyv5OePTnc_-krJjETarHkLlTO9Ush7pVmdVk6Z51U4N4PbmQhMNlwvhgZeUjjv71-1_BHxs-fcL2KP2DH=s0-d Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lh3.googleusercontent.com/proxy/XFrTgvH06FgoPdXXfZeIZtKt7cSuX1_6DAGN0mR75D96e2Gz5iRVmvYNogEBzdAcjdqiHISyTrWRJCMZRMH6hEO4wHucNK9IfIIIT9uyrlb1324Q=s0-d Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lh5.googleusercontent.com/proxy/0FmbmGf46W5NR5FW3qWccRs0i5TP7hYgqpbyv5OePTnc_-krJjETarHkLlTO9Ush7pVmdVk6Z51U4N4PbmQhMNlwvhgZeUjjv71-1_BHxs-fcL2KP2DH=s0-d Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lh4.googleusercontent.com/proxy/ReJABePIlbHl_30uU8jp8a6d5zXC-I-K7DO6DVOqguYxjdxfBfTmhMMlnO0BRtij5pLgGuKxg51ZA4wrg1xKwyBzClQoB27afYHU3hcRdw1Bshk=s0-d Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ramadan2020.app/images/share.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ramadan2020.app/images/like.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ramadan2020.app/images/bubble.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=365a2e4c-877d-484b-850c-a586cd4ccf21 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:ecce64e4444f0a660da6d8bedb878a07 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dtssrv.com
ads.avct.cloud
ads.avocet.io
aorta.clickagy.com
audex.userreport.com
bcp.crwdcntrl.net
beacon.krxd.net
c.cintnetworks.com
cdn.tynt.com
cm.adgrx.com
cm.g.doubleclick.net
d.turn.com
de.tynt.com
dpm.demdex.net
dt-secure.videohub.tv
fontlibrary.org
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
global.ib-ibi.com
i.imgur.com
ic.tynt.com
idsync.rlcdn.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
match.adsrvr.org
ml314.com
mwzeom.zeotap.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
pd.sharethis.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.tapad.com
pm.w55c.net
secure.adnxs.com
spl.zeotap.com
statt.cc
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.tag.clrstm.com
sync.tidaltv.com
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
tags.crwdcntrl.net
waust.at
whos.amung.us
www.ramadan2020.app
sync.tag.clrstm.com
104.111.215.191
104.18.28.199
104.21.78.98
13.224.196.9
13.225.78.102
13.225.78.128
13.225.78.23
13.225.78.97
142.250.184.194
142.250.185.138
142.250.185.99
142.250.186.147
146.59.148.16
151.101.112.193
151.101.130.49
172.217.18.97
172.67.13.182
172.67.221.197
172.67.71.57
185.29.132.241
185.33.223.178
199.127.207.182
208.100.17.186
3.120.29.221
3.121.175.251
34.232.235.22
34.247.104.176
34.253.137.48
35.227.248.159
35.244.174.68
44.193.191.16
45.55.96.63
45.56.91.11
46.228.164.13
51.144.7.192
51.89.24.70
52.17.176.161
52.17.185.148
52.208.103.128
52.214.235.66
52.30.14.23
66.155.71.150
67.202.105.34
67.202.94.93
69.169.85.6
72.251.232.228
76.223.111.131
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
26591ced192665fde3c7d960db16259abd7f9d6765a01c6f756a0244331fc6da
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
352b946d2aa4d0b2da6236769fbb46cab48ee1d8378df1dd5b28aa84fa875536
3694ec04d92e37cfacf4b749bc79c5c009c879c7548ecc91aff4f9ae1ef2d0cc
3728895eb8d0e25f94db6198ab080c2bd47980353e7523f26a3c24374d0ba552
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42e2300c53dbfcd389c88271aba89b5c17986c74c40614ae5c38183a015f4233
4833ea19effcc4e63b391362c9fd83b5ba806692ade5412def93a492c32aee6c
4ca5acf90352059c1dae7726028c062425b787f14eb37f515095784bb3babe70
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
61d2cf33a08e6a7ff160be17be55dd90c05053714b67f9758b97dac5203d8821
61e9bd1c5de201a7f9d9135c793cbbd15c47d242a7d4a82bdc3dc00c5da24078
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
6915ff135031ab7a28374f006f49db26407d725e1961930647b0c154cd16e272
6a4b528d033c6c47cc9ce644a09fc0ee5cb613426fc582b00c28ebb431c1bdcb
6b12da4280d0e6636ca5d13955ec42b9abcf4ab92f5bdd36935f3925600f6216
76cec2dc664efb9f0dc2389fe9aa7d2d2d4def1b08cfbdbf6c50cde993509f92
8b0007652a414c94278f56ee68ff2bf63d53c2a58a3cfaf2bd8c9a05518c5a1f
8b862071be60fd71779cdad3f4f02db7060fb2ba93cf74e9224ef35de868e220
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
920ad89079c52b27750e326fa29dcf65f0e50144e62753ed80c815c12bee8ed6
963abd139526fc02397d054a4c80fdbfbd66690291ec92470724a23681658c3e
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
a97edd3a20c514e19b12bdfe4d88ac2130a9d446a1c56b481f4622792d510275
ae57aea1cb701121475bcd38a9264115c401927701f4b04a54f9166143c52fe0
aed440687d53532c50a7b3a87f5213aab5cfe582d4b84a772544d5d0ea341714
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b51a0c0eb85129fc4dc139287e94e52a2518048ce32ac81d5baa2052d0433167
bccde2dcbc95005c3e7b97bc6807edbbd79d763652c12f7febb9190c99b4bf1c
bd9e90d57eefa03a41b08a2515f7643643467c6abbd7dcc4f2a515d099aed262
c544c74f906e7120f64a325eaca537478803ab520269019aa5f430d490b088dd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d31ff06de175c09de958e1668bf4c9f1dc972cac23b4aba13cefe070a7f15aa7
d6d3f0c5ae10995c795e47b9783b1a461a1d1a5c69c6a1bfeaec403d5a8a3af5
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
dc2d569100ac9907327e71ebeaf836b420f7571288ceef174a1bf83a31def4e8
e119d54f77ab175a1af13b742102c9062ce8db77ac8c104e4beb1246c7bd035f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fec3422ba1298063b09932cc3848c5d1fca91a1dac4747b5b445ea7462c2fc
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

www.ramadan2020.app Open in urlscan Pro 142.250.186.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

79 Requests

99 %HTTPS

0 %IPv6

43 Domains

52 Subdomains

34 IPs

7 Countries

890 kBTransfer

1263 kBSize

44 Cookies

0 Outgoing links

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ramadan2020.app Open in urlscan Pro
142.250.186.147 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

99 %
HTTPS

0 %
IPv6

43
Domains

52
Subdomains

34
IPs

7
Countries

890 kB
Transfer

1263 kB
Size

44
Cookies

79 HTTP transactions
1 data transactions