cibtvisas.com Open in urlscan Pro
2606:4700::6812:5af Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cibtvisas.com/
Submission Tags: @phishunt_io
Submission: On February 09 via api (February 9th 2022, 8:55:47 pm UTC) from DE — Scanned from DE

Summary HTTP 106 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 54 IPs in 8 countries across 50 domains to perform 106 HTTP transactions. The main IP is 2606:4700::6812:5af, located in United States and belongs to CLOUDFLARENET, US. The main domain is cibtvisas.com. The Cisco Umbrella rank of the primary domain is 137863.
TLS certificate: Issued by R3 on January 20th 2022. Valid for: 3 months.

This is the only time cibtvisas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	2606:4700::68... 2606:4700::6812:5af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	185.230.212.28 185.230.212.28	41913 (COMPUTERL...) (COMPUTERLINE Computerline)
3 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	185.20.209.147 185.20.209.147	41913 (COMPUTERL...) (COMPUTERLINE Computerline)
1 3	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1 6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.225.80.89 13.225.80.89	16509 (AMAZON-02) (AMAZON-02)
1	178.79.242.181 178.79.242.181	22822 (LLNW) (LLNW)
1	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e024	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	13.224.189.26 13.224.189.26	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
3	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1	13.224.189.67 13.224.189.67	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 4	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	52.167.85.21 52.167.85.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
3	35.174.151.106 35.174.151.106	14618 (AMAZON-AES) (AMAZON-AES)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 2	34.241.74.252 34.241.74.252	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.95 64.202.112.95	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2.21.140.111 2.21.140.111	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.36.113.17 104.36.113.17	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	104.90.185.183 104.90.185.183	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	104.90.181.210 104.90.181.210	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:20e... 2600:9000:20eb:9200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1	34.247.9.63 34.247.9.63	16509 (AMAZON-02) (AMAZON-02)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.86.139.89 185.86.139.89	201081 (SMARTADSE...) (SMARTADSERVER)
1	54.93.148.23 54.93.148.23	16509 (AMAZON-02) (AMAZON-02)
1 2	34.246.169.106 34.246.169.106	16509 (AMAZON-02) (AMAZON-02)
2 2	35.175.54.167 35.175.54.167	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4680:5b76:7408:bdd4:1592	14618 (AMAZON-AES) (AMAZON-AES)
1	75.101.244.20 75.101.244.20	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.64.208.15 3.64.208.15	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4264:e8c6:2f28:702a:f217	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2.21.142.210 2.21.142.210	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	185.221.87.248 185.221.87.248	206998 (NEW-2) (NEW-2)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
106	54

31 2606:4700::6812:5af (United States)

ASN13335 (CLOUDFLARENET, US)

cibtvisas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.230.212.28 (Netherlands)

ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH)

salesiq.zoho.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.20.209.147 (Switzerland)

ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH)

css.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.80.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-89.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.181 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f7::5c7b:e024 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-26.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-67.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.174.151.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-4-ue1.aws.pardot.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.newlandchase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.241.74.252 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-74-252.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.140.111 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-140-111.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.90 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.17 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.185.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-185-183.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.90.181.210 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-181-210.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:9200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.9.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.89 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.148.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-148-23.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.169.106 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-169-106.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.175.54.167 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-54-167.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4680:5b76:7408:bdd4:1592 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.101.244.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-244-20.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.64.208.15 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-208-15.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:e8c6:2f28:702a:f217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.142.210 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-210.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.221.87.248 (Ireland)

ASN206998 (NEW-2, IE)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	cibtvisas.com cibtvisas.com — Cisco Umbrella Rank: 137863	2 MB
10	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 355 mug.criteo.com — Cisco Umbrella Rank: 3197 sslwidget.criteo.com — Cisco Umbrella Rank: 1671 widget.us.criteo.com — Cisco Umbrella Rank: 20189 dis.criteo.com — Cisco Umbrella Rank: 619	17 KB
6	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 331 c.bing.com — Cisco Umbrella Rank: 212	22 KB
5	yahoo.com 1 redirects ads.yahoo.com — Cisco Umbrella Rank: 835 sp.analytics.yahoo.com — Cisco Umbrella Rank: 796 ups.analytics.yahoo.com — Cisco Umbrella Rank: 269	2 KB
5	clarity.ms 1 redirects i.clarity.ms — Cisco Umbrella Rank: 2013 c.clarity.ms — Cisco Umbrella Rank: 693	24 KB
4	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 350	4 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 439 www.linkedin.com — Cisco Umbrella Rank: 602 px4.ads.linkedin.com — Cisco Umbrella Rank: 5087	3 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 458 i6.liadm.com — Cisco Umbrella Rank: 1371	1 KB
3	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	1 KB
3	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 2837	267 B
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 574 script.hotjar.com — Cisco Umbrella Rank: 726 vars.hotjar.com — Cisco Umbrella Rank: 809	66 KB
3	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 236	17 KB
3	zohocdn.com css.zohocdn.com — Cisco Umbrella Rank: 13536 js.zohocdn.com — Cisco Umbrella Rank: 12687	19 KB
2	nr-data.net bam.eu01.nr-data.net — Cisco Umbrella Rank: 9246	1 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 614 cdn.stickyadstv.com — Cisco Umbrella Rank: 2281	1 KB
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 307	717 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 621	853 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 265	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1839	2 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 356	738 B
2	mediawallahscript.com 1 redirects partner.mediawallahscript.com — Cisco Umbrella Rank: 1741	1 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 283	394 B
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 3601	4 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	386 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	114 KB
2	zoho.eu salesiq.zoho.eu — Cisco Umbrella Rank: 76757	42 KB
2	gstatic.com fonts.gstatic.com	26 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 250	32 KB
1	newlandchase.com resources.newlandchase.com — Cisco Umbrella Rank: 478600	1 KB
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 754	418 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2302	183 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 900	428 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 561	263 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 535	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1241	231 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1763	172 B
1	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 1796	174 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 659	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 478	783 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 552	675 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 288	239 B
1	addthis.com cw.addthis.com — Cisco Umbrella Rank: 1163	426 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 717	476 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 306	18 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6342	501 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	574 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 830	2 KB
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 9730	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 638	13 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	82 KB
106	50

	Domain	Requested by
31	cibtvisas.com	cibtvisas.com
5	bat.bing.com	cibtvisas.com bat.bing.com
4	secure.adnxs.com	3 redirects
4	gum.criteo.com	3 redirects cibtvisas.com
3	ups.analytics.yahoo.com	1 redirects
3	dis.criteo.com
3	i.clarity.ms	cibtvisas.com
3	pixel.sitescout.com	cibtvisas.com
3	ssl.google-analytics.com	1 redirects cibtvisas.com
2	bam.eu01.nr-data.net	cibtvisas.com
2	pixel.advertising.com	2 redirects
2	i.liadm.com	2 redirects
2	ad.360yield.com	1 redirects
2	x.bidswitch.net	1 redirects
2	r.casalemedia.com	1 redirects
2	eb2.3lift.com	1 redirects
2	partner.mediawallahscript.com	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	idsync.rlcdn.com
2	pi.pardot.com	cibtvisas.com
2	c.clarity.ms	1 redirects cibtvisas.com
2	www.facebook.com	cibtvisas.com
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	cibtvisas.com
2	css.zohocdn.com	cibtvisas.com css.zohocdn.com
2	salesiq.zoho.eu	cibtvisas.com
2	fonts.gstatic.com	fonts.googleapis.com
1	resources.newlandchase.com	cibtvisas.com
1	d.turn.com	1 redirects
1	cdn.stickyadstv.com
1	ads.stickyadstv.com	1 redirects
1	criteo-partners.tremorhub.com
1	jadserve.postrelease.com
1	i6.liadm.com
1	match.sharethrough.com
1	rtb-csync.smartadserver.com
1	sync-t1.taboola.com
1	criteo-sync.teads.tv
1	trends.revcontent.com
1	s.ad.smaato.net
1	contextual.media.net
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	cw.addthis.com
1	sync.outbrain.com
1	sp.analytics.yahoo.com
1	ads.yahoo.com
1	js-agent.newrelic.com	cibtvisas.com
1	c.bing.com	1 redirects
1	widget.us.criteo.com	cibtvisas.com
1	sslwidget.criteo.com	1 redirects
1	www.google.de	cibtvisas.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	vars.hotjar.com	cibtvisas.com
1	px4.ads.linkedin.com	cibtvisas.com
1	www.linkedin.com	1 redirects
1	script.hotjar.com	cibtvisas.com
1	mug.criteo.com	cibtvisas.com
1	snap.licdn.com	cibtvisas.com
1	up.pixel.ad	cibtvisas.com
1	static.hotjar.com	cibtvisas.com
1	js.zohocdn.com	cibtvisas.com
1	static.criteo.net	cibtvisas.com
1	www.googletagmanager.com	cibtvisas.com
1	ajax.googleapis.com	cibtvisas.com
1	fonts.googleapis.com	cibtvisas.com
106	67

This site contains links to these domains. Also see Links.

Domain
newlandchase.com
corporate.cibt.com
recruiting.ultipro.com
cibtvisas.com.au
cibtvisas.at
cibtvisas.be
cibtvisas.com.br
cibtvisas.ca
cibtvisas-fsg.cn
cibtvisas.dk
cibtvisas.fi
cibtvisas.fr
cibtvisas.de
cibtvisas.ie
cibtvisas.com.mx
cibtvisas.nl
cibtvisas.no
cibtvisas.sg
cibtvisas.es
cibtvisas.se
cibtvisas.ch
cibtvisas.co.uk
twitter.com
www.facebook.com
www.linkedin.com
www.bbb.org
www.nytimes.com

Subject Issuer	Validity	Valid
*.cibtvisas.com R3	`2022-01-20` - `2022-04-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.zoho.eu Sectigo RSA Domain Validation Secure Server CA	`2021-05-21` - `2022-05-21`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.zohocdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-30` - `2022-09-30`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.pixel.ad GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-01-26` - `2023-02-02`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-19` - `2022-02-17`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-08` - `2022-11-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-02-07` - `2022-03-30`	2 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
teads.tv R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.eu01.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2021-05-24` - `2022-06-24`	a year	crt.sh
resources.newlandchase.com R3	`2022-01-25` - `2022-04-25`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://cibtvisas.com/
Frame ID: 31C4286129CF0AD31B5EBFA50044E048
Requests: 71 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=cibtvisas.com&origin=onetag
Frame ID: A3C50A73F88B0CA7F59BB930D608C6BF
Requests: 2 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: DA9BAA46EA79B03033B8A08C8D7D1506
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 09ED089BA84D0C2A48BF34CDC4F7A7F5
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 6757CFCC6FB95A8844546ED11C03534C
Requests: 1 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/397596.gif?partner_uid=Kr9Yn4vl7dKodDuH98WZrR2yp1d6z1vB
Frame ID: BD89CDEB2D0F7AEF2F8C46CEFF90D689
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Travel Visas and US Passports for Business Travel and Tourism | Fast, Easy, Secure

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

106
Requests

82 %
HTTPS

35 %
IPv6

50
Domains

67
Subdomains

54
IPs

8
Countries

2627 kB
Transfer

4780 kB
Size

90
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://newlandchase.com/our-services/
Title: Immigration Services

Search URL Search Domain Scan URL

URL: https://corporate.cibt.com/about-cibt/leadership/
Title: CIBTvisas Global Leadership

Search URL Search Domain Scan URL

URL: https://recruiting.ultipro.com/CIB1001CBTHO/JobBoard/651e26e3-d67c-4622-8ee3-62b19eab9aa9/?q=&o=postedDateDesc&f4=X1RzVTkvxkKDdmPbR4tpeQ
Title: CIBTvisas Careers

Search URL Search Domain Scan URL

URL: https://newlandchase.com/our-technology/immigration-software/
Title: Learn More

Search URL Search Domain Scan URL

URL: https://cibtvisas.com.au/
Title: australia

Search URL Search Domain Scan URL

URL: https://cibtvisas.at/
Title: austria

Search URL Search Domain Scan URL

URL: https://cibtvisas.be/
Title: belgium

Search URL Search Domain Scan URL

URL: https://cibtvisas.com.br/
Title: brazil

Search URL Search Domain Scan URL

URL: https://cibtvisas.ca/
Title: canada

Search URL Search Domain Scan URL

URL: https://cibtvisas-fsg.cn/
Title: china

Search URL Search Domain Scan URL

URL: https://cibtvisas.dk/
Title: Denmark

Search URL Search Domain Scan URL

URL: https://cibtvisas.fi/
Title: finland

Search URL Search Domain Scan URL

URL: https://cibtvisas.fr/
Title: france

Search URL Search Domain Scan URL

URL: https://cibtvisas.de/
Title: germany

Search URL Search Domain Scan URL

URL: https://cibtvisas.ie/
Title: ireland

Search URL Search Domain Scan URL

URL: https://cibtvisas.com.mx/
Title: mexico

Search URL Search Domain Scan URL

URL: https://cibtvisas.nl/
Title: netherlands

Search URL Search Domain Scan URL

URL: https://cibtvisas.no/
Title: Norway

Search URL Search Domain Scan URL

URL: https://cibtvisas.sg/
Title: singapore

Search URL Search Domain Scan URL

URL: https://cibtvisas.es/
Title: spain

Search URL Search Domain Scan URL

URL: https://cibtvisas.se/
Title: Sweden

Search URL Search Domain Scan URL

URL: https://cibtvisas.ch/
Title: switzerland

Search URL Search Domain Scan URL

URL: https://cibtvisas.co.uk/
Title: United Kingdom

Search URL Search Domain Scan URL

URL: https://twitter.com/CIBTGlobal
Title: T

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CIBT-1549291535285735/
Title: F

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/cibt
Title: L

Search URL Search Domain Scan URL

URL: https://www.bbb.org/washington-dc-eastern-pa/business-reviews/passport-and-visa-services/cibt-inc-in-mclean-va-235987004/#bbbonlineclick
Title: BBB

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2015/03/29/travel/getting-to-the-front-of-the-visa-line.html?_r=0
Title: As Seen in The New York Times

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://gum.criteo.com/sid/json?origin=onetag&domain=cibtvisas.com&sn=ChromeSyncframe&so=0&topUrl=cibtvisas.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=7eEoHnx3bTI4bGJDa1BlTmRSejNiU2NzTzNSa3Rvbm1EWVQvUGRGM0JQcGM1VXVrS0ZzNFJxZi9NeGkxUkpSWUcyMjNxQzZVbFkwTE9OUzJWZEpqQmNwVDFta21KKzh4OTdkM1RvUDRYQmtvN1EzUVBkNmdpQzlnUHprOGxNNVBoa3M1a3ZqKzcwY0l2ZHpteGlDUE8wemJhL3g4SFRXREZFZi9Jb3ZzTnkzb3A1dGV6a3JFa2FXemR0NWw5cDlMNTJ4akRBVzBzUmVVSXpRQU15QlNpbXVLai91Q0lnTmR1VFdOTHROTHBkaGJnVnNuenluQkh5NDlQdzMxWWExUEI3emdxQmR1RURYTmYvNGt6bkNIT0hTb0RyZz09fA&cppv=2

Request Chain 49

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3443972&time=1644440141549&url=https%3A%2F%2Fcibtvisas.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3443972%26time%3D1644440141549%26url%3Dhttps%253A%252F%252Fcibtvisas.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3443972&time=1644440141549&url=https%3A%2F%2Fcibtvisas.com%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3443972&time=1644440141549&url=https%3A%2F%2Fcibtvisas.com%2F&liSync=true&e_ipv6=AQKjYkRDTX2r3AAAAX7gRUCPvwh9cLNdMFWNL29qeCn_FjfdM_noDC0BMYD50H8a1qxBWHus

Request Chain 57

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=292884676&utmhn=cibtvisas.com&utme=8(30725*3!Do%20Not%20Track%20Setting*5!Language)9(30725*3!Off*5!English)11(2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Travel%20Visas%20and%20US%20Passports%20for%20Business%20Travel%20and%20Tourism%20%7C%20Fast%2C%20Easy%2C%20Secure&utmhid=1907653835&utmr=-&utmp=%2F&utmht=1644440141646&utmac=UA-3428015-1&utmgtm=2wg270NBZ9FG7&utmcc=__utma%3D6331552.88311203.1644440142.1644440142.1644440142.1%3B%2B__utmz%3D6331552.1644440142.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=42824427&utmredir=1&utmu=q2AgAABAAAGBAAAAAgAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3428015-1&cid=88311203.1644440142&jid=42824427&_v=5.7.2&z=292884676 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3428015-1&cid=88311203.1644440142&jid=42824427&_v=5.7.2&z=292884676 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3428015-1&cid=88311203.1644440142&jid=42824427&_v=5.7.2&z=292884676&slf_rd=1&random=1802326852

Request Chain 59

https://sslwidget.criteo.com/event?a=23001&v=5.8.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=6-P58F80akRUeHF3VnlaVVFLWjFsQkglMkYlMkYwUUFGU0ZwYWVJS0RXdndmOUdCeCUyQkthUFlMZFRDNVkwVkxSM2duRFJjJTJCbE9NVGg1aGFXb0FjbVRxOHk1bTJnbGNBTkRzNmdrVHNQb2FObm9KMHhJZlNIWGUxaGhla3MlMkJwaFo0N2x6RW5BVHM0Y1cxSyUyRklCemFmT3l3a0xOcVVEYUElM0QlM0Q&tld=cibtvisas.com&dtycbr=24928 HTTP 302
https://widget.us.criteo.com/event?a=23001&v=5.8.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=6-P58F80akRUeHF3VnlaVVFLWjFsQkglMkYlMkYwUUFGU0ZwYWVJS0RXdndmOUdCeCUyQkthUFlMZFRDNVkwVkxSM2duRFJjJTJCbE9NVGg1aGFXb0FjbVRxOHk1bTJnbGNBTkRzNmdrVHNQb2FObm9KMHhJZlNIWGUxaGhla3MlMkJwaFo0N2x6RW5BVHM0Y1cxSyUyRklCemFmT3l3a0xOcVVEYUElM0QlM0Q&tld=cibtvisas.com&dtycbr=24928

Request Chain 62

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=7838941BAB1C46378303F46DD131DFE9&RedC=c.clarity.ms&MXFR=355C23A54E9F6B80240A32E34A9F6581 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=7838941BAB1C46378303F46DD131DFE9&MUID=3562516191776BF6140E402790A56A9C

Request Chain 65

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=Kr9Yn4vl7dKodDuH98WZrR2yp1d6z1vB

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay0yYnJ3ZXZ5U01oUnF1b3lnX0xtS0RvR0VNaWZ2QXU4RDZKdzV5QQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&google_hm=ay0yYnJ3ZXZ5U01oUnF1b3lnX0xtS0RvR0VNaWZ2QXU4RDZKdzV5QQ&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Request Chain 67

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-2brwevySMhRquoyg_LmKDoGEMifvAu8D6Jw5yA&custom=&tag_format=img&tag_action=sync&custom=&cb=126f8328-8279-4804-9841-5429933e13dc HTTP 302
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-2brwevySMhRquoyg_LmKDoGEMifvAu8D6Jw5yA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=126f8328-8279-4804-9841-5429933e13dc&final=true&reqid=a4fb2dc0-89ea-11ec-84f6-35c05e5863c0&timestamp=2022-02-09T20%3A55%3A42.492Z

Request Chain 71

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QD-u3fySMhRquoyg_LmKDoGEMicy9X9tjiOORQ HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QD-u3fySMhRquoyg_LmKDoGEMicy9X9tjiOORQ&verify=true

Request Chain 75

https://secure.adnxs.com/setuid?entity=52&code=k-cf4NifySMhRquoyg_LmKDoGEMidbXrmbFyW66w&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-cf4NifySMhRquoyg_LmKDoGEMidbXrmbFyW66w%26seg%3D95287

Request Chain 77

https://eb2.3lift.com/xuid?mid=2711&xuid=k-NYpSOfySMhRquoyg_LmKDoGEMieZ3eREKGhghA&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-NYpSOfySMhRquoyg_LmKDoGEMieZ3eREKGhghA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

Request Chain 79

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-li8sM_ySMhRquoyg_LmKDoGEMieSiR5_A4bIlg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-li8sM_ySMhRquoyg_LmKDoGEMieSiR5_A4bIlg&C=1

Request Chain 81

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-1NpHAfySMhRquoyg_LmKDoGEMieRSo5FRGgOTQ&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-1NpHAfySMhRquoyg_LmKDoGEMieRSo5FRGgOTQ&expires=30&user_group=5

Request Chain 87

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-xlUFfPySMhRquoyg_LmKDoGEMid2-RWCU9jKfg HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-xlUFfPySMhRquoyg_LmKDoGEMid2-RWCU9jKfg

Request Chain 88

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-AKSzMvySMhRquoyg_LmKDoGEMifjDnm5RsDQAg HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-AKSzMvySMhRquoyg_LmKDoGEMifjDnm5RsDQAg&_li_chk=true&previous_uuid=420b165890bc4d12919d876b7188cafb HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-AKSzMvySMhRquoyg_LmKDoGEMifjDnm5RsDQAg

Request Chain 90

https://pixel.advertising.com/ups/55945/sync?uid=k-3FRfg_ySMhRquoyg_LmKDoGEMidWwDGfZMX9vQ&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55945/sync?uid=k-3FRfg_ySMhRquoyg_LmKDoGEMidWwDGfZMX9vQ&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-3FRfg_ySMhRquoyg_LmKDoGEMidWwDGfZMX9vQ&_origin=1&apid=UPa51f7f2d-89ea-11ec-9426-02b393fefa9c

Request Chain 92

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-m8lMc_ySMhRquoyg_LmKDoGEMif8Xc8gPyMBWQ&redirectId=69 HTTP 302
https://cdn.stickyadstv.com/one-shot/empty.gif

Request Chain 98

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/jb7kkk8GmOtyIC_m6TLN04AcYFrYFcdW/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4101705440622741216

Request Chain 99

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2368272763205980940

106 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cibtvisas.com/ 255 KB
42 KB 591ms
542ms Document
text/html 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e61d996783b46563de5039f0ea572e218125113fec72a1c9ec9f71c3862e3d4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 09 Feb 2022 20:55:40 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15724800; includeSubDomains
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6daffffd9b15692b-FRA
content-encoding: gzip

GET
H2 200 all.min.css
cibtvisas.com/resources/CIBT/eng/css/ 261 KB
47 KB 56ms
55ms Stylesheet
text/css 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cibtvisas.com/resources/CIBT/eng/css/all.min.css?ver=1644266571

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c1f7469599803192c5de7350db2a31493dc1237e171465005759b4ec9fc6aad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13224
vary: Accept-Encoding
content-length: 48466
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Feb 2022 20:38:56 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/css
cache-control: public, max-age=1814400
accept-ranges: bytes
cf-ray: 6db000019d75692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 132ms
47ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c25f484736142a0dc15f36698fec2dbf33199cd69c31e505f15cbc359900faee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 20:46:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Feb 2022 20:55:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Feb 2022 20:55:41 GMT

GET
H2 200 font-awesome.min.css
cibtvisas.com/fonts/ 30 KB
7 KB 40ms
40ms Stylesheet
text/css 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cibtvisas.com/fonts/font-awesome.min.css

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1424438
vary: Accept-Encoding
content-length: 7053
x-xss-protection: 1; mode=block
last-modified: Tue, 28 May 2019 17:44:18 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/css
cache-control: public, max-age=1814400
accept-ranges: bytes
cf-ray: 6db000019d77692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 09:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Feb 2023 09:57:31 GMT

GET
H2 200 all.min.js Show response
cibtvisas.com/resources/js/ 179 KB
40 KB 38ms
37ms Script
application/javascript 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cibtvisas.com/resources/js/all.min.js?ver=1644266571

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

993afb261624730a432d4e0921da6530967e56c5a8e9d608904d6343d40422d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13223
vary: Accept-Encoding
content-length: 41201
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Feb 2022 20:38:56 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
cache-control: public, max-age=1814400
accept-ranges: bytes
cf-ray: 6db000019d7d692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 bootstrap.min.js Show response
cibtvisas.com/resources/js/ 39 KB
11 KB 35ms
35ms Script
application/javascript 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cibtvisas.com/resources/js/bootstrap.min.js

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1084902
vary: Accept-Encoding
content-length: 10940
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 23:12:41 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
cache-control: public, max-age=1814400
accept-ranges: bytes
cf-ray: 6db000019d7e692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 cibt-visas-logo2.png
cibtvisas.com/resources/CIBT/eng/images/common/ 5 KB
5 KB 38ms
38ms Image
image/png 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibtvisas.com/resources/CIBT/eng/images/common/cibt-visas-logo2.png

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

969906bcbe527c9f8a20dd41fb0e8cdb9710ab85c4928ee7b40d1239fc7fa361

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1084901
vary: Accept-Encoding
content-length: 5160
x-xss-protection: 1; mode=block
last-modified: Tue, 28 May 2019 17:44:13 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
cache-control: public, max-age=1814400
accept-ranges: bytes
cf-ray: 6db000026f55692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 loading-red.gif
cibtvisas.com/resources/CIBT/eng/images/css/ 11 KB
11 KB 27ms
27ms Image
image/gif 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibtvisas.com/resources/CIBT/eng/images/css/loading-red.gif

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2e31d64a53c06ee7076e71b5f5dc7e298e4686c2f39e766250d88717eb7dbad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1424437
vary: Accept-Encoding
content-length: 10819
x-xss-protection: 1; mode=block
last-modified: Tue, 28 May 2019 17:44:13 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/gif
cache-control: public, max-age=1814400
accept-ranges: bytes
cf-ray: 6db00002afdd692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 431 KB
82 KB 155ms
67ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NBZ9FG7

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e82e0b63a235485c7a5dc7ccc2e311c4a4d003622a366c5d7307e1d356f268a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83718
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 18:45:26 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Feb 2022 20:55:41 GMT

GET
H2 200 clock-icon.svg
cibtvisas.com/resources/CIBT/eng/filemanager/Marketing/2019/ 11 KB
4 KB 314ms
312ms Image
image/svg+xml 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibtvisas.com/resources/CIBT/eng/filemanager/Marketing/2019/clock-icon.svg

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c799879632739e2e4d176303e6ee5eec576cd0c7bdcf4766e89a3cbb5264fa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Thu, 05 Aug 2021 19:41:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=14400
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6db00002b807692b-FRA
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 10 Feb 2022 00:55:41 GMT

GET
H2 200 world-icon.svg
cibtvisas.com/resources/CIBT/eng/filemanager/Marketing/2019/ 11 KB
4 KB 292ms
290ms Image
image/svg+xml 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibtvisas.com/resources/CIBT/eng/filemanager/Marketing/2019/world-icon.svg

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0fe2250071a03c7d5b1027eb162479edf38c3cfda10dcb7c5dc76681d42dab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Thu, 05 Aug 2021 19:41:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=14400
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6db00002b809692b-FRA
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 10 Feb 2022 00:55:41 GMT

GET
H2 200 shield-icon.svg
cibtvisas.com/resources/CIBT/eng/filemanager/Marketing/2019/ 11 KB
4 KB 31ms
30ms Image
image/svg+xml 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibtvisas.com/resources/CIBT/eng/filemanager/Marketing/2019/shield-icon.svg

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fb12570349f1240f49d37c31c1754d483f366a601a898d4a59bbb1b7fcbdee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6030
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Aug 2021 19:41:14 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 6db00002b80a692b-FRA
expires: Thu, 10 Feb 2022 00:55:41 GMT

GET
H2 200 siteseal_gd_dark.gif
cibtvisas.com/resources/CIBT/eng/images/common/ 3 KB
3 KB 37ms
36ms Image
image/gif 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibtvisas.com/resources/CIBT/eng/images/common/siteseal_gd_dark.gif

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04128cd522b3e35c2158deab3bdb43828cf7fbddd5c51e64eb7825aff17cc6fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1383476
vary: Accept-Encoding
content-length: 2639
x-xss-protection: 1; mode=block
last-modified: Tue, 28 May 2019 17:44:13 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/gif
cache-control: public, max-age=1814400
accept-ranges: bytes
cf-ray: 6db00002b80b692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 40 KB
13 KB 60ms
25ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 12:51:58 GMT
server: nginx
etag: W/"61b8936e-9faf"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Feb 2022 20:55:41 GMT

GET
H2 200 fontawesome-webfont.woff2
cibtvisas.com/fonts/ 75 KB
76 KB 75ms
75ms Font
text/plain 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cibtvisas.com/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/fonts/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42736c7de60dfab94b3cc902b8692f80cfeb0a5989d1d51db1d25fd7d18dc45b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cibtvisas.com/fonts/font-awesome.min.css
Origin: https://cibtvisas.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 485135
vary: Accept-Encoding
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Tue, 28 May 2019 17:44:18 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=1814400
accept-ranges: bytes
cf-ray: 6db00002c810692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 13 KB
13 KB 126ms
40ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cibtvisas.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 14:56:27 GMT
x-content-type-options: nosniff
age: 21554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13080
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 14:56:27 GMT

GET
H/1.1 200 widget Show response
salesiq.zoho.eu/ 111 KB
33 KB 61ms
19ms Script
text/javascript 185.230.212.28
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zoho.eu/widget

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.230.212.28 , Netherlands, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

8f1ff366277d44b77be3b387ae2d9d2d33269853e30e24df160b8d1524d41dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
Date: Wed, 09 Feb 2022 20:55:41 GMT
Content-Encoding: gzip
Server: ZGS
ETag: W/e008c64974f082c834d0027dafed909cc442ae43130f00fbc82ab8f754d69ee3
vary: accept-encoding
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000
Expires: Wed, 09 Feb 2022 21:00:41 GMT

GET
H2 200 hero-image.jpg
cibtvisas.com/resources/files/usa/CIBT/eng/filemanager/Marketing/Home%20Page%20Assets/ 66 KB
66 KB 31ms
31ms Image
image/jpeg 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibtvisas.com/resources/files/usa/CIBT/eng/filemanager/Marketing/Home%20Page%20Assets/hero-image.jpg

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

722ce8313ef8a1fa63b0187bdde07a19865d30f370b1f67c2ce3d24d7eca9032

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 357232
cf-bgj: h2pri
vary: Accept-Encoding
content-length: 67339
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Aug 2021 19:42:32 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: public, max-age=1814400
accept-ranges: bytes
cf-ray: 6db00002e859692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 home_side_image_compressed.jpg
cibtvisas.com/resources/CIBT/eng/filemanager/Marketing/2019/ 116 KB
116 KB 25ms
25ms Image
image/jpeg 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibtvisas.com/resources/CIBT/eng/filemanager/Marketing/2019/home_side_image_compressed.jpg

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42ef115290ccb77ed1d69548cf85af2bc12c229953e8825b35b06a2d98605228

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 477227
cf-bgj: h2pri
vary: Accept-Encoding
content-length: 118320
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Aug 2021 19:41:14 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: public, max-age=1814400
accept-ranges: bytes
cf-ray: 6db00002e85b692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 background-swoop.png
cibtvisas.com/resources/CIBT/eng/filemanager/Marketing/2019/ 73 KB
73 KB 42ms
38ms Image
image/png 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibtvisas.com/resources/CIBT/eng/filemanager/Marketing/2019/background-swoop.png

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49ce6ca7433885c11f8642adc16690783fe0c6961a563d2bf894ff477fe565a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273435
vary: Accept-Encoding
content-length: 74932
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Aug 2021 19:41:14 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
cache-control: public, max-age=1814400
accept-ranges: bytes
cf-ray: 6db00002e867692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 New%20Zealand%20-%20Compressed.jpg
cibtvisas.com/resources/files/usa/CIBT/eng/filemanager/Marketing/2020/ 207 KB
208 KB 54ms
48ms Image
image/jpeg 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibtvisas.com/resources/files/usa/CIBT/eng/filemanager/Marketing/2020/New%20Zealand%20-%20Compressed.jpg

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59c9ed02e14909ec2d1852f3f51f0026d9a58864f2403f98d746fe76474476e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 38714
cf-bgj: h2pri
vary: Accept-Encoding
content-length: 212315
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Aug 2021 19:41:14 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: public, max-age=1814400
accept-ranges: bytes
cf-ray: 6db00002e868692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 india_edited.jpg
cibtvisas.com/resources/CIBT/eng/filemanager/Marketing/2019/Home%20Page%20Assets/ 169 KB
169 KB 39ms
35ms Image
image/jpeg 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibtvisas.com/resources/CIBT/eng/filemanager/Marketing/2019/Home%20Page%20Assets/india_edited.jpg

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1e6f330c3e63c357a3aad8bc8693e02302c2822427ac1f8353c2b9e0b375624

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 38714
cf-bgj: h2pri
vary: Accept-Encoding
content-length: 172757
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Aug 2021 19:41:14 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: public, max-age=1814400
accept-ranges: bytes
cf-ray: 6db00002e869692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 saudi_arabia.jpg
cibtvisas.com/resources/CIBT/eng/filemanager/Marketing/2019/Home%20Page%20Assets/ 247 KB
248 KB 32ms
29ms Image
image/jpeg 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibtvisas.com/resources/CIBT/eng/filemanager/Marketing/2019/Home%20Page%20Assets/saudi_arabia.jpg

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a30b772ad21e8c4e2a22dee4d1da6dbf38a9ab1b5fcde7f86189fecd9638f0bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 38714
cf-bgj: h2pri
vary: Accept-Encoding
content-length: 253146
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Aug 2021 19:41:14 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: public, max-age=1814400
accept-ranges: bytes
cf-ray: 6db00002e86d692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 russia_edited.jpg
cibtvisas.com/resources/CIBT/eng/filemanager/Marketing/2019/Home%20Page%20Assets/ 274 KB
274 KB 40ms
37ms Image
image/jpeg 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibtvisas.com/resources/CIBT/eng/filemanager/Marketing/2019/Home%20Page%20Assets/russia_edited.jpg

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9a79bff862e9d510254d75fae72fd66a2e67bfdb949bbcae6baffd1020ccfc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 38714
cf-bgj: h2pri
vary: Accept-Encoding
content-length: 280180
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Aug 2021 19:41:14 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: public, max-age=1814400
accept-ranges: bytes
cf-ray: 6db00002f86f692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 australia_edited.jpg
cibtvisas.com/resources/CIBT/eng/filemanager/Marketing/2019/Home%20Page%20Assets/ 220 KB
220 KB 46ms
43ms Image
image/jpeg 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibtvisas.com/resources/CIBT/eng/filemanager/Marketing/2019/Home%20Page%20Assets/australia_edited.jpg

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b959fe5c4142ec16c67bf0eede4d0efdb55063d51ef581965644fedea20624f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 38714
cf-bgj: h2pri
vary: Accept-Encoding
content-length: 224807
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Aug 2021 19:41:14 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: public, max-age=1814400
accept-ranges: bytes
cf-ray: 6db00002f870692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 bbb_logo.png
cibtvisas.com/resources/CIBT/eng/filemanager/Homepage/ 7 KB
7 KB 29ms
27ms Image
image/png 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibtvisas.com/resources/CIBT/eng/filemanager/Homepage/bbb_logo.png

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2320d5c8eafd28045ec07700077e3c31c59dd1d346246b1c603d7353093a205

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 276351
vary: Accept-Encoding
content-length: 7050
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Aug 2021 19:41:13 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
cache-control: public, max-age=1814400
accept-ranges: bytes
cf-ray: 6db00002f873692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 trace_icon.jpg
cibtvisas.com/resources/CIBT/eng/filemanager/Homepage/ 3 KB
3 KB 25ms
23ms Image
image/jpeg 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibtvisas.com/resources/CIBT/eng/filemanager/Homepage/trace_icon.jpg

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

742caaefcd3e08b9d1cfcd1c71a82613db98d6277b490428e1c3bae163b2c6a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 276351
cf-bgj: h2pri
vary: Accept-Encoding
content-length: 3255
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Aug 2021 19:41:13 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: public, max-age=1814400
accept-ranges: bytes
cf-ray: 6db00002f874692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 NYT_icon_horz.png
cibtvisas.com/resources/CIBT/eng/filemanager/Homepage/ 12 KB
12 KB 35ms
33ms Image
image/png 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibtvisas.com/resources/CIBT/eng/filemanager/Homepage/NYT_icon_horz.png

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfcec986f8dd08e1c7ceabcd7b3ac0fa59364a2423c734eaf1b57f076acf7c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 276351
vary: Accept-Encoding
content-length: 12196
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Aug 2021 19:41:13 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
cache-control: public, max-age=1814400
accept-ranges: bytes
cf-ray: 6db00002f875692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 gbta_icon.png
cibtvisas.com/resources/CIBT/eng/filemanager/Homepage/ 18 KB
18 KB 33ms
32ms Image
image/png 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibtvisas.com/resources/CIBT/eng/filemanager/Homepage/gbta_icon.png

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48b71ecd9317a506d469557eb47c2b9c9e4bcfe690709c48e101d1edb676618

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 276351
vary: Accept-Encoding
content-length: 18503
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Aug 2021 19:41:13 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
cache-control: public, max-age=1814400
accept-ranges: bytes
cf-ray: 6db00002f876692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 13 KB
13 KB 105ms
47ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cibtvisas.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 14:06:47 GMT
x-content-type-options: nosniff
age: 110934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13008
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 14:06:47 GMT

GET
H2 200 SourceSansPro-Black.otf
cibtvisas.com/fonts/ 229 KB
128 KB 38ms
37ms Font
application/font-sfnt 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cibtvisas.com/fonts/SourceSansPro-Black.otf

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/resources/CIBT/eng/css/all.min.css?ver=1644266571

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e447cd47a62874dc94d6ab97a84dbeb7f2f0aba3e490b9f0128b6c8399a96f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cibtvisas.com/resources/CIBT/eng/css/all.min.css?ver=1644266571
Origin: https://cibtvisas.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1341732
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Jul 2019 21:36:24 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/font-sfnt
cache-control: public, max-age=1814400
cf-ray: 6db00002f871692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 Roboto-Black.ttf
cibtvisas.com/fonts/ 164 KB
89 KB 292ms
291ms Font
application/font-sfnt 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cibtvisas.com/fonts/Roboto-Black.ttf

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/resources/CIBT/eng/css/all.min.css?ver=1644266571

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e33768362fd357e781d01670db1d226dfb484c6f2b769f3b798469ee1f82ad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cibtvisas.com/resources/CIBT/eng/css/all.min.css?ver=1644266571
Origin: https://cibtvisas.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 17 May 2021 20:40:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
content-type: application/font-sfnt
cache-control: public, max-age=14400
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6db00002f877692b-FRA
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 10 Feb 2022 00:55:41 GMT

GET
H2 200 Roboto-Medium.ttf
cibtvisas.com/fonts/ 165 KB
88 KB 293ms
292ms Font
application/font-sfnt 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cibtvisas.com/fonts/Roboto-Medium.ttf

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/resources/CIBT/eng/css/all.min.css?ver=1644266571

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ac8e03606ffa4c37f61a6510a2080f1f37a7054f4726c214887d3b23f72e369

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cibtvisas.com/resources/CIBT/eng/css/all.min.css?ver=1644266571
Origin: https://cibtvisas.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 17 May 2021 20:40:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
content-type: application/font-sfnt
cache-control: public, max-age=14400
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6db00002f878692b-FRA
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 10 Feb 2022 00:55:41 GMT

GET
H2 200 SourceSansPro-Semibold.otf
cibtvisas.com/fonts/ 227 KB
130 KB 42ms
41ms Font
application/font-sfnt 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cibtvisas.com/fonts/SourceSansPro-Semibold.otf

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/resources/CIBT/eng/css/all.min.css?ver=1644266571

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee3ba5c88400b22b880d85202ce82143dc5e19861bf7880b7f4c32d4263e96d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cibtvisas.com/resources/CIBT/eng/css/all.min.css?ver=1644266571
Origin: https://cibtvisas.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1430177
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Jul 2019 21:36:24 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/font-sfnt
cache-control: public, max-age=1814400
cf-ray: 6db00002f879692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 CIBTvisas-Icons.woff
cibtvisas.com/fonts/ 12 KB
13 KB 38ms
37ms Font
application/font-woff 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cibtvisas.com/fonts/CIBTvisas-Icons.woff

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/resources/CIBT/eng/css/all.min.css?ver=1644266571

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7b341db8fb58509e496a629e9838d7b1028ed613d4997906487c97ddaa09ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cibtvisas.com/resources/CIBT/eng/css/all.min.css?ver=1644266571
Origin: https://cibtvisas.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 485135
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 28 May 2019 17:44:18 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/font-woff
cache-control: public, max-age=1814400
cf-ray: 6db00002f87b692b-FRA
expires: Wed, 02 Mar 2022 20:55:41 GMT

GET
H2 200 ajax.ckCheck.php Show response
cibtvisas.com/ajax/ 1 B
250 B 285ms
284ms XHR
text/html 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cibtvisas.com/ajax/ajax.ckCheck.php?check=cktest

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: VwQDV1NVCRACU1FWDwAGU1Q=
tracestate: 3246561@nr=0-1-3246561-322539566-6b6fffc9a5158828----1644440141348
traceparent: 00-9af5eabf18c152ac3b57b82ddb8f9ad0-6b6fffc9a5158828-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyNDY1NjEiLCJhcCI6IjMyMjUzOTU2NiIsImlkIjoiNmI2ZmZmYzlhNTE1ODgyOCIsInRyIjoiOWFmNWVhYmYxOGMxNTJhYzNiNTdiODJkZGI4ZjlhZDAiLCJ0aSI6MTY0NDQ0MDE0MTM0OH19
Accept: */*
Referer: https://cibtvisas.com/
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-newrelic-app-data: PxQEU1JVDQUBR1NVBwUPV1UEBhFORDQHUjZKA1ZLVVFHDFYPbU5mEA1qGAAMAkBvHwULA08fVA0nWVNQCUgTCkBAFFIWCAQCA1UVUR9RA1JVDxtMV08aBANVVVECAA9VVAAEBVcHUUAcBFkOS11p
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6db000037993692b-FRA
x-xss-protection: 1; mode=block

GET
H/1.1 200 website Show response
salesiq.zoho.eu/visitor/v2/channels/ 19 KB
8 KB 61ms
60ms XHR
application/json 185.230.212.28
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zoho.eu/visitor/v2/channels/website?widgetcode=0161a3b75c47254c09928281f7f8c3ca82412675ae94735ac56a9a22baba2510&internal_channel_req=true&language_api=true&browser_language=en&current_domain=https%3A%2F%2Fcibtvisas.com&pagetitle=Travel%20Visas%20and%20US%20Passports%20for%20Business%20Travel%20and%20Tourism%20%7C%20Fast%2C%20Easy%2C%20Secure&include_fields=avuid

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.230.212.28 , Netherlands, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

7673757758e0eae794b8bc6653a524ba1c3f90bd105c4ac55399db544e846acb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 20:55:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET
Connection: keep-alive
X-XSS-Protection: 1
Access-Control-Allow-Headers: Content-Type,x-siq-internal-channel
Server: ZGS
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000
Content-Language: de-DE
Access-Control-Allow-Origin: https://cibtvisas.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Content-Type: application/json;charset=UTF-8
Encoding: UTF-8

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A3C5 13 KB
5 KB 60ms
19ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=cibtvisas.com&origin=onetag

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7225c811b9035a4ce65639eb7ab5e7850833a340a866cc8e4bc5c2ce4abe8756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2120
date: Wed, 09 Feb 2022 20:55:41 GMT
content-length: 5180
strict-transport-security: max-age=31536000; preload;

GET
H2 200 floatbutton1_ec9b7ac1d215611f18285d7eaac641b2_.css
css.zohocdn.com/salesiq/styles/ 21 KB
5 KB 62ms
14ms Stylesheet
text/css 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/styles/floatbutton1_ec9b7ac1d215611f18285d7eaac641b2_.css

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

035e8526d2ae70bd054a5d91c856cd1f65c0d40b7b9229341ebbbcaab22055fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/css;charset=UTF-8
x-cache: HIT
last-modified: Thu, 30 Dec 2021 10:15:06 GMT
vary: Accept-Encoding
content-length: 4938
x-xss-protection: 1
nb-request-id: d093ac012961682e8472c83f02b50735
server: ZGS
etag: "a0f13cb5372f8fbd5a87318f72c2f97e"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-3706ff4ae1874210a3982c24d49fcd23
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 floatbutton1_c7a22e8bbb4fcf549e5c05bf63252d27_.js Show response
js.zohocdn.com/salesiq/js/ 35 KB
12 KB 70ms
14ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/js/floatbutton1_c7a22e8bbb4fcf549e5c05bf63252d27_.js

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

7db8bd68f73820ce38300e9a7735ddf6adf39cac37413d7854dc5294d87bdf6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript;charset=UTF-8
x-cache: HIT
last-modified: Mon, 07 Feb 2022 14:35:06 GMT
vary: Accept-Encoding
content-length: 12260
x-xss-protection: 1
nb-request-id: 96ac94e8334a5b711afa126a308927f9
server: ZGS
etag: "4ec9eccc973f42b1b19b71e939d4e324"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-198f236b1cfc4c91b4b3114d0f5e8906
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 126ms
35ms Script
text/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6792
date: Wed, 09 Feb 2022 19:02:29 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 09 Feb 2022 21:02:29 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 62ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: cibtvisas.com
URL: https://cibtvisas.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DD0538DC3333439AB7B1545778CB02C9 Ref B: FRAEDGE1209 Ref C: 2022-02-09T20:55:41Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H2 200 hotjar-597275.js Show response
static.hotjar.com/c/ 8 KB
3 KB 32ms
13ms Script
application/javascript 13.225.80.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-597275.js?sv=6

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-89.fra2.r.cloudfront.net

Software

Resource Hash

570107613ad2dd39552f9e958c5ef81fac171fffd39d1e504a478f2516aa6050

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 42
etag: W/150b3203059387accf6b9d8e9033b996
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: rvKsBuHx8er_XBTESbjmCt6oK39JS2Bu8Tu_g8gBf1JxyFk0iDA4XA==
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 2 KB
1 KB 49ms
16ms Script
application/javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: cibtvisas.com
URL: https://cibtvisas.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: AC1.1 /
Resource Hash: 5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 15:06:26 GMT
server: AC1.1
age: 359184
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1041
x-llid: d9b12b090b06d6f38cfedd88f60b9ca9

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 35ms
7ms Script
application/x-javascript 2a02:26f0:f7::5c7b:e024
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: cibtvisas.com
URL: https://cibtvisas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 20:55:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=23997
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: PKva6Pz85kXvqUJ+KkeRGL1oY6IxTyTAVk+eEKjdbcZmVPXSBLTbHiyojepX5kQ9D1ZsE38CDIKpAnYtHoq2ZA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Wed, 09 Feb 2022 20:55:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame A3C5
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=cibtvisas.com&sn=ChromeSyncframe&so=0&topUrl=cibtvisas.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=7eEoHnx3bTI4bGJDa1BlTmRSejNiU2NzTzNSa3Rvbm1EWVQvUGRGM0JQcGM1VXVrS0ZzNFJxZi9NeGkxUkpSWUcyMjNxQzZVbFkwTE9OUzJWZEpqQmNwVDFta21KKzh4OTdkM1RvUDRYQmtvN1EzUVBkNmdpQzlnUHprOG...

444 B
638 B

75ms
17ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=7eEoHnx3bTI4bGJDa1BlTmRSejNiU2NzTzNSa3Rvbm1EWVQvUGRGM0JQcGM1VXVrS0ZzNFJxZi9NeGkxUkpSWUcyMjNxQzZVbFkwTE9OUzJWZEpqQmNwVDFta21KKzh4OTdkM1RvUDRYQmtvN1EzUVBkNmdpQzlnUHprOGxNNVBoa3M1a3ZqKzcwY0l2ZHpteGlDUE8wemJhL3g4SFRXREZFZi9Jb3ZzTnkzb3A1dGV6a3JFa2FXemR0NWw5cDlMNTJ4akRBVzBzUmVVSXpRQU15QlNpbXVLai91Q0lnTmR1VFdOTHROTHBkaGJnVnNuenluQkh5NDlQdzMxWWExUEI3emdxQmR1RURYTmYvNGt6bkNIT0hTb0RyZz09fA&cppv=2

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

93fd26c8181d02a1f30e915495e4e51d577f7e4dea7a15fae45712d3f50d7936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4684
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:40 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=7eEoHnx3bTI4bGJDa1BlTmRSejNiU2NzTzNSa3Rvbm1EWVQvUGRGM0JQcGM1VXVrS0ZzNFJxZi9NeGkxUkpSWUcyMjNxQzZVbFkwTE9OUzJWZEpqQmNwVDFta21KKzh4OTdkM1RvUDRYQmtvN1EzUVBkNmdpQzlnUHprOGxNNVBoa3M1a3ZqKzcwY0l2ZHpteGlDUE8wemJhL3g4SFRXREZFZi9Jb3ZzTnkzb3A1dGV6a3JFa2FXemR0NWw5cDlMNTJ4akRBVzBzUmVVSXpRQU15QlNpbXVLai91Q0lnTmR1VFdOTHROTHBkaGJnVnNuenluQkh5NDlQdzMxWWExUEI3emdxQmR1RURYTmYvNGt6bkNIT0hTb0RyZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1847
content-length: 541
expires: 0

GET
H2 200 404769754613765 Show response
connect.facebook.net/signals/config/ 307 KB
88 KB 167ms
166ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/404769754613765?v=2.9.52&r=stable

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f663f0284e0e3143eb41b3af1f33035b36d3ed2a2312190fb0177df46cf92808

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: Bv678VYPSKIeF5RJbh3XngGsnd/waFEdfDeUkIVqgNMxTXii35PYGQmZLMX3wBR64iWc3voj1gdN/WCf+PqDtA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 09 Feb 2022 20:55:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.acfce7141cd3503e3221.js Show response
script.hotjar.com/ 235 KB
62 KB 31ms
8ms Script
application/javascript 13.224.189.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.acfce7141cd3503e3221.js

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-26.fra2.r.cloudfront.net

Software

Resource Hash

6568a8a9578cfdd55945b329b1ac8901849f56d9867b6aff7c01102b117cf9aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 11:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 206915
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 62580
access-control-allow-origin: *
last-modified: Mon, 07 Feb 2022 11:26:47 GMT
etag: "bf840f14bd6880d7ed369487d067cc3a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: nn9pF9nK2cv0HC3B1uOR-nwVo_Jcw9JRxLgFhod4hhBnRJV-kFYD1A==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3443972&time=1644440141549&url=https%3A%2F%2Fcibtvisas.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3443972%26time%3D1644440141549%26url%3Dhttps%253A%252F%252Fcibtvisas.com%252F%26l...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3443972&time=1644440141549&url=https%3A%2F%2Fcibtvisas.com%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3443972&time=1644440141549&url=https%3A%2F%2Fcibtvisas.com%2F&liSync=true&e_ipv6=AQKjYkRDTX2r3AAAAX7gRUCPvwh9cLNdMFWNL29qeCn_FjfdM_noDC0BMYD50H8a...

0
156 B

308ms
111ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3443972&time=1644440141549&url=https%3A%2F%2Fcibtvisas.com%2F&liSync=true&e_ipv6=AQKjYkRDTX2r3AAAAX7gRUCPvwh9cLNdMFWNL29qeCn_FjfdM_noDC0BMYD50H8a1qxBWHus
Requested by: Host: cibtvisas.com
URL: https://cibtvisas.com/
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:42 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: b+3ExZg50hYQXrq75CoAAA==

Redirect headers

date: Wed, 09 Feb 2022 20:55:41 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: DFB2BC9729304F8AA165C82DA3D863BA Ref B: FRAEDGE1306 Ref C: 2022-02-09T20:55:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3443972&time=1644440141549&url=https%3A%2F%2Fcibtvisas.com%2F&liSync=true&e_ipv6=AQKjYkRDTX2r3AAAAX7gRUCPvwh9cLNdMFWNL29qeCn_FjfdM_noDC0BMYD50H8a1qxBWHus
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXXnA6D9nPRqQUSmpneeQ==

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame DA9B 0
0 63ms
20ms Document
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: cibtvisas.com
URL: https://cibtvisas.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/

Response headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Wed, 09 Feb 2022 20:55:40 GMT
server: AC1.1

GET
H2 200 eaafec3c4c6b62b1
pixel.sitescout.com/up/ 43 B
267 B 64ms
20ms Image
image/gif 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/eaafec3c4c6b62b1?cntr_url=https%3A%2F%2Fcibtvisas.com%2F
Requested by: Host: cibtvisas.com
URL: https://cibtvisas.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:41 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-type: image/gif
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame 09ED 0
0 57ms
21ms Document
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: cibtvisas.com
URL: https://cibtvisas.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/

Response headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Wed, 09 Feb 2022 20:55:41 GMT
server: AC1.1

GET
H2 200 4076826.js Show response
bat.bing.com/p/action/ 684 B
738 B 312ms
312ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/4076826.js
Requested by: Host: cibtvisas.com
URL: https://cibtvisas.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c825bfe9281473ce03fbc755bcfa9268b78194a1332eed8ca13b8389cbb9957c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 32AC900DB3EA49D7A12DF6AD5ECFBE69 Ref B: FRAEDGE1209 Ref C: 2022-02-09T20:55:41Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 587

GET
H2 204 0
bat.bing.com/action/ 0
149 B 34ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4076826&tm=gtm002&Ver=2&mid=31924cb1-be26-45ee-9806-0e21f2b64625&sid=a471d5a089ea11ecbd0e3da0da51f40d&vid=a471e0a089ea11ecbda717bbb4900ceb&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Travel%20Visas%20and%20US%20Passports%20for%20Business%20Travel%20and%20Tourism%20%7C%20Fast,%20Easy,%20Secure&kw=travel%20visa,%20travel%20visas%20for%20US%20citizens,%20US%20passports,%20%20US%20Passport%20Expediters,%20tourist%20visas,%20business%20visas,%20student%20visas,%20US%20travel%20documents,%20US%20passport%20renewal,%20US%20child%20passport&p=https%3A%2F%2Fcibtvisas.com%2F&r=&lt=895&evt=pageLoad&msclkid=N&sv=1&rn=972662
Requested by: Host: cibtvisas.com
URL: https://cibtvisas.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0A0C46A41B1E4A29BA578761D10D3136 Ref B: FRAEDGE1209 Ref C: 2022-02-09T20:55:41Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 float_6cd76475d822e7b44efcf2b1413f4967_.ttf
css.zohocdn.com/salesiq/styles/fonts/float/ 1 KB
1 KB 44ms
13ms Font
font/ttf 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/styles/fonts/float/float_6cd76475d822e7b44efcf2b1413f4967_.ttf

Requested by

Host: css.zohocdn.com
URL: https://css.zohocdn.com/salesiq/styles/floatbutton1_ec9b7ac1d215611f18285d7eaac641b2_.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

68ea492e01c42ad3494fffc0913d4f2a79122b12324a7619861ac7f5fa7df402

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://css.zohocdn.com/salesiq/styles/floatbutton1_ec9b7ac1d215611f18285d7eaac641b2_.css
Origin: https://cibtvisas.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: font/ttf
x-cache: HIT
last-modified: Thu, 30 Dec 2021 10:15:21 GMT
vary: Accept-Encoding
content-length: 642
x-xss-protection: 1
nb-request-id: 3124e45777ce8c8cff7c69ba14905e1b
server: ZGS
etag: "15d0d2c51b3a4a041315e923266ad678"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-f294a17f58dc4f8e824edf90571367e4
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame 6757 2 KB
1 KB 32ms
7ms Document
text/html 13.224.189.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: cibtvisas.com
URL: https://cibtvisas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-67.fra2.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/

Response headers

content-type: text/html
content-length: 1044
date: Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: qL-vLXGar9cpzmjtn2puy56OmZIN8DczJrtecSfHoZ_rlcFtnJKuhw==
age: 475415

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=292884676&utmhn=cibtvisas.com&utme=8(30725*3!Do%20Not%20Track%20Setting*5!Language)9(30725*3!Off*5!English)11(2)&utmcs=UTF-8&utm...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3428015-1&cid=88311203.1644440142&jid=42824427&_v=5.7.2&z=292884676
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3428015-1&cid=88311203.1644440142&jid=42824427&_v=5.7.2&z=292884676
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3428015-1&cid=88311203.1644440142&jid=42824427&_v=5.7.2&z=292884676&slf_rd=1&random=1802326852

42 B
501 B

161ms
78ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3428015-1&cid=88311203.1644440142&jid=42824427&_v=5.7.2&z=292884676&slf_rd=1&random=1802326852

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3428015-1&cid=88311203.1644440142&jid=42824427&_v=5.7.2&z=292884676&slf_rd=1&random=1802326852
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 93ms
46ms Image
image/gif 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=1332646367&utmhn=cibtvisas.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Travel%20Visas%20and%20US%20Passports%20for%20Business%20Travel%20and%20Tourism%20%7C%20Fast%2C%20Easy%2C%20Secure&utmhid=1907653835&utmr=-&utmp=%2F&utmht=1644440141649&utmac=UA-45502077-1&utmgtm=2wg270NBZ9FG7&utmcc=__utma%3D6331552.88311203.1644440142.1644440142.1644440142.1%3B%2B__utmz%3D6331552.1644440142.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=838563908&utmredir=1&utmmt=1&utmu=q2AgAABAAAGBAAAAAgAAAAAE~

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=23001&v=5.8.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=6-P58F80akRUeHF3VnlaVVFLWjFsQkglMkYlMkYwUUFGU0ZwYWVJS0RXdndmOUdCeCUyQkthUFlMZFRDNVkw...
https://widget.us.criteo.com/event?a=23001&v=5.8.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=6-P58F80akRUeHF3VnlaVVFLWjFsQkglMkYlMkYwUUFGU0ZwYWVJS0RXdndmOUdCeCUyQkthUFlMZFRDNVkw...

7 KB
8 KB

329ms
112ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=23001&v=5.8.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=6-P58F80akRUeHF3VnlaVVFLWjFsQkglMkYlMkYwUUFGU0ZwYWVJS0RXdndmOUdCeCUyQkthUFlMZFRDNVkwVkxSM2duRFJjJTJCbE9NVGg1aGFXb0FjbVRxOHk1bTJnbGNBTkRzNmdrVHNQb2FObm9KMHhJZlNIWGUxaGhla3MlMkJwaFo0N2x6RW5BVHM0Y1cxSyUyRklCemFmT3l3a0xOcVVEYUElM0QlM0Q&tld=cibtvisas.com&dtycbr=24928

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1e9e256ee1fc9a110304d77078dc870461ab2119e6165827b389431e87d94dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:41 GMT
content-type: application/x-javascript
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 15431654
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:40 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://widget.us.criteo.com/event?a=23001&v=5.8.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=6-P58F80akRUeHF3VnlaVVFLWjFsQkglMkYlMkYwUUFGU0ZwYWVJS0RXdndmOUdCeCUyQkthUFlMZFRDNVkwVkxSM2duRFJjJTJCbE9NVGg1aGFXb0FjbVRxOHk1bTJnbGNBTkRzNmdrVHNQb2FObm9KMHhJZlNIWGUxaGhla3MlMkJwaFo0N2x6RW5BVHM0Y1cxSyUyRklCemFmT3l3a0xOcVVEYUElM0QlM0Q&tld=cibtvisas.com&dtycbr=24928
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2814539
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 24ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=404769754613765&ev=PageView&dl=https%3A%2F%2Fcibtvisas.com%2F&rl=&if=false&ts=1644440141750&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644440141748.1430600976&it=1644440141545&coo=false&rqm=GET

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 09 Feb 2022 20:55:41 GMT

GET
H2 200 clarity.js Show response
i.clarity.ms/s/0.6.32/ 53 KB
23 KB 309ms
96ms Script
application/javascript 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/s/0.6.32/clarity.js
Requested by: Host: cibtvisas.com
URL: https://cibtvisas.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: br
etag: "1d8191fe855c690"
last-modified: Thu, 03 Feb 2022 17:03:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=7838941BAB1C46378303F46DD131DFE9&RedC=c.clarity.ms&MXFR=355C23A54E9F6B80240A32E34A9F6581
https://c.clarity.ms/c.gif?CtsSyncId=7838941BAB1C46378303F46DD131DFE9&MUID=3562516191776BF6140E402790A56A9C

42 B
366 B

27ms
27ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=7838941BAB1C46378303F46DD131DFE9&MUID=3562516191776BF6140E402790A56A9C
Requested by: Host: cibtvisas.com
URL: https://cibtvisas.com/
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:41 GMT
last-modified: Wed, 12 Jan 2022 02:05:35 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "9ea1ae3587d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 16463A7F028B49A886C271CFC5B6408F Ref B: FRAEDGE1209 Ref C: 2022-02-09T20:55:42Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=7838941BAB1C46378303F46DD131DFE9&MUID=3562516191776BF6140E402790A56A9C
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 nr-spa-1215.min.js Show response
js-agent.newrelic.com/ 47 KB
18 KB 30ms
6ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1215.min.js
Requested by: Host: cibtvisas.com
URL: https://cibtvisas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: zcmP9QP8YWQtiPZETZozJGQXbXQvWuWT
content-encoding: gzip
etag: "7e1862f7a390ed9fc02c299216395547"
x-amz-request-id: 0KA7PXHHARZ8QVCT
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 17465
x-amz-id-2: MbA+td3GafLd7T4d47uLv9VuXLw53QMYFrbqJ/XlbMx0w86EvH4yHOoF/nDDaxQNiTXeUtQ2hnI=
x-served-by: cache-hhn4050-HHN
last-modified: Mon, 24 Jan 2022 22:13:54 GMT
server: AmazonS3
x-timer: S1644440142.378495,VS0,VE0
date: Wed, 09 Feb 2022 20:55:42 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 8752

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 472ms
101ms Script
application/javascript 35.174.151.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: cibtvisas.com
URL: https://cibtvisas.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.174.151.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-4-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:42 GMT
content-encoding: gzip
X-Pardot-Route: 8f46b7608980401223b1d0300f1fdf0e
X-Pardot-LB: a5df88223e39cf9fcb783877fed82f24
last-modified: Wed, 09 Feb 2022 05:16:37 GMT
Server: PardotServer
etag: "1547-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=63072000
accept-ranges: bytes
content-length: 1950
expires: Fri, 09 Feb 2024 20:55:42 GMT

GET
H2

200

397596.gif
idsync.rlcdn.com/ Frame BD89
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=Kr9Yn4vl7dKodDuH98WZrR2yp1d6z1vB

42 B
394 B

27ms
19ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=Kr9Yn4vl7dKodDuH98WZrR2yp1d6z1vB
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Feb 2022 20:55:42 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=Kr9Yn4vl7dKodDuH98WZrR2yp1d6z1vB
date: Wed, 09 Feb 2022 20:55:41 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3486
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame BD89
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay0yYnJ3ZXZ5U01oUnF1b3lnX0xtS0RvR0VNaWZ2QXU4RDZKdzV5QQ
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&google_hm=ay0yYnJ3ZXZ5U01oUnF1b3lnX0xtS0RvR0VNaWZ2QXU4RDZKdzV5QQ&google_tc=
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

43 B
369 B

14ms
14ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:42 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 285992
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

/
partner.mediawallahscript.com/ Frame BD89
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-2brwevySMhRquoyg_LmKDoGEMifvAu8D6Jw5yA&custom=&tag_format=img&tag_action=sync&custom=&cb=126f8328-8279-4804-9841-5429933...
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-2brwevySMhRquoyg_LmKDoGEMifvAu8D6Jw5yA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=126f8328-8279-480...

0
638 B

31ms
31ms

Image
text/plain

34.241.74.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-2brwevySMhRquoyg_LmKDoGEMifvAu8D6Jw5yA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=126f8328-8279-4804-9841-5429933e13dc&final=true&reqid=a4fb2dc0-89ea-11ec-84f6-35c05e5863c0&timestamp=2022-02-09T20%3A55%3A42.492Z
Protocol: HTTP/1.1
Server: 34.241.74.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-74-252.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 20:55:42 GMT
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Server: nginx/1.18.0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 09 Feb 2022 20:55:42 GMT
Server: nginx/1.18.0
Vary: Accept, Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /?account_id=1043&partner_id=1048&uid=k-2brwevySMhRquoyg_LmKDoGEMifvAu8D6Jw5yA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=126f8328-8279-4804-9841-5429933e13dc&final=true&reqid=a4fb2dc0-89ea-11ec-84f6-35c05e5863c0&timestamp=2022-02-09T20%3A55%3A42.492Z
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 294
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 400 362338.gif
idsync.rlcdn.com/ Frame BD89 0
0 59ms
19ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-2brwevySMhRquoyg_LmKDoGEMifvAu8D6Jw5yA&ct=3&cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 204 v1
ads.yahoo.com/cms/ Frame BD89 0
194 B 224ms
23ms Image
text/plain 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:42 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame BD89 43 B
716 B 117ms
37ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:42 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 09 Feb 2022 20:55:42 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame BD89
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QD-u3fySMhRquoyg_LmKDoGEMicy9X9tjiOORQ
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QD-u3fySMhRquoyg_LmKDoGEMicy9X9tjiOORQ&verify=true

0
122 B

12ms
12ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QD-u3fySMhRquoyg_LmKDoGEMicy9X9tjiOORQ&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:42 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QD-u3fySMhRquoyg_LmKDoGEMicy9X9tjiOORQ&verify=true
date: Wed, 09 Feb 2022 20:55:42 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame BD89 0
476 B 368ms
86ms Image
text/plain 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-E-tp3fySMhRquoyg_LmKDoGEMicXg7E9WMqgOg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 20:55:42 GMT
Cache-Control: no-cache
X-TraceId: 24d01db572931e25158b1b963e78a53f
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame BD89 0
426 B 253ms
161ms Image
text/plain 2.21.140.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-gUJIhPySMhRquoyg_LmKDoGEMiew7ymc5cIgHw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.140.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-111.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:42 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 09 Feb 2022 20:55:42 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame BD89 0
239 B 31ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-gUJIhPySMhRquoyg_LmKDoGEMiew7ymc5cIgHw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame BD89
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-cf4NifySMhRquoyg_LmKDoGEMidbXrmbFyW66w&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-cf4NifySMhRquoyg_LmKDoGEMidbXrmbFyW66w%26seg%3D95287

43 B
1 KB

26ms
26ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-cf4NifySMhRquoyg_LmKDoGEMidbXrmbFyW66w%26seg%3D95287

Protocol

HTTP/1.1

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Feb 2022 20:55:42 GMT
X-Proxy-Origin: 185.213.155.177; 185.213.155.177; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 33ad22a2-bb47-48a6-9de9-57612c835798
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Feb 2022 20:55:42 GMT
X-Proxy-Origin: 185.213.155.177; 185.213.155.177; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 561b9c57-0424-4f17-b7de-e087c1bd44e9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-cf4NifySMhRquoyg_LmKDoGEMidbXrmbFyW66w%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame BD89 42 B
675 B 509ms
161ms Image
image/gif 104.36.113.17
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-1PaQBvySMhRquoyg_LmKDoGEMidvzuwtM8ahnw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 17:16:35 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug016:0:383
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

xuid
eb2.3lift.com/ Frame BD89
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-NYpSOfySMhRquoyg_LmKDoGEMieZ3eREKGhghA&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-NYpSOfySMhRquoyg_LmKDoGEMieZ3eREKGhghA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

37 B
354 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-NYpSOfySMhRquoyg_LmKDoGEMieZ3eREKGhghA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-NYpSOfySMhRquoyg_LmKDoGEMieZ3eREKGhghA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date: Wed, 09 Feb 2022 20:55:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 cksync.php
contextual.media.net/ Frame BD89 45 B
783 B 171ms
148ms Image
image/gif 104.90.185.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-xA_nsPySMhRquoyg_LmKDoGEMifp236tO69lrw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.185.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-185-183.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Wed, 09 Feb 2022 20:55:42 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Wed, 09 Feb 2022 20:55:42 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame BD89
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-li8sM_ySMhRquoyg_LmKDoGEMieSiR5_A4bIlg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-li8sM_ySMhRquoyg_LmKDoGEMieSiR5_A4bIlg&C=1

43 B
1 KB

20ms
19ms

Image
image/gif

104.90.181.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-li8sM_ySMhRquoyg_LmKDoGEMieSiR5_A4bIlg&C=1
Protocol: HTTP/1.1
Server: 104.90.181.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-181-210.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Feb 2022 20:55:42 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 09 Feb 2022 20:55:42 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Feb 2022 20:55:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-li8sM_ySMhRquoyg_LmKDoGEMieSiR5_A4bIlg&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Wed, 09 Feb 2022 20:55:42 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame BD89 0
239 B 27ms
8ms Image
text/plain 2600:9000:20eb:9200:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k--phiQPySMhRquoyg_LmKDoGEMifFV2IQiIoXHg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:42 GMT
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: z2gkfreChWQoTgsWp9yBzrPK8ZWUxtMQTFxmT75TEUnCmN4Emi6Nog==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame BD89
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-1NpHAfySMhRquoyg_LmKDoGEMieRSo5FRGgOTQ&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-1NpHAfySMhRquoyg_LmKDoGEMieRSo5FRGgOTQ&expires=30&user_group=5

43 B
510 B

110ms
110ms

Image
image/gif

35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-1NpHAfySMhRquoyg_LmKDoGEMieRSo5FRGgOTQ&expires=30&user_group=5
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 20:55:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-1NpHAfySMhRquoyg_LmKDoGEMieRSo5FRGgOTQ&expires=30&user_group=5
Date: Wed, 09 Feb 2022 20:55:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 204 pixel_sync
trends.revcontent.com/cm/ Frame BD89 0
174 B 375ms
301ms Image
text/plain 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-mCvayPySMhRquoyg_LmKDoGEMicIzHdw1Nzj8Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-9-63.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:42 GMT
x-powered-by: Express

GET
H2 200 um
criteo-sync.teads.tv/ Frame BD89 23 B
172 B 74ms
32ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-cwf_TPySMhRquoyg_LmKDoGEMidiHGGTSw8oNA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:42 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 09 Feb 2022 20:55:42 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame BD89 0
231 B 68ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-mMGIMPySMhRquoyg_LmKDoGEMifNWAUZdvi3ww
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:42 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13578

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame BD89 43 B
163 B 60ms
17ms Image
image/gif 185.86.139.89
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-bH5gmvySMhRquoyg_LmKDoGEMifVIuYhiD8C1g
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 v1
match.sharethrough.com/sync/ Frame BD89 68 B
263 B 136ms
8ms Image
image/png 54.93.148.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Xh6E_fySMhRquoyg_LmKDoGEMifBd0LquIePpQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.148.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-148-23.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:42 GMT
content-length: 68
content-type: image/png

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame BD89
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-xlUFfPySMhRquoyg_LmKDoGEMid2-RWCU9jKfg
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-xlUFfPySMhRquoyg_LmKDoGEMid2-RWCU9jKfg

43 B
446 B

33ms
32ms

Image
image/gif

34.246.169.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-xlUFfPySMhRquoyg_LmKDoGEMid2-RWCU9jKfg
Protocol: H2
Server: 34.246.169.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-169-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 09 Feb 2022 20:55:42 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-xlUFfPySMhRquoyg_LmKDoGEMid2-RWCU9jKfg
date: Wed, 09 Feb 2022 20:55:42 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame BD89
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-AKSzMvySMhRquoyg_LmKDoGEMifjDnm5RsDQAg
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-AKSzMvySMhRquoyg_LmKDoGEMifjDnm5RsDQAg&_li_chk=true&previous_uuid=420b165890bc4d12919d876b7188cafb
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-AKSzMvySMhRquoyg_LmKDoGEMifjDnm5RsDQAg

43 B
419 B

321ms
100ms

Image
image/gif

2600:1f18:444a:4680:5b76:7408:bdd4:1592
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-AKSzMvySMhRquoyg_LmKDoGEMifjDnm5RsDQAg

Protocol

HTTP/1.1

Server

2600:1f18:444a:4680:5b76:7408:bdd4:1592 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 20:55:43 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-AKSzMvySMhRquoyg_LmKDoGEMifjDnm5RsDQAg
Date: Wed, 09 Feb 2022 20:55:42 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame BD89 43 B
428 B 312ms
101ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-wnavFfySMhRquoyg_LmKDoGEMidwTvbzTjKmRg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:42 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55945/ Frame BD89
Redirect Chain

https://pixel.advertising.com/ups/55945/sync?uid=k-3FRfg_ySMhRquoyg_LmKDoGEMidWwDGfZMX9vQ&_origin=1
https://pixel.advertising.com/ups/55945/sync?uid=k-3FRfg_ySMhRquoyg_LmKDoGEMidWwDGfZMX9vQ&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-3FRfg_ySMhRquoyg_LmKDoGEMidWwDGfZMX9vQ&_origin=1&apid=UPa51f7f2d-89ea-11ec-9426-02b393fefa9c

0
382 B

10ms
10ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-3FRfg_ySMhRquoyg_LmKDoGEMidWwDGfZMX9vQ&_origin=1&apid=UPa51f7f2d-89ea-11ec-9426-02b393fefa9c

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:42 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-3FRfg_ySMhRquoyg_LmKDoGEMidWwDGfZMX9vQ&_origin=1&apid=UPa51f7f2d-89ea-11ec-9426-02b393fefa9c
date: Wed, 09 Feb 2022 20:55:42 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame BD89 43 B
183 B 363ms
100ms Image
image/gif 2600:1f18:612b:4264:e8c6:2f28:702a:f217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-CiDv7fySMhRquoyg_LmKDoGEMidnFZY6-e6fJw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:e8c6:2f28:702a:f217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:43 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H/1.1

200
OK

empty.gif
cdn.stickyadstv.com/one-shot/ Frame BD89
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-m8lMc_ySMhRquoyg_LmKDoGEMif8Xc8gPyMBWQ&redirectId=69
https://cdn.stickyadstv.com/one-shot/empty.gif?

43 B
438 B

106ms
15ms

Image
image/gif

2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.stickyadstv.com/one-shot/empty.gif?
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 20:55:42 GMT
Last-Modified: Thu, 28 Feb 2013 15:45:35 GMT
ETag: "1362066335"
X-HW: 1644440142.dop144.am5.t,1644440142.cds126.am5.shn,1644440142.cds126.am5.c
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Wed, 09 Feb 2022 20:55:42 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1644440142700078-563
Expires: Wed, 09 Feb 2022 20:55:42 GMT

POST
H2 200 ajax.convertTest.php Show response
cibtvisas.com/ajax/ 0
233 B 111ms
111ms XHR
text/html 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cibtvisas.com/ajax/ajax.convertTest.php

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: VwQDV1NVCRACU1FWDwAGU1Q=
tracestate: 3246561@nr=0-1-3246561-322539566-e5363022c55e9740----1644440142369
traceparent: 00-bff23c3c52025afba538b47a077ceb60-e5363022c55e9740-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyNDY1NjEiLCJhcCI6IjMyMjUzOTU2NiIsImlkIjoiZTUzNjMwMjJjNTVlOTc0MCIsInRyIjoiYmZmMjNjM2M1MjAyNWFmYmE1MzhiNDdhMDc3Y2ViNjAiLCJ0aSI6MTY0NDQ0MDE0MjM2OX19
Accept: */*
Referer: https://cibtvisas.com/
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 09 Feb 2022 20:55:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-newrelic-app-data: PxQEU1JVDQUBR1NVBwUPV1UEBhFORDQHUjZKA1ZLVVFHDFYPbU5mEA1qGAAMAkBvHwULA08fVAkKR1NBFjIGEURMSApIGhgCHVUJUQFRH1JKBgdRVFEUHgFIQ1YHAAVTBgQAC1dVU1oHUV1AFF5VXkAAZA==
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6db00009d837692b-FRA
x-xss-protection: 1; mode=block

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
10 KB 30ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: cibtvisas.com
URL: https://cibtvisas.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:41 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A54C9F983B3B469C90AF5265AC4FC914 Ref B: FRAEDGE1209 Ref C: 2022-02-09T20:55:42Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H/1.1 200
OK NRJS-d0f360d79bae19d3319 Show response
bam.eu01.nr-data.net/1/ 49 B
749 B 169ms
120ms Script
text/javascript 185.221.87.248
NEW-2

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/NRJS-d0f360d79bae19d3319?a=270481150&v=1215.1253ab8&to=MhBSZQoZVhJZUUUIWwtaZUMRV0oOTUZUExoVHUA%3D&rst=2053&ck=1&ref=https://cibtvisas.com/&ap=214&be=689&fe=1988&dc=895&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1644440140363,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:19,%22c%22:19,%22s%22:25,%22ce%22:49,%22rq%22:49,%22rp%22:592,%22rpe%22:759,%22dl%22:594,%22di%22:895,%22ds%22:895,%22de%22:895,%22dc%22:1988,%22l%22:1988,%22le%22:1998%7D,%22navigation%22:%7B%7D%7D&fp=884&fcp=884&at=HldRE0IDRRw%3D&jsonp=NREUM.setToken
Requested by: Host: cibtvisas.com
URL: https://cibtvisas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.248 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 20:55:42 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
cross-origin-resource-policy: cross-origin
x-envoy-upstream-service-time: 3
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6db0000c896d5b6e-FRA

POST
H2 204 collect Show response
i.clarity.ms/ 0
68 B 94ms
94ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: cibtvisas.com
URL: https://cibtvisas.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://cibtvisas.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://cibtvisas.com
date: Wed, 09 Feb 2022 20:55:41 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

POST
H2 204 0
bat.bing.com/actionp/ 0
117 B 32ms
32ms Ping
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/actionp/0?ti=4076826&tm=gtm002&Ver=2&mid=31924cb1-be26-45ee-9806-0e21f2b64625&sid=a471d5a089ea11ecbd0e3da0da51f40d&vid=a471e0a089ea11ecbda717bbb4900ceb&vids=1&evt=dedup
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C907284C679946058A1B15E850870C73 Ref B: FRAEDGE1209 Ref C: 2022-02-09T20:55:42Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame BD89
Redirect Chain

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/jb7kkk8GmOtyIC_m6TLN04AcYFrYFcdW/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4101705440622741216

43 B
370 B

15ms
15ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4101705440622741216

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:41 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1242070
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4101705440622741216
pragma: no-cache
date: Wed, 09 Feb 2022 20:55:42 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame BD89
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2368272763205980940

43 B
370 B

20ms
20ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2368272763205980940

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:41 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2005461
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Feb 2022 20:55:42 GMT
X-Proxy-Origin: 185.213.155.177; 185.213.155.177; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7c473836-ec0c-46d8-989f-8e3f5cfb57d4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2368272763205980940
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 collect Show response
i.clarity.ms/ 0
48 B 290ms
290ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: cibtvisas.com
URL: https://cibtvisas.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://cibtvisas.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://cibtvisas.com
date: Wed, 09 Feb 2022 20:55:42 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 1 KB
2 KB 287ms
286ms Script
text/javascript 35.174.151.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1487&account_id=825263&title=Travel%20Visas%20and%20US%20Passports%20for%20Business%20Travel%20and%20Tourism%20%7C%20Fast%2C%20Easy%2C%20Secure&url=https%3A%2F%2Fcibtvisas.com%2F&referrer=

Requested by

Host: cibtvisas.com
URL: https://cibtvisas.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.174.151.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

pi0-lba1-4-ue1.aws.pardot.com

Software

PardotServer /

Resource Hash

a23b70c8b4f7c9350884278d105415c3537b335c85ae4920ecd475a14baa85b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:42 GMT
content-encoding: gzip
X-Pardot-Route: 403edde838d926b2f64a33ea88db7473
X-Pardot-LB: a5df88223e39cf9fcb783877fed82f24
x-pardot-rsp: 0/0/1
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 540
Server: PardotServer
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK NRJS-d0f360d79bae19d3319 Show response
bam.eu01.nr-data.net/events/1/ 24 B
535 B 70ms
70ms XHR
image/gif 185.221.87.248
NEW-2

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/events/1/NRJS-d0f360d79bae19d3319?a=270481150&v=1215.1253ab8&to=MhBSZQoZVhJZUUUIWwtaZUMRV0oOTUZUExoVHUA%3D&rst=2574&ck=1&ref=https://cibtvisas.com/
Requested by: Host: cibtvisas.com
URL: https://cibtvisas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.248 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://cibtvisas.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 09 Feb 2022 20:55:43 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://cibtvisas.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
Connection: keep-alive
CF-Ray: 6db0000d6b365b6e-FRA
Content-Length: 24

GET
H/1.1 200
OK analytics Show response
resources.newlandchase.com/ 50 B
1 KB 658ms
196ms Script
text/javascript 35.174.151.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.newlandchase.com/analytics?conly=true&visitor_id=144491150&visitor_id_sign=d6d3c47597667d00a9e6b230c8e841aac05255b7f72f43b9bcb233df25d10bf4e1d0f8db098b48a937e3abc13b1e83912b53b64a&pi_opt_in=&campaign_id=1487&account_id=825263&title=Travel%20Visas%20and%20US%20Passports%20for%20Business%20Travel%20and%20Tourism%20|%20Fast,%20Easy,%20Secure&url=https://cibtvisas.com/&referrer=
Requested by: Host: cibtvisas.com
URL: https://cibtvisas.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.174.151.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-4-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 20:55:43 GMT
X-Pardot-Route: 403edde838d926b2f64a33ea88db7473
X-Pardot-LB: a5df88223e39cf9fcb783877fed82f24
x-pardot-rsp: 0/0/1
vary: User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript; charset=utf-8
content-length: 50
Server: PardotServer
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=404769754613765&ev=Microdata&dl=https%3A%2F%2Fcibtvisas.com%2F&rl=&if=false&ts=1644440143254&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Travel%20Visas%20and%20US%20Passports%20for%20Business%20Travel%20and%20Tourism%20%7C%20Fast%2C%20Easy%2C%20Secure%22%2C%22meta%3Adescription%22%3A%22CIBTvisas%20is%20the%20global%20leader%20in%20travel%20visas%20and%20US%20passports.%20Millions%20of%20international%20travelers%20have%20trusted%20CIBTvisas%20to%20secure%20their%20business%20visas%20or%20tourist%20visas.%22%2C%22meta%3Akeywords%22%3A%22travel%20visa%2C%20travel%20visas%20for%20US%20citizens%2C%20US%20passports%2C%20%20US%20Passport%20Expediters%2C%20tourist%20visas%2C%20business%20visas%2C%20student%20visas%2C%20US%20travel%20documents%2C%20US%20passport%20renewal%2C%20US%20child%20passport%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1644440141748.1430600976&it=1644440141545&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cibtvisas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:55:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 09 Feb 2022 20:55:43 GMT

Verdicts & Comments Add Verdict or Comment

198 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

90 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 01:30:32	Name: _li_ss Value: MgkI_____wcQxhE
.cibtvisas.com/	1970-01-20 09:32:56	Name: cookietest Value: test
cibtvisas.com/	1970-01-20 00:58:51	Name: CIBTSID Value: 0852eaba7fb65609dde05c74068377a9
.cibtvisas.com/	1970-01-20 01:30:32	Name: usacibt_code Value: LaAMfM2uTOhS3SqMswFlZF%2FBVDRvXRFZ1yq7XSocIkw%3D
cibtvisas.com/	1970-01-20 00:48:46	Name: isiframeenabled Value: true
salesiq.zoho.eu/	1969-12-31 23:59:59	Name: LS_CSRF_TOKEN Value: 2041196d-e7a1-4a43-ae4c-d7259976e54e
.criteo.com/	1970-01-20 10:08:56	Name: uid Value: 8bf31335-edb5-4a39-8a01-39264eb2f78a
.bing.com/	1970-01-20 10:08:56	Name: MUID Value: 3562516191776BF6140E402790A56A9C
.cibtvisas.com/	1970-01-20 18:18:32	Name: cibt-_zldp Value: UFQwBiTsjTh1%2FckvvX71Fj7U7dtxKUBrbQegN2lwdlnvfjWtcV1A5cVo5ZPCH4Izqo74dRRgN3c%3D
.cibtvisas.com/	1970-01-20 00:48:46	Name: cibt-_zldt Value: ef6adfdf-b9df-4bd8-b368-53c972090819-0
.cibtvisas.com/	1970-01-20 00:48:46	Name: _uetsid Value: a471d5a089ea11ecbd0e3da0da51f40d
.cibtvisas.com/	1970-01-20 10:08:56	Name: _uetvid Value: a471e0a089ea11ecbda717bbb4900ceb
.cibtvisas.com/	1970-01-20 18:18:32	Name: __utma Value: 6331552.88311203.1644440142.1644440142.1644440142.1
.cibtvisas.com/	1969-12-31 23:59:59	Name: __utmc Value: 6331552
.cibtvisas.com/	1970-01-20 05:10:08	Name: __utmz Value: 6331552.1644440142.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.cibtvisas.com/	1970-01-20 00:47:20	Name: __utmt_UA-3428015-1 Value: 1
.cibtvisas.com/	1970-01-20 00:47:20	Name: __utmt_UA-45502077-1 Value: 1
.cibtvisas.com/	1970-01-20 00:47:21	Name: __utmb Value: 6331552.2.10.1644440142
.cibtvisas.com/	1970-01-20 10:16:44	Name: cto_bundle Value: 6-P58F80akRUeHF3VnlaVVFLWjFsQkglMkYlMkYwUUFGU0ZwYWVJS0RXdndmOUdCeCUyQkthUFlMZFRDNVkwVkxSM2duRFJjJTJCbE9NVGg1aGFXb0FjbVRxOHk1bTJnbGNBTkRzNmdrVHNQb2FObm9KMHhJZlNIWGUxaGhla3MlMkJwaFo0N2x6RW5BVHM0Y1cxSyUyRklCemFmT3l3a0xOcVVEYUElM0QlM0Q
.cibtvisas.com/	1970-01-20 09:32:56	Name: _hjSessionUser_597275 Value: eyJpZCI6IjI4OGM4NTMzLTI3ZWMtNTA1MS1iZmU3LThmYmUwYTA4NDBmZSIsImNyZWF0ZWQiOjE2NDQ0NDAxNDE2MTAsImV4aXN0aW5nIjpmYWxzZX0=
.cibtvisas.com/	1970-01-20 00:47:21	Name: _hjFirstSeen Value: 1
cibtvisas.com/	1970-01-20 00:47:20	Name: _hjIncludedInSessionSample Value: 1
.cibtvisas.com/	1970-01-20 00:47:21	Name: _hjSession_597275 Value: eyJpZCI6ImM2ZDE4ODQ3LTJkZjUtNDVjMS05NzgzLWE3MDc4Y2Q4MTdjOSIsImNyZWF0ZWQiOjE2NDQ0NDAxNDE2ODYsImluU2FtcGxlIjp0cnVlfQ==
.cibtvisas.com/	1970-01-20 00:47:21	Name: _hjAbsoluteSessionInProgress Value: 0
.cibtvisas.com/	1970-01-20 02:56:56	Name: _fbp Value: fb.1.1644440141748.1430600976
.linkedin.com/	1970-01-20 01:30:32	Name: UserMatchHistory Value: AQIsIH-1yyfvxAAAAX7gRT9xTcZ4sDJhkXLMHz_PoNC4zWq8pMFpFxJLIhrUP895zUi4GX_WLYF6Tw
.linkedin.com/	1970-01-20 01:30:32	Name: AnalyticsSyncHistory Value: AQKrGy-SPbmUmAAAAX7gRT9xh3BdbZwx5MN5CnVXLP1CHDx4hcaerVEEZTyhzQ47iZAFAoIPzZ6KYIu68s090Q
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:19:13	Name: bcookie Value: "v=2&d6cfd3b4-06f0-4d9c-8b40-20a849700dbe"
.linkedin.com/	1970-01-20 00:48:46	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2216:u=1:x=1:i=1644440141:t=1644526541:v=2:sig=AQF4I0lCDch7EGdeGm2IB6sameaOYgHP"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:19:13	Name: bscookie Value: "v=1&20220209205541f04e98ea-07a8-439f-8702-fc4a97db0f9eAQHB8TuDvqc9JxHktBP9iuhMI7eQZ2w0"
.linkedin.com/	1970-01-20 18:08:26	Name: li_gc Value: MTswOzE2NDQ0NDAxNDE7MjswMjF8Wm2I0yQkUBbM4s74lFkFiHbUrizUdDijhMAyqPJa1Q==
.c.bing.com/	1970-01-20 10:08:56	Name: SRM_B Value: 3562516191776BF6140E402790A56A9C
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 10:08:56	Name: MUID Value: 3562516191776BF6140E402790A56A9C
.c.clarity.ms/	1970-01-20 00:47:20	Name: ANONCHK Value: 0
.cibtvisas.com/	1970-01-20 09:32:56	Name: _clck Value: 15cygpr\|1\|eyu\|0
.rlcdn.com/	1970-01-20 09:32:56	Name: rlas3 Value: a0y2WS31LRH/Ckka86l5G4bJ8/l80JOCpG3oE1XI1G0=
.rlcdn.com/	1970-01-20 02:13:44	Name: pxrc Value: CAA=
.3lift.com/	1970-01-20 02:56:56	Name: tluid Value: 588559532294575103550
.adnxs.com/	1970-01-20 02:56:56	Name: uuid2 Value: 2368272763205980940
.yahoo.com/	1970-01-20 09:33:17	Name: A3 Value: d=AQABBE4qBGICEC_b7dfrqoOFLDHLUHvoq24FEgEBAQF7BWIOYgAAAAAA_eMAAA&S=AQAAAmItE2ClXCpx1aVlZgTUd3A
.adnxs.com/	1970-01-20 02:56:56	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2C$Momd3e!]tbPl@/D!9hy6]/Cr+jh/?:p]^WRk/L1m)cK:y20jM-!mvhlE4J7OI0tb<Q4BP-XBnAH($syw>bpRzqF1`*baL@+X5YY
.cibtvisas.com/	1970-01-20 00:48:46	Name: _clsk Value: 19u8rmr\|1644440142517\|1\|1\|i.clarity.ms/collect
.casalemedia.com/	1970-01-20 09:32:56	Name: CMID Value: YgQqTsYugOpoGLqrX-.p.AAA
.casalemedia.com/	1970-01-20 02:56:56	Name: CMPS Value: 3277
.mediawallahscript.com/	1970-01-20 18:18:32	Name: mCookie Value: a5000fc1-89ea-11ec-8334-5fb16f036829
.mediawallahscript.com/	1970-01-20 18:18:32	Name: mUserCookie Value: %7B%22undefined%22%3A%5B%22%22%2C%22%22%2C%22%22%5D%7D
.casalemedia.com/	1970-01-20 02:56:56	Name: CMPRO Value: 1193
.casalemedia.com/	1970-01-20 00:48:46	Name: CMST Value: YgQqTmIEKk4A
.casalemedia.com/	1970-01-20 09:32:56	Name: CMRUM3 Value: 1462042a4e2760k-li8sM_ySMhRquoyg_LmKDoGEMieSiR5_A4bIlg
.turn.com/	1970-01-20 05:06:32	Name: uid Value: 4101705440622741216
.addthis.com/	1970-01-20 10:08:56	Name: ouid Value: 62042a4e00015af3932042102c0dc686901b48afc667646c1275
.addthis.com/	1970-01-20 10:08:56	Name: uid Value: 62042a4ee7115d82
.addthis.com/	1970-01-20 10:08:56	Name: na_id Value: 2022020920554254000217774532
.doubleclick.net/	1970-01-20 10:08:56	Name: IDE Value: AHWqTUlAtI8kUVdMOgrlTm-QQEP1x8KCkrvhaUjrh-w9yRWbo8sgZH8Bps9aDtYWNJQ
.media.net/	1970-01-20 09:32:56	Name: visitor-id Value: 2874417428398516000V10
.media.net/	1970-01-20 01:30:32	Name: data-c-ts Value: 1644440142
.media.net/	1970-01-20 01:30:32	Name: data-c Value: k-xA_nsPySMhRquoyg_LmKDoGEMifp236tO69lrw~~3
.taboola.com/	1970-01-20 09:32:56	Name: t_gid Value: a6ca9803-8479-4dd8-a213-005928cb4131-tuct8fdafce
.outbrain.com/	1970-01-20 02:56:56	Name: obuid Value: 4470ab0e-3b31-41dd-b6ac-dbb3f6b05797
.outbrain.com/	1970-01-20 01:30:32	Name: criteo Value: k-E-tp3fySMhRquoyg_LmKDoGEMicXg7E9WMqgOg
.advertising.com/	1970-01-20 09:34:22	Name: APID Value: UPa51f7f2d-89ea-11ec-9426-02b393fefa9c
.360yield.com/	1970-01-20 02:56:56	Name: tuuid Value: e55aaa7f-d406-4d28-bac7-bd5887032d80
.360yield.com/	1970-01-20 02:56:56	Name: tuuid_lu Value: 1644440142
.sharethrough.com/	1970-01-20 09:32:56	Name: stx_user_id Value: f9ca6a95-669c-4c03-90db-3b3ed065bcc8
.analytics.yahoo.com/	1970-01-20 09:34:22	Name: IDSYNC Value: "18zh~2358:1761~2358"
.360yield.com/	1970-01-20 02:56:56	Name: um Value: !38,Kt6kJ4DHTPZI4lr3dNtM.kfNUVSvy0WhxSCVeO.3N4bduMJQ9xVi8YhlVogt450Z98dTwDfz,1652216142
.360yield.com/	1970-01-20 02:56:56	Name: umeh Value: !38,0,1706648142,-1
ads.stickyadstv.com/	1970-01-20 01:30:32	Name: UID Value: 2014ba41d61a4c5a6b546a691ea1c65
ads.stickyadstv.com/	1970-01-20 01:30:32	Name: uid-bp-11554 Value: k-m8lMc_ySMhRquoyg_LmKDoGEMif8Xc8gPyMBWQ
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 1feb787fc4de2f2bcb4bdbcc717b1ca7
.bidswitch.net/	1970-01-20 09:32:56	Name: tuuid Value: 4740e898-dc1a-4c20-a0d7-f98ac259f658
.bidswitch.net/	1970-01-20 09:32:56	Name: c Value: 1644440142
.bidswitch.net/	1970-01-20 09:32:56	Name: tuuid_lu Value: 1644440142
.revcontent.com/	1970-02-07 06:47:20	Name: __ID Value: 28b7fa9a023642d38d336044bc31ecf8
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 793da715197ed0b8
.pubmatic.com/	1970-01-20 01:30:32	Name: KRTBCOOKIE_97 Value: 3385-uid:k-1PaQBvySMhRquoyg_LmKDoGEMidvzuwtM8ahnw&KRTB&23286-uid:k-1PaQBvySMhRquoyg_LmKDoGEMidvzuwtM8ahnw&KRTB&23287-uid:k-1PaQBvySMhRquoyg_LmKDoGEMidvzuwtM8ahnw&KRTB&23288-uid:k-1PaQBvySMhRquoyg_LmKDoGEMidvzuwtM8ahnw
.pubmatic.com/	1970-01-20 01:30:32	Name: PugT Value: 1644426995
.pubmatic.com/	1970-01-20 02:56:56	Name: PUBMDCID Value: 1
.postrelease.com/	1970-01-20 09:32:56	Name: opt_out Value: 1
.liadm.com/	1970-01-20 18:18:32	Name: lidid Value: 420b1658-90bc-4d12-919d-876b7188cafb
.pardot.com/	1970-01-23 16:23:20	Name: visitor_id824263 Value: 144491150
.pardot.com/	1970-01-23 16:23:20	Name: visitor_id824263-hash Value: d6d3c47597667d00a9e6b230c8e841aac05255b7f72f43b9bcb233df25d10bf4e1d0f8db098b48a937e3abc13b1e83912b53b64a
pi.pardot.com/	1970-01-20 00:47:21	Name: lpv824263 Value: aHR0cHM6Ly9jaWJ0dmlzYXMuY29tLw%3D%3D
cibtvisas.com/	1970-01-23 16:23:20	Name: visitor_id824263 Value: 144491150
cibtvisas.com/	1970-01-23 16:23:20	Name: visitor_id824263-hash Value: d6d3c47597667d00a9e6b230c8e841aac05255b7f72f43b9bcb233df25d10bf4e1d0f8db098b48a937e3abc13b1e83912b53b64a
resources.newlandchase.com/	1970-01-23 16:23:20	Name: visitor_id824263 Value: 144491150
resources.newlandchase.com/	1970-01-23 16:23:20	Name: visitor_id824263-hash Value: d6d3c47597667d00a9e6b230c8e841aac05255b7f72f43b9bcb233df25d10bf4e1d0f8db098b48a937e3abc13b1e83912b53b64a

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-2brwevySMhRquoyg_LmKDoGEMifvAu8D6Jw5yA&ct=3&cv=1 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.stickyadstv.com
ads.yahoo.com
ajax.googleapis.com
bam.eu01.nr-data.net
bat.bing.com
c.bing.com
c.clarity.ms
cdn.stickyadstv.com
cibtvisas.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
css.zohocdn.com
cw.addthis.com
d.turn.com
dis.criteo.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
i.clarity.ms
i.liadm.com
i6.liadm.com
idsync.rlcdn.com
jadserve.postrelease.com
js-agent.newrelic.com
js.zohocdn.com
match.sharethrough.com
mug.criteo.com
partner.mediawallahscript.com
pi.pardot.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.sitescout.com
px.ads.linkedin.com
px4.ads.linkedin.com
r.casalemedia.com
resources.newlandchase.com
rtb-csync.smartadserver.com
s.ad.smaato.net
salesiq.zoho.eu
script.hotjar.com
secure.adnxs.com
simage2.pubmatic.com
snap.licdn.com
sp.analytics.yahoo.com
ssl.google-analytics.com
sslwidget.criteo.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.outbrain.com
trends.revcontent.com
up.pixel.ad
ups.analytics.yahoo.com
vars.hotjar.com
widget.us.criteo.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
104.111.242.245
104.36.113.17
104.90.181.210
104.90.185.183
108.174.10.14
13.224.189.26
13.224.189.67
13.225.80.89
141.226.228.48
142.250.185.194
151.101.194.137
178.250.2.146
178.250.2.151
178.79.242.181
18.156.0.31
185.20.209.147
185.221.87.248
185.230.212.28
185.33.221.90
185.86.139.89
2.21.140.111
2.21.142.210
2001:4de0:ac19::1:b:1b
2001:678:cb4:bbbb::13
212.82.100.181
2600:1f18:444a:4680:5b76:7408:bdd4:1592
2600:1f18:612b:4264:e8c6:2f28:702a:f217
2600:9000:20eb:9200:1b:5138:8a40:93a1
2606:4700::6812:5af
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:808::2003
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2004
2a00:1450:4001:813::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200a
2a00:1450:400c:c07::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:f7::5c7b:e024
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.64.208.15
34.241.74.252
34.246.169.106
34.247.9.63
35.174.151.106
35.175.54.167
35.211.178.172
35.244.174.68
52.142.114.2
52.167.85.21
54.93.148.23
64.202.112.95
66.155.71.25
69.173.144.165
74.119.119.150
75.101.244.20
76.223.111.18
035e8526d2ae70bd054a5d91c856cd1f65c0d40b7b9229341ebbbcaab22055fa
04128cd522b3e35c2158deab3bdb43828cf7fbddd5c51e64eb7825aff17cc6fa
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0fb12570349f1240f49d37c31c1754d483f366a601a898d4a59bbb1b7fcbdee9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1e9e256ee1fc9a110304d77078dc870461ab2119e6165827b389431e87d94dac
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2e33768362fd357e781d01670db1d226dfb484c6f2b769f3b798469ee1f82ad6
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
42736c7de60dfab94b3cc902b8692f80cfeb0a5989d1d51db1d25fd7d18dc45b
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42ef115290ccb77ed1d69548cf85af2bc12c229953e8825b35b06a2d98605228
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
49ce6ca7433885c11f8642adc16690783fe0c6961a563d2bf894ff477fe565a4
4ac8e03606ffa4c37f61a6510a2080f1f37a7054f4726c214887d3b23f72e369
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
570107613ad2dd39552f9e958c5ef81fac171fffd39d1e504a478f2516aa6050
59c9ed02e14909ec2d1852f3f51f0026d9a58864f2403f98d746fe76474476e1
5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6568a8a9578cfdd55945b329b1ac8901849f56d9867b6aff7c01102b117cf9aa
68ea492e01c42ad3494fffc0913d4f2a79122b12324a7619861ac7f5fa7df402
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8
7225c811b9035a4ce65639eb7ab5e7850833a340a866cc8e4bc5c2ce4abe8756
722ce8313ef8a1fa63b0187bdde07a19865d30f370b1f67c2ce3d24d7eca9032
742caaefcd3e08b9d1cfcd1c71a82613db98d6277b490428e1c3bae163b2c6a8
7673757758e0eae794b8bc6653a524ba1c3f90bd105c4ac55399db544e846acb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c799879632739e2e4d176303e6ee5eec576cd0c7bdcf4766e89a3cbb5264fa4
7db8bd68f73820ce38300e9a7735ddf6adf39cac37413d7854dc5294d87bdf6f
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8f1ff366277d44b77be3b387ae2d9d2d33269853e30e24df160b8d1524d41dcb
93fd26c8181d02a1f30e915495e4e51d577f7e4dea7a15fae45712d3f50d7936
969906bcbe527c9f8a20dd41fb0e8cdb9710ab85c4928ee7b40d1239fc7fa361
993afb261624730a432d4e0921da6530967e56c5a8e9d608904d6343d40422d1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c1f7469599803192c5de7350db2a31493dc1237e171465005759b4ec9fc6aad
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2320d5c8eafd28045ec07700077e3c31c59dd1d346246b1c603d7353093a205
a23b70c8b4f7c9350884278d105415c3537b335c85ae4920ecd475a14baa85b4
a30b772ad21e8c4e2a22dee4d1da6dbf38a9ab1b5fcde7f86189fecd9638f0bf
a48b71ecd9317a506d469557eb47c2b9c9e4bcfe690709c48e101d1edb676618
b0fe2250071a03c7d5b1027eb162479edf38c3cfda10dcb7c5dc76681d42dab9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e6f330c3e63c357a3aad8bc8693e02302c2822427ac1f8353c2b9e0b375624
b959fe5c4142ec16c67bf0eede4d0efdb55063d51ef581965644fedea20624f0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c25f484736142a0dc15f36698fec2dbf33199cd69c31e505f15cbc359900faee
c7b341db8fb58509e496a629e9838d7b1028ed613d4997906487c97ddaa09ecd
c825bfe9281473ce03fbc755bcfa9268b78194a1332eed8ca13b8389cbb9957c
c9a79bff862e9d510254d75fae72fd66a2e67bfdb949bbcae6baffd1020ccfc3
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cfcec986f8dd08e1c7ceabcd7b3ac0fa59364a2423c734eaf1b57f076acf7c75
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e2e31d64a53c06ee7076e71b5f5dc7e298e4686c2f39e766250d88717eb7dbad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e447cd47a62874dc94d6ab97a84dbeb7f2f0aba3e490b9f0128b6c8399a96f37
e61d996783b46563de5039f0ea572e218125113fec72a1c9ec9f71c3862e3d4c
e82e0b63a235485c7a5dc7ccc2e311c4a4d003622a366c5d7307e1d356f268a6
ee3ba5c88400b22b880d85202ce82143dc5e19861bf7880b7f4c32d4263e96d5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f663f0284e0e3143eb41b3af1f33035b36d3ed2a2312190fb0177df46cf92808
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

cibtvisas.com Open in urlscan Pro 2606:4700::6812:5af Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

106 Requests

82 %HTTPS

35 %IPv6

50 Domains

67 Subdomains

54 IPs

8 Countries

2627 kBTransfer

4780 kBSize

90 Cookies

28 Outgoing links

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cibtvisas.com Open in urlscan Pro
2606:4700::6812:5af Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

82 %
HTTPS

35 %
IPv6

50
Domains

67
Subdomains

54
IPs

8
Countries

2627 kB
Transfer

4780 kB
Size

90
Cookies

106 HTTP transactions
0 data transactions