cf.spybriefing.com Open in urlscan Pro
2606:4700::6810:dc2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.spybriefing.com/a/1485/click/9349/165523/441d3f712b67c75a0551dcb3041bbb6ec813f91d/5a87b888d6f8f103142380318b74a8...
Effective URL:
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Submission Tags: falconsandbox
Submission: On June 09 via api (June 9th 2022, 2:16:10 pm UTC) from US — Scanned from DE

Summary HTTP 186 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 79 IPs in 8 countries across 67 domains to perform 186 HTTP transactions. The main IP is 2606:4700::6810:dc2, located in United States and belongs to CLOUDFLARENET, US. The main domain is cf.spybriefing.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2022. Valid for: a year.

This is the only time cf.spybriefing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.238.129.105 35.238.129.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 21	2606:4700::68... 2606:4700::6810:dc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1 7	2606:4700:440... 2606:4700:4400::ac40:972a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::6812:2791	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:ec2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.225.78.123 13.225.78.123	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:6c0... 2a02:26f0:6c00:298::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	67.205.176.157 67.205.176.157	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (STACKPATH...) (STACKPATH-CDN)
2	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.26.174 104.18.26.174	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.77.245 13.225.77.245	16509 (AMAZON-02) (AMAZON-02)
14	23.36.163.232 23.36.163.232	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.45.50.106 52.45.50.106	14618 (AMAZON-AES) (AMAZON-AES)
5	85.17.54.17 85.17.54.17	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	34.202.133.253 34.202.133.253	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 3	44.196.167.20 44.196.167.20	14618 (AMAZON-AES) (AMAZON-AES)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700:20:... 2606:4700:20::681a:5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20eb:2c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	169.50.137.179 169.50.137.179	36351 (SOFTLAYER) (SOFTLAYER)
2	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
1	178.250.2.140 178.250.2.140	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 5	2600:9000:20e... 2600:9000:20eb:ba00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	91.195.240.87 91.195.240.87	47846 (SEDO-AS) (SEDO-AS)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
4	18.205.229.183 18.205.229.183	14618 (AMAZON-AES) (AMAZON-AES)
3	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	54.72.182.0 54.72.182.0	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2 3	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	52.209.107.65 52.209.107.65	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	204.237.133.120 204.237.133.120	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1	52.49.118.209 52.49.118.209	16509 (AMAZON-02) (AMAZON-02)
1	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.86.139.106 185.86.139.106	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.193.215.198 18.193.215.198	16509 (AMAZON-02) (AMAZON-02)
1 2	52.210.88.151 52.210.88.151	16509 (AMAZON-02) (AMAZON-02)
2 2	54.205.192.169 54.205.192.169	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4602:bab:b033:845c:e657	14618 (AMAZON-AES) (AMAZON-AES)
1	3.223.101.22 3.223.101.22	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:612... 2600:1f18:612b:4232:40ff:2de3:a398:119a	14618 (AMAZON-AES) (AMAZON-AES)
1 1	23.35.229.117 23.35.229.117	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1	18.185.150.140 18.185.150.140	16509 (AMAZON-02) (AMAZON-02)
1	52.49.242.166 52.49.242.166	16509 (AMAZON-02) (AMAZON-02)
186	79

1 35.238.129.105 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com

links.spybriefing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700::6810:dc2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cf.spybriefing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::ac40:972a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kw493.infusionsoft.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2791 (United States)

ASN13335 (CLOUDFLARENET, US)

kw493.infusionsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:ec2 (United States)

ASN13335 (CLOUDFLARENET, US)

app.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-123.fra2.r.cloudfront.net

tag.segmetrics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:298::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.205.176.157 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: statistinamics.com

ndn.statistinamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

a.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.26.174 (None, )

ASN13335 (CLOUDFLARENET, US)

a.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.77.245 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-245.fra2.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 23.36.163.232 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-232.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.50.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-50-106.compute-1.amazonaws.com

web.adblade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 85.17.54.17 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

visit.prayfashion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.133.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-133-253.compute-1.amazonaws.com

pixel.adblade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.196.167.20 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-167-20.compute-1.amazonaws.com

rdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:5 (United States)

ASN13335 (CLOUDFLARENET, US)

track.segmetrics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:2c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.140 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:20eb:ba00:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.195.240.87 (Germany)

ASN47846 (SEDO-AS, DE)

m.revmizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.205.229.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-229-183.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.182.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-182-0.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.107.65 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-107-65.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.45 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.237.133.120 (West Chester, United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.118.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-118-209.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.106 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.215.198 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-215-198.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.88.151 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-88-151.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.205.192.169 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-192-169.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4602:bab:b033:845c:e657 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.223.101.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-101-22.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:40ff:2de3:a398:119a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.229.117 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-117.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.150.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-150-140.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.242.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-242-166.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	spybriefing.com 2 redirects links.spybriefing.com — Cisco Umbrella Rank: 663192 cf.spybriefing.com	5 MB
14	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 981	81 KB
11	youtube.com www.youtube.com — Cisco Umbrella Rank: 103	761 KB
10	criteo.com 3 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4215 gum.criteo.com — Cisco Umbrella Rank: 369 mug.criteo.com — Cisco Umbrella Rank: 2871 sslwidget.criteo.com — Cisco Umbrella Rank: 1539 widget.us.criteo.com — Cisco Umbrella Rank: 17602 dis.criteo.com — Cisco Umbrella Rank: 692	20 KB
8	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 static.doubleclick.net — Cisco Umbrella Rank: 370 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 199	5 KB
7	infusionsoft.app 1 redirects kw493.infusionsoft.app	14 KB
6	adnxs.com 5 redirects secure.adnxs.com — Cisco Umbrella Rank: 393 ib.adnxs.com — Cisco Umbrella Rank: 225	6 KB
6	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 2116 d.adroll.com — Cisco Umbrella Rank: 1441	78 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 52 jnn-pa.googleapis.com — Cisco Umbrella Rank: 299	32 KB
5	prayfashion.com visit.prayfashion.com	7 KB
5	clickfunnels.com assets.clickfunnels.com — Cisco Umbrella Rank: 60807 app.clickfunnels.com — Cisco Umbrella Rank: 36031	5 KB
4	yahoo.com 1 redirects ads.yahoo.com — Cisco Umbrella Rank: 1008 sp.analytics.yahoo.com — Cisco Umbrella Rank: 733 ups.analytics.yahoo.com — Cisco Umbrella Rank: 283	1 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 3528	7 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 1968 tr.outbrain.com — Cisco Umbrella Rank: 1805 sync.outbrain.com — Cisco Umbrella Rank: 715	4 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6180	870 B
4	google.com www.google.com — Cisco Umbrella Rank: 4	870 B
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 939	941 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	264 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 547 i6.liadm.com — Cisco Umbrella Rank: 1516	1 KB
3	rdcdn.com 2 redirects rdcdn.com — Cisco Umbrella Rank: 45559	801 B
3	adblade.com web.adblade.com — Cisco Umbrella Rank: 65001 pixel.adblade.com — Cisco Umbrella Rank: 209376	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 43	20 KB
3	gstatic.com fonts.gstatic.com	76 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 875	92 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 644 cdn.stickyadstv.com — Cisco Umbrella Rank: 2517	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 623	853 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 276	1 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 310	140 B
2	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 770	829 B
2	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 5892 trends.revcontent.com — Cisco Umbrella Rank: 1960	10 KB
2	adskeeper.co.uk a.adskeeper.co.uk — Cisco Umbrella Rank: 462139	6 KB
2	mgid.com a.mgid.com — Cisco Umbrella Rank: 18330	6 KB
2	statistinamics.com ndn.statistinamics.com — Cisco Umbrella Rank: 98659	1 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 741	19 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 942 pixel.quantserve.com — Cisco Umbrella Rank: 430	10 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 92	388 B
2	segmetrics.io tag.segmetrics.io — Cisco Umbrella Rank: 65901 track.segmetrics.io — Cisco Umbrella Rank: 88311	26 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	110 KB
2	infusionsoft.com kw493.infusionsoft.com	31 KB
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 1844	220 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1297	40 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2215	183 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1234	428 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 577	262 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 590	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1163	99 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1591	172 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 520	798 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 380	140 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 582	581 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 317	239 B
1	addthis.com cw.addthis.com — Cisco Umbrella Rank: 1433	427 B
1	mediawallahscript.com partner.mediawallahscript.com — Cisco Umbrella Rank: 2106	232 B
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 389	725 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 362	14 KB
1	revmizer.com m.revmizer.com
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 586	14 KB
1	simpli.fi tag.simpli.fi — Cisco Umbrella Rank: 4294	4 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 906	351 B
1	turn.com r.turn.com — Cisco Umbrella Rank: 2685	398 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1072	8 KB
1	exoclick.com a.exoclick.com — Cisco Umbrella Rank: 77683	959 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 122	15 KB
1	clickcease.com www.clickcease.com — Cisco Umbrella Rank: 10605	53 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1222	5 KB
0	casalemedia.com Failed r.casalemedia.com Failed
0	addevent.com Failed track.addevent.com Failed
186	67

	Domain	Requested by
20	cf.spybriefing.com	1 redirects cf.spybriefing.com static.cloudflareinsights.com
14	analytics.tiktok.com	cf.spybriefing.com analytics.tiktok.com
11	www.youtube.com	cf.spybriefing.com www.youtube.com
7	kw493.infusionsoft.app	1 redirects cf.spybriefing.com kw493.infusionsoft.app
5	s.adroll.com	1 redirects cf.spybriefing.com s.adroll.com
5	visit.prayfashion.com	cf.spybriefing.com visit.prayfashion.com
4	secure.adnxs.com	3 redirects
4	tags.srv.stackadapt.com	cf.spybriefing.com tags.srv.stackadapt.com
4	www.google.de	cf.spybriefing.com
4	www.google.com	cf.spybriefing.com
4	jnn-pa.googleapis.com	www.youtube.com
4	tr.snapchat.com	sc-static.net cf.spybriefing.com
4	googleads.g.doubleclick.net	1 redirects www.googleadservices.com www.youtube.com
4	app.clickfunnels.com	cf.spybriefing.com
4	www.googletagmanager.com	cf.spybriefing.com www.googletagmanager.com
3	dis.criteo.com
3	gum.criteo.com	2 redirects static.criteo.net
3	rdcdn.com	2 redirects cf.spybriefing.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	use.fontawesome.com	cf.spybriefing.com use.fontawesome.com
2	i.liadm.com	2 redirects
2	ad.360yield.com	1 redirects
2	x.bidswitch.net	1 redirects
2	ib.adnxs.com	2 redirects
2	ups.analytics.yahoo.com	1 redirects
2	idsync.rlcdn.com
2	tr.outbrain.com	amplify.outbrain.com cf.spybriefing.com
2	ct.pinterest.com	s.pinimg.com cf.spybriefing.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	web.adblade.com	cf.spybriefing.com
2	a.adskeeper.co.uk	cf.spybriefing.com
2	a.mgid.com	cf.spybriefing.com
2	ndn.statistinamics.com	www.googletagmanager.com ndn.statistinamics.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.facebook.com	cf.spybriefing.com
2	connect.facebook.net	cf.spybriefing.com connect.facebook.net
2	kw493.infusionsoft.com	cf.spybriefing.com
2	fonts.googleapis.com	cf.spybriefing.com
1	sync-criteo.ads.yieldmo.com
1	exchange.mediavine.com
1	cdn.stickyadstv.com
1	ads.stickyadstv.com	1 redirects
1	criteo-partners.tremorhub.com
1	jadserve.postrelease.com
1	i6.liadm.com
1	match.sharethrough.com
1	rtb-csync.smartadserver.com
1	sync-t1.taboola.com
1	criteo-sync.teads.tv
1	trends.revcontent.com
1	contextual.media.net
1	eb2.3lift.com
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	cw.addthis.com
1	sync.outbrain.com
1	sp.analytics.yahoo.com
1	ads.yahoo.com
1	partner.mediawallahscript.com
1	cm.g.doubleclick.net	1 redirects
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	cf.spybriefing.com
1	d.adroll.com	s.adroll.com
1	amplify.outbrain.com	cf.spybriefing.com
1	m.revmizer.com	cf.spybriefing.com
1	static.criteo.net	dynamic.criteo.com
1	dynamic.criteo.com	cf.spybriefing.com
1	tag.simpli.fi	cf.spybriefing.com
1	pixel.quantserve.com	cf.spybriefing.com
1	static.doubleclick.net	www.youtube.com
1	rules.quantcount.com	secure.quantserve.com
1	track.segmetrics.io	tag.segmetrics.io
1	assets.revcontent.com	www.googletagmanager.com
1	r.turn.com	cf.spybriefing.com
1	pixel.adblade.com	cf.spybriefing.com
1	sc-static.net	cf.spybriefing.com
1	a.exoclick.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.clickcease.com	cf.spybriefing.com
1	tag.segmetrics.io	cf.spybriefing.com
1	static.cloudflareinsights.com	cf.spybriefing.com
1	assets.clickfunnels.com	cf.spybriefing.com
1	links.spybriefing.com	1 redirects
0	r.casalemedia.com Failed
0	track.addevent.com Failed	cf.spybriefing.com
186	90

This site contains links to these domains. Also see Links.

Domain
spybriefing.com

Subject Issuer	Validity	Valid
cf.spybriefing.com Cloudflare Inc ECC CA-3	`2022-05-08` - `2023-05-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-18` - `2022-06-16`	3 months	crt.sh
tag.segmetrics.io Amazon	`2021-11-15` - `2022-12-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
statistinamics.com R3	`2022-06-04` - `2022-09-02`	3 months	crt.sh
*.exoclick.com Go Daddy Secure Certificate Authority - G2	`2021-08-03` - `2022-09-04`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
adblade.com Amazon	`2022-04-17` - `2023-05-16`	a year	crt.sh
visit.prayfashion.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-07` - `2022-09-07`	a year	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-02` - `2023-04-01`	a year	crt.sh
assets.revcontent.com R3	`2022-05-17` - `2022-08-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
m.revmizer.com Encryption Everywhere DV TLS CA - G1	`2022-06-06` - `2023-06-06`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.srv.stackadapt.com Amazon	`2021-11-09` - `2022-12-07`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.mediawallahscript.com Amazon	`2022-05-04` - `2023-06-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-06` - `2022-07-27`	2 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2021-08-05` - `2022-09-03`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Frame ID: C218BFE427606D3E6FB6941C5DB59C02
Requests: 128 HTTP requests in this frame

Frame: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Frame ID: BDB3461477F32AA51439134CC67F4509
Requests: 6 HTTP requests in this frame

Frame: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Frame ID: 0DB11C9AF9736686E4C27938501F7264
Requests: 13 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=dcac7434-c37f-428b-b940-285ccbce8757
Frame ID: 5575309F442AD5B66046BF440589183C
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 481C9C47A6510F3E9DB0D3A6B90A44CF
Requests: 1 HTTP requests in this frame

Frame: https://kw493.infusionsoft.app/app/webTracking/websiteTriggerIframe
Frame ID: E58336592A29896B72DA5546A70D5E5A
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=cf.spybriefing.com&origin=onetag
Frame ID: 3C88F985FF30600073D6DA0BEBBE2431
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XNc2pd6blIu1c81RPdEtqWHJXHzfM-mGcx1ugQ&google_gid=CAESEAmorR0SXKb60eLrYMduTUg&google_cver=1&google_ula=913071,0
Frame ID: 82C477220825E5C61732CC6A9304578D
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Carfighting Video

Page URL History Show full URLs

https://links.spybriefing.com/a/1485/click/9349/165523/441d3f712b67c75a0551dcb3041bbb6ec813f91d/5a87b888d6... HTTP 302
https://cf.spybriefing.com/carfighting-le HTTP 302
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778 Page URL

Detected technologies

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

ClickFunnels (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

<meta property="cf:app_domain" content="app\.clickfunnels\.com"

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

186
Requests

88 %
HTTPS

39 %
IPv6

67
Domains

90
Subdomains

79
IPs

8
Countries

6759 kB
Transfer

13087 kB
Size

92
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://spybriefing.com/terms-conditions
Title: TERMS AND CONDITIONS

Search URL Search Domain Scan URL

URL: https://spybriefing.com/privacy-policy
Title: PRIVACY POLICY

Search URL Search Domain Scan URL

URL: https://spybriefing.com/return-policy
Title: RETURN POLICY

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.spybriefing.com/a/1485/click/9349/165523/441d3f712b67c75a0551dcb3041bbb6ec813f91d/5a87b888d6f8f103142380318b74a8d93287aa1e HTTP 302
https://cf.spybriefing.com/carfighting-le HTTP 302
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://rdcdn.com/rt?aid=19177&e=1&img=1 HTTP 302
https://rdcdn.com/eow HTTP 302
https://rdcdn.com/images/blank.gif

Request Chain 84

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 132

https://s.adroll.com/j/exp/LIAFGQD4BJCQNANH5CBFII/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 149

https://kw493.infusionsoft.app/app/webTracking/contact/1654784163616?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=cf.spybriefing.com&location=https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778&referrer= HTTP 302
https://kw493.infusionsoft.app/slices/spacer.gif

Request Chain 152

https://gum.criteo.com/sid/json?origin=onetag&domain=spybriefing.com&sn=ChromeSyncframe&so=0&topUrl=cf.spybriefing.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=-zxkVXw0OGlHbmI5Nk1GanVxWFFmckcxNzFlbWFUZW5iVEJwS2dQekdOSjc5RWFEUG80WmpLUkN6a0dEN2JsUmVURE5SYmJXeGQ3bTJhbkYvV0I3emVUMVFRenloK1hhRExEMzJlb3ZFUEtzV0oxSURTcnpwaU5NbDlaS2xPdzNGaXlDQWwwSU9mWFNHdEd3MWdKbFFMdnZ3M244Zm9JOFVGblJ6QWxyT1hsb1hUU0N6aTIyVlJWMEZsMTQreXJPdG9kbVcvM1NXMTltRE1WdGUvSVN3WjRtMzRMRlJrUElLTmVoRXRwZ2JsWkFmR3lKUXlBandjOVc3R1I2Q0pPbWpSL0tYMXBzUE9iaVJoWWNUYkRYRWpNSFVqZz09fA&cppv=2

Request Chain 153

https://sslwidget.criteo.com/event?a=94432&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=_QmvKF9IOXUlMkJ1aDlxaUhpVkpZcUhYSmR0bnkydTNNbSUyRmJkNk91dk41JTJCNENKeWJCVDg1YzFsOCUyQkZmN2IlMkZqZ1JIY3ZOWHhPTXh5dEx0JTJGRktKZXpBTm5PazJRNlZhbWF4UTFZc3FGRzNiMjNRSjByVkRCJTJCTWpIRUJyaHpJNnZpZkxoWVVVJTJGekxIYmJWJTJCWEolMkY4OXNmd1k0QUF3ZyUzRCUzRA&tld=spybriefing.com&dy=1&fu=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&dtycbr=18752 HTTP 302
https://widget.us.criteo.com/event?a=94432&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=_QmvKF9IOXUlMkJ1aDlxaUhpVkpZcUhYSmR0bnkydTNNbSUyRmJkNk91dk41JTJCNENKeWJCVDg1YzFsOCUyQkZmN2IlMkZqZ1JIY3ZOWHhPTXh5dEx0JTJGRktKZXpBTm5PazJRNlZhbWF4UTFZc3FGRzNiMjNRSjByVkRCJTJCTWpIRUJyaHpJNnZpZkxoWVVVJTJGekxIYmJWJTJCWEolMkY4OXNmd1k0QUF3ZyUzRCUzRA&tld=spybriefing.com&dy=1&fu=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&dtycbr=18752

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-XNc2pd6blIu1c81RPdEtqWHJXHzfM-mGcx1ugQ&google_cm&google_hm=ay1YTmMycGQ2YmxJdTFjODFSUGRFdHFXSEpYSHpmTS1tR2N4MXVnUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XNc2pd6blIu1c81RPdEtqWHJXHzfM-mGcx1ugQ&google_gid=CAESEAmorR0SXKb60eLrYMduTUg&google_cver=1&google_ula=913071,0

Request Chain 155

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=dokn520NSRVPOWHeteU2DVlqpdpMDsgS

Request Chain 160

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Qwf2J96blIu1c81RPdEtqWHJXHxwGCP7pRV44Q HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Qwf2J96blIu1c81RPdEtqWHJXHxwGCP7pRV44Q&verify=true

Request Chain 164

https://secure.adnxs.com/setuid?entity=52&code=k-YCEEZN6blIu1c81RPdEtqWHJXHzU9KUJmcTyEw&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-YCEEZN6blIu1c81RPdEtqWHJXHzU9KUJmcTyEw%26seg%3D95287

Request Chain 165

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7232166593167394457

Request Chain 170

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-GFBu9N6blIu1c81RPdEtqWHJXHzme9NtzkNR9w&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-GFBu9N6blIu1c81RPdEtqWHJXHzme9NtzkNR9w&expires=30&user_group=5

Request Chain 176

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-FvfAj96blIu1c81RPdEtqWHJXHz7NkZ12RZCpQ HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-FvfAj96blIu1c81RPdEtqWHJXHz7NkZ12RZCpQ

Request Chain 177

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nX3sV96blIu1c81RPdEtqWHJXHwbbrtt5dFteQ HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nX3sV96blIu1c81RPdEtqWHJXHwbbrtt5dFteQ&_li_chk=true&previous_uuid=23246e40a5cc445e91d202f8de8a9778 HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nX3sV96blIu1c81RPdEtqWHJXHwbbrtt5dFteQ

Request Chain 180

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-NbPnD96blIu1c81RPdEtqWHJXHy5jR7SNGV0yA&redirectId=69 HTTP 302
https://cdn.stickyadstv.com/one-shot/empty.gif

Request Chain 184

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7232166593167394457

186 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request sales-page-4977917816267594971791630527983778 Show response
cf.spybriefing.com/
Redirect Chain

https://links.spybriefing.com/a/1485/click/9349/165523/441d3f712b67c75a0551dcb3041bbb6ec813f91d/5a87b888d6f8f103142380318b74a8d93287aa1e
https://cf.spybriefing.com/carfighting-le
https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

389 KB
39 KB

489ms
489ms

Document
text/html

2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

b8f53899a9b6f3ce7aa34aeb24ee5d09c3e2d2465d40dc9ca2b3e95744bbe569

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, private
cf-cache-status: BYPASS
cf-ray: 718a7b99fa169a09-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 09 Jun 2022 14:16:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
status: 200 OK
strict-transport-security: max-age=0
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: c8768cf1ffb2e3eea57c1fd724cf3e58
x-runtime: 0.270459

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
cf-cache-status: EXPIRED
cf-ray: 718a7b970c7c9a09-FRA
content-type: text/html; charset=utf-8
date: Thu, 09 Jun 2022 14:16:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
server: cloudflare
status: 302 Found
strict-transport-security: max-age=0
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 52dd2facf022eaa41c96a3ee7c327b12
x-runtime: 0.165339

GET
H2 200 lander.css
cf.spybriefing.com/assets/ 425 KB
70 KB 63ms
62ms Stylesheet
text/css 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.spybriefing.com/assets/lander.css

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 811
last-modified: Thu, 26 May 2022 21:52:55 GMT
server: cloudflare
etag: W/"628ff6b7-6a514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 718a7b9d3fee9a09-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 09 Jun 2022 14:36:03 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.9.0/css/ 55 KB
13 KB 65ms
32ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8719328
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6Y8PV89KC9XPDZ8T
x-amz-id-2: CFX12FCvmZfEL+oB8PSM7BkmXntBiIF/Cy4Nwcxa2rCvbH0f99j2xL2eaLpYcI1CUjOY8b8jPi8=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKjR2Y09AU%2BPSpX2zxc3rk7k8KPi6l52V0ueF%2Fg%2BrijbujC1wtqHSvWQTfiwXUnSusJqAvj4SSOyLN%2FxPa4u2bGfAtlMtDKxa3W%2Fx3okA9C81etvuqamoAZvBaK%2Bay7hAvIEqIr%2Bduf4ZLSZnmca6%2Fuq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 718a7b9d6f06916e-FRA

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 26 KB
4 KB 73ms
39ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8719296
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 3ZFDB02TPD04KVSM
x-amz-id-2: Q+Yh9NWtHdNxTeGbi5Jy5M0eTfqcF+g9vq1am4/JhekyhOp4pfLm/0vFAqiRelD4miD66BZWdjI=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"e140a7d32f343530f016095df3cc2ae4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FoCXKWq6NjDMYMlt%2ByNIzS38KYK6C3dATllBbfMMctthEpO9sHkybxWYORgvvVARi0wlzDtyTMuKegeP8LrN3Jbu2uGen47NDKDM4L0Lx%2Fs%2FNFZ%2BLtlEaejTmXrLdYyE1OWG%2BcED7urMtN6k%2FcOoM1qa"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 718a7b9d6f08916e-FRA

GET
H2 200 css
fonts.googleapis.com/ 45 KB
3 KB 135ms
48ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e2885606820de818f23a4d95e72051f4b025951e38578740dac202462cf7dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 13:01:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 09 Jun 2022 14:16:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Jun 2022 14:16:03 GMT

GET
H2 200 application.js Show response
cf.spybriefing.com/assets/userevents/ 5 KB
2 KB 51ms
50ms Script
application/x-javascript 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.spybriefing.com/assets/userevents/application.js

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 454
last-modified: Thu, 26 May 2022 21:52:55 GMT
server: cloudflare
etag: W/"628ff6b7-1353"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 718a7b9d3ff39a09-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 09 Jun 2022 14:36:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
39 KB 154ms
70ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-164010868-2

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cec2a729182e5d96055c73654d17990a0543ffa9134159a1b0b1c0d4dec02099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39822
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 14:16:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 204ms
119ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-459873033

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17aa2e94685669ebd3d2f5fcada99421d2e980de81f0c6f3be1bb579b6af7e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43479
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 14:16:03 GMT

GET
H2 200 getTrackingCode Show response
kw493.infusionsoft.app/app/webTracking/ 7 KB
2 KB 224ms
183ms Script
text/javascript 2606:4700:4400::ac40:972a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kw493.infusionsoft.app/app/webTracking/getTrackingCode

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:972a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65fe5c0c5a06bbf5841f03219a3cb5c120928a84ba31242b21357a0d466426a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 google
cache-control: no-cache, no-store
cf-ray: 718a7b9d7d0b5bdd-FRA
vary: accept-encoding
x-xss-protection: 1; mode=block
expires: Thu, 09 Jun 2022 14:16:03 GMT

GET
H2 200 timezoneInputJs Show response
kw493.infusionsoft.com/app/timezone/ 601 B
774 B 235ms
192ms Script
text/javascript 2606:4700:4400::6812:2791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kw493.infusionsoft.com/app/timezone/timezoneInputJs?xid=f4e7c818890795a52af78f8062d8f315

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2791 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00d334a19d88f3d2e38b960842f66f72cac7859e75c77374445bd592cc75dfcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
vary: accept-encoding
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 google
cache-control: no-cache, no-store
cf-ray: 718a7b9d7a3c9bf2-FRA
expires: Thu, 09 Jun 2022 14:16:03 GMT

GET
H2 200 jquery-3.3.1.js Show response
kw493.infusionsoft.com/js/jquery/ 84 KB
30 KB 90ms
47ms Script
application/javascript 2606:4700:4400::6812:2791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kw493.infusionsoft.com/js/jquery/jquery-3.3.1.js

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2791 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a36500e83ddd457e5e41c712041085e300b4f4bb1776488a6393433895ae05ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 226418
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Jun 2022 10:36:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"85855-1654511796172"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: application/javascript;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=31327582
cf-ray: 718a7b9d7a469bf2-FRA
expires: Wed, 07 Jun 2023 04:22:25 GMT

GET
H2 200 overwriteRefererJs Show response
kw493.infusionsoft.app/app/webform/ 202 B
889 B 214ms
173ms Script
text/javascript 2606:4700:4400::ac40:972a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kw493.infusionsoft.app/app/webform/overwriteRefererJs

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:972a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbafd37b04603f38be311dca28a3e5ff54b8117a0bf6b56ba37674367c863dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
vary: accept-encoding
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 google
cache-control: no-cache, no-store
cf-ray: 718a7b9d7d0c5bdd-FRA
expires: Thu, 09 Jun 2022 14:16:03 GMT

GET
H2 200 im-4.png
cf.spybriefing.com/hosted/images/f8/e93897e8f24ac39a5a026063d669ae/ 491 KB
492 KB 91ms
88ms Image
image/png 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/f8/e93897e8f24ac39a5a026063d669ae/im-4.png
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b4337c676312e00f11b5e884489a3d9e4ded93e334ce3ddb551fbf94b22f6e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
cf-cache-status: HIT
age: 1467
cf-polished: origSize=502857
content-length: 502672
last-modified: Tue, 20 Jul 2021 03:25:59 GMT
server: cloudflare
etag: "b7465fe25469a6d31e54fdeec6704d0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7b9ecad89a09-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 closemodal.png
assets.clickfunnels.com/images/ 672 B
1 KB 156ms
112ms Image
image/webp 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.clickfunnels.com/images/closemodal.png

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 58164
cf-polished: origFmt=png, origSize=788
content-disposition: inline; filename="closemodal.webp"
content-length: 672
last-modified: Thu, 26 May 2022 21:52:55 GMT
server: cloudflare
etag: "628ff6b7-314"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 10 Jul 2022 14:16:03 GMT
cache-control: public, max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 718a7b9f08476931-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj: imgq:100,h2pri

GET
H2 200 Carfighting-Story-Lead-2.png
cf.spybriefing.com/hosted/images/dd/e41ea4687a4acbbee3c13d75edc867/ 2 MB
2 MB 107ms
104ms Image
image/png 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/dd/e41ea4687a4acbbee3c13d75edc867/Carfighting-Story-Lead-2.png
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a006127f3ac3af107355ede29826abfa058fd2bf97f5ab9e49e38c36884af8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
cf-cache-status: HIT
age: 1467
cf-polished: origSize=1924576
content-length: 1920498
last-modified: Thu, 23 Dec 2021 19:26:53 GMT
server: cloudflare
etag: "8b20ef304ad4c90d76820a30cc752e7a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7b9ecada9a09-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Exceptional-Performance-Award-2005-768x593.jpg
cf.spybriefing.com/hosted/images/39/149c91952911e88d9e1de1d220cef3/ 44 KB
44 KB 108ms
105ms Image
image/jpeg 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/39/149c91952911e88d9e1de1d220cef3/Exceptional-Performance-Award-2005-768x593.jpg
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dab3de50e1ddfa138a0572ae7f02067f29b23ddead6fcd446114e23cbe558249

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
cf-cache-status: HIT
age: 1467
cf-polished: status=not_needed
content-length: 44753
last-modified: Wed, 01 Aug 2018 01:21:34 GMT
server: cloudflare
etag: "1cf261d5ec31a789026a38d38ce42e39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7b9ecadc9a09-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 coins.jpg
cf.spybriefing.com/hosted/images/44/32080b28ac4f77b35a09b89b84a125/ 46 KB
46 KB 108ms
105ms Image
image/jpeg 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/44/32080b28ac4f77b35a09b89b84a125/coins.jpg
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e7db8a58e717a428cc1ef7503bc697bef2e68751f79e09ecef3bb03599fe747

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
cf-cache-status: HIT
age: 1467
cf-polished: status=not_needed
content-length: 47065
last-modified: Wed, 21 Apr 2021 03:58:40 GMT
server: cloudflare
etag: "6d00e31dfa25c1d45fbc0d4fa87ba860"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7b9ecade9a09-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 im-7.png
cf.spybriefing.com/hosted/images/59/f24834b7a24ba89fd2989d5a09dfca/ 48 KB
49 KB 107ms
104ms Image
image/png 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/59/f24834b7a24ba89fd2989d5a09dfca/im-7.png
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50ef2ba0ac1df3b199f3363b5870074528cda342a6ecead079a0e973705e554d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
cf-cache-status: HIT
age: 1467
cf-polished: origSize=49703
content-length: 49518
last-modified: Tue, 20 Jul 2021 03:41:29 GMT
server: cloudflare
etag: "cf1ffc8b56f3251cca97ae13e49036f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7b9ecadf9a09-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 im-8.png
cf.spybriefing.com/hosted/images/bc/c218ee7a4c4e07b133ff4215491c36/ 90 KB
90 KB 108ms
105ms Image
image/png 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/bc/c218ee7a4c4e07b133ff4215491c36/im-8.png
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 559f7cd9a09fd3e5fecd298149ea6c2cf70a1082e391af9ffe6e70b133ce16c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
cf-cache-status: HIT
age: 1467
cf-polished: origSize=92555, status=webp_bigger
content-length: 92297
last-modified: Tue, 20 Jul 2021 03:42:50 GMT
server: cloudflare
etag: "b5b0460d1d05b450bb810f61c9bbc68f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7b9ecae09a09-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 im-9.png
cf.spybriefing.com/hosted/images/2a/c9392b1fb446a8bf568685d1434c1e/ 665 KB
666 KB 107ms
104ms Image
image/png 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/2a/c9392b1fb446a8bf568685d1434c1e/im-9.png
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2095855bb7d7234482f92598b097576fe0cd42a6145e38d3d1ece32a76433add

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
cf-cache-status: HIT
age: 1467
cf-polished: origSize=680952
content-length: 680767
last-modified: Tue, 20 Jul 2021 03:45:08 GMT
server: cloudflare
etag: "a39c7ad0221fdbd8d44d41ce22f3962d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7b9ecae19a09-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 QDC-BONUS-2.png
cf.spybriefing.com/hosted/images/fa/e66087bb1e43b68e1875d3f2e5fea2/ 271 KB
271 KB 106ms
104ms Image
image/png 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/fa/e66087bb1e43b68e1875d3f2e5fea2/QDC-BONUS-2.png
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8276765a27484dcb04805218f99cfdbaa5256ae24350382f1b187798ff16f75f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
cf-cache-status: HIT
age: 1467
cf-polished: origSize=277440
content-length: 277271
last-modified: Tue, 13 Jul 2021 13:33:50 GMT
server: cloudflare
etag: "f387325bc155effcdbec352edf3c9fea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7b9ecae29a09-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 im-12.png
cf.spybriefing.com/hosted/images/0c/e2b953954c4e959a63b4af34ea5c38/ 247 KB
248 KB 108ms
106ms Image
image/png 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/0c/e2b953954c4e959a63b4af34ea5c38/im-12.png
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f784e4a8bb0cee3ec5be0a59c80631ce8375c1070a7b7b3d9924df6dcbe006f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
cf-cache-status: HIT
age: 1467
cf-polished: origSize=253503
content-length: 253318
last-modified: Tue, 20 Jul 2021 04:34:43 GMT
server: cloudflare
etag: "fc1ebc775a3a4fed8437f3a75f1db5b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7b9ecae39a09-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 im-13.png
cf.spybriefing.com/hosted/images/b3/2d7db65a7e457bbfbe340510f0c566/ 290 KB
291 KB 105ms
103ms Image
image/png 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/b3/2d7db65a7e457bbfbe340510f0c566/im-13.png
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19e30a7d52bf395dc0ab88b8d1fc9f969923c23d3099ab5749a924d6218509dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
cf-cache-status: HIT
age: 1467
cf-polished: origSize=297582
content-length: 297397
last-modified: Tue, 20 Jul 2021 04:55:50 GMT
server: cloudflare
etag: "736098a9d063f1324c6439ba9fa5081e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7b9ecae49a09-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 im-14.png
cf.spybriefing.com/hosted/images/d6/53fc0f64ea4a9f82383775a191739e/ 93 KB
94 KB 107ms
105ms Image
image/png 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/d6/53fc0f64ea4a9f82383775a191739e/im-14.png
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fb3605148bef5e3a620bb845ed7883d8431f4fb95e15203b9451d243ebb28ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
cf-cache-status: HIT
age: 1467
cf-polished: origSize=95794
content-length: 95609
last-modified: Tue, 20 Jul 2021 05:16:44 GMT
server: cloudflare
etag: "7c62d5a0e5820db91e39984907803605"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7b9ecae69a09-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 css
fonts.googleapis.com/ 5 KB
810 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%7CRoboto%7COpen+Sans%7COpen+Sans%7C

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d879cce1d3b8d492e394e9be9e78042509f0d46aac16250c43cace3782a5a55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 14:16:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 09 Jun 2022 14:16:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Jun 2022 14:16:03 GMT

GET
H2 200 lander.js Show response
cf.spybriefing.com/assets/ 2 MB
663 KB 119ms
118ms Script
application/x-javascript 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.spybriefing.com/assets/lander.js

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

025e4337e3c0b187ad9311ba6245f342852379ba27ea3e0ed63b6ad2d13ceb17

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 711
last-modified: Thu, 26 May 2022 21:54:43 GMT
server: cloudflare
etag: W/"628ff723-238a19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 718a7b9eaab29a09-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 09 Jun 2022 14:36:03 GMT

GET
H2 200 mailcheck.min.js Show response
app.clickfunnels.com/ 3 KB
2 KB 142ms
100ms Script
application/x-javascript 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/mailcheck.min.js

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 5645
last-modified: Thu, 26 May 2022 21:52:55 GMT
server: cloudflare
etag: W/"628ff6b7-a8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 718a7b9f0bd95c62-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 pushcrew.js Show response
cf.spybriefing.com/assets/ 637 B
450 B 65ms
64ms Script
application/x-javascript 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.spybriefing.com/assets/pushcrew.js

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 75
last-modified: Thu, 26 May 2022 21:52:54 GMT
server: cloudflare
etag: W/"628ff6b6-27d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 718a7b9ecae99a09-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 09 Jun 2022 14:36:03 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 101ms
59ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://cf.spybriefing.com/
Origin: https://cf.spybriefing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 718a7b9f0e5c909d-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 32ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: sPkxS7aHEBhxz+vsKG0PTcx3lj9rkx6oTJXew8J202na3l1FtlzpOGW5cuFiJhsvZ8yDxpXGhMwTjzx4gJCY8A==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 09 Jun 2022 14:16:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 a1Rnre.js Show response
tag.segmetrics.io/ 75 KB
26 KB 61ms
12ms Script
application/javascript 13.225.78.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.segmetrics.io/a1Rnre.js
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-123.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21c7a27fce9ba250a5907d9af97c2617de9e63ff5495f126322c99743fd4a696

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:33:55 GMT
content-encoding: gzip
last-modified: Sun, 15 May 2022 00:03:05 GMT
server: AmazonS3
age: 42128
etag: W/"d255e66565912d3e5ab61f76a158291b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: MSTEpJGptkD-MCksZNWbkFoFjYAHfrtxkFNggWg42DWdLq2VBknhVA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 329 KB
112 KB 232ms
150ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd2beb84a9ac7aa13c8f4ca265aca0a75bd952f1b646b0a177258cc33cd9d3c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114532
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 14:16:03 GMT

GET
H2 200 main-bg.jpg
cf.spybriefing.com/hosted/images/09/28b200b05911e88deee167a372312d/ 2 KB
2 KB 84ms
83ms Image
image/jpeg 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.spybriefing.com/hosted/images/09/28b200b05911e88deee167a372312d/main-bg.jpg
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e3a28df51924c57892c425cf0e17f6509339c8c90c86f9aa71279d3295e66b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
cf-cache-status: HIT
age: 1467
cf-polished: status=not_needed
content-length: 1570
last-modified: Tue, 04 Sep 2018 15:41:52 GMT
server: cloudflare
etag: "9de988dd02676a54ff16f31f7a576289"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
cf-ray: 718a7b9edaf79a09-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 60cqUPxYThY
www.youtube.com/embed/ Frame BDB3 57 KB
0 187ms
104ms Document
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 09 Jun 2022 14:16:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 151ms
57ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cf.spybriefing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 266365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 12:16:38 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.9.0/webfonts/ 74 KB
74 KB 46ms
29ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Origin: https://cf.spybriefing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:03 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 941823
cf-ray: 718a7b9f181b9122-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75440
x-amz-id-2: e37Vp4a+XdXVcAe98Hhd4PRL5RQNTt7buqXrKYo9KF5DxvVSYOM1bmwO7PgKe0lrAfMOB5PUJiA=
last-modified: Wed, 30 Jun 2021 15:48:27 GMT
server: cloudflare
etag: "b5cf8ae26748570d8fb95a47f46b69e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yaYkyH6Apb27kPvMt1qCMIMllmUbPJ3G%2F%2FW5SxImjRrMF89Il2CUBQE9tbCqtlUNs4PECXqu7VwZB3APqJlsNvJbsK9pBr926%2BJHQpbHxCREC3q47ZqHpNgi2RCHvGF%2Fa3ceq3VV1c42jkscxDZdmX9J"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: QXPKRRCDXR8XHP03
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 16 KB
16 KB 108ms
104ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%7CRoboto%7COpen+Sans%7COpen+Sans%7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cf.spybriefing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 11:57:13 GMT
x-content-type-options: nosniff
age: 267530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16720
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 11:57:13 GMT

GET
H3 200 321845198590810 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 81ms
65ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/321845198590810?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

09ffdb3e6d22186867640de565afd309cde6d1727665826093f161ea4ae0da8e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: FFlRlvI3Nr9p8wJGYPHsXgjH2waCXBoIPlhUYE/HiS6MqecMOFTLK5XmZgamM8f/XA0uPeFyqZekj8NZLUn2Lg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 09 Jun 2022 14:16:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1654784163884
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET www-player.css
www.youtube.com/s/player/d97f25df/ Frame BDB3 0
0

GET www-embed-player.js
www.youtube.com/s/player/d97f25df/www-embed-player.vflset/ Frame BDB3 0
0

GET base.js
www.youtube.com/s/player/d97f25df/player_ias.vflset/de_DE/ Frame BDB3 0
0

GET fetch-polyfill.js
www.youtube.com/s/player/d97f25df/fetch-polyfill.vflset/ Frame BDB3 0
0

GET
H2 200 vendor.js Show response
cf.spybriefing.com/ 18 KB
6 KB 40ms
39ms Script
application/javascript 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.spybriefing.com/vendor.js

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 36
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 200 OK
x-request-id: b773230f29152b13cab0b0c00a94d7fc
x-runtime: 0.014372
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, public
access-control-allow-credentials: true
cf-ray: 718a7ba219599a09-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: fresh

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 162 KB
53 KB 75ms
37ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f60126adef3f76bf6db4a26fd70b1c2d7c758d3307866883ac7bcf0a456b9aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93657
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Apr 2022 08:24:39 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"28691-5dce97dc888a0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OiWtrNQqhl8EmkzK%2BPq4zMm0O1tCtj%2FVtLNW%2BB6hWdfBO9Q%2FeiIxhMVw2g1XlFxSdTppQIK9lGkxLML1%2Fuys%2F%2F9UTzpK76fDGqMI4XZ7f1h3NbV939QJmRQHZAe4813cYmdgsu532oFiYilXH7qgv8g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding,User-Agent
cache-control: max-age=2678400
access-control-allow-credentials: true
cf-ray: 718a7ba25b2d9b22-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,C$
expires: Fri, 08 Jul 2022 12:15:06 GMT

GET /
track.addevent.com/atc/ 0
0

GET KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BDB3 0
0

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
310 B 579ms
541ms XHR
text/html 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=R1NlZ1h4YjB4TFh3T25ucXYzWm5oQT09LS1EY2FNOTJJaFBWdzdTNVp0c0JQL0hRPT0%3D--17ed425227a25116fd086ad6d264666246e82f6c&page_id=RkFRK0tMeXQyMktCWlNnUlU1N25OZz09LS1yeEdvWkhxTnA1bVVtcFlHQXpHNVJ3PT0%3D--ae11c1a261957075f63748a09a37326869a44c8d&funnel_step_id=NW5pamc4VGZXY0dsZVVkd3h2OTZRUT09LS1Kb29ybVErZzY5WHJzK2xoclUyQU13PT0%3D--1c5ea1025c527ee9609df484d170974085a7e00e&user_id=emJWZjZETENBdWk1VnNTVEdEVE5NQT09LS02SE5RdCtCR29oVldYaXYzNmhoKzBnPT0%3D--c6ad58981323a84fdbf90cd08856d8731c556a0f&account_id=MjVTY0FMSHBhdVdsa1FaUWYxNXl0QT09LS0xd1NHQkt3a1lpQlNzNGFoUjRUMUFRPT0%3D--7efd73c4fca8745064d0b03d52793549e070ebbf&page_code=NDk3NzkxNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=0b27f280-3f04-4eab-b9ef-5bd90a5198ec&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:04 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: 5c8f410efc7710368c9e5aaed73fcf53
x-runtime: 0.033083
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 718a7ba359655c02-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
812 B 298ms
262ms XHR
text/html 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=R1NlZ1h4YjB4TFh3T25ucXYzWm5oQT09LS1EY2FNOTJJaFBWdzdTNVp0c0JQL0hRPT0%3D--17ed425227a25116fd086ad6d264666246e82f6c&page_id=RkFRK0tMeXQyMktCWlNnUlU1N25OZz09LS1yeEdvWkhxTnA1bVVtcFlHQXpHNVJ3PT0%3D--ae11c1a261957075f63748a09a37326869a44c8d&funnel_step_id=NW5pamc4VGZXY0dsZVVkd3h2OTZRUT09LS1Kb29ybVErZzY5WHJzK2xoclUyQU13PT0%3D--1c5ea1025c527ee9609df484d170974085a7e00e&user_id=emJWZjZETENBdWk1VnNTVEdEVE5NQT09LS02SE5RdCtCR29oVldYaXYzNmhoKzBnPT0%3D--c6ad58981323a84fdbf90cd08856d8731c556a0f&account_id=MjVTY0FMSHBhdVdsa1FaUWYxNXl0QT09LS0xd1NHQkt3a1lpQlNzNGFoUjRUMUFRPT0%3D--7efd73c4fca8745064d0b03d52793549e070ebbf&page_code=NDk3NzkxNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=cfc9e8c6-0852-4395-8e87-d9ecf9b72465&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:04 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: e22ff553b702e80996f6d429ae6b0894
x-runtime: 0.040897
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 718a7ba359685c02-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
307 B 314ms
278ms XHR
text/html 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=R1NlZ1h4YjB4TFh3T25ucXYzWm5oQT09LS1EY2FNOTJJaFBWdzdTNVp0c0JQL0hRPT0%3D--17ed425227a25116fd086ad6d264666246e82f6c&page_id=RkFRK0tMeXQyMktCWlNnUlU1N25OZz09LS1yeEdvWkhxTnA1bVVtcFlHQXpHNVJ3PT0%3D--ae11c1a261957075f63748a09a37326869a44c8d&funnel_step_id=NW5pamc4VGZXY0dsZVVkd3h2OTZRUT09LS1Kb29ybVErZzY5WHJzK2xoclUyQU13PT0%3D--1c5ea1025c527ee9609df484d170974085a7e00e&user_id=emJWZjZETENBdWk1VnNTVEdEVE5NQT09LS02SE5RdCtCR29oVldYaXYzNmhoKzBnPT0%3D--c6ad58981323a84fdbf90cd08856d8731c556a0f&account_id=MjVTY0FMSHBhdVdsa1FaUWYxNXl0QT09LS0xd1NHQkt3a1lpQlNzNGFoUjRUMUFRPT0%3D--7efd73c4fca8745064d0b03d52793549e070ebbf&page_code=NDk3NzkxNzc%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=50123209-8e4c-46c0-9ca6-3a91fba7085d&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:04 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: 7dcd9ec6fb97fd6d826911a6e8569aac
x-runtime: 0.059637
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 718a7ba359665c02-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H3 200 iframe_api Show response
www.youtube.com/ 980 B
514 B 55ms
55ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/lander.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46f9d86045547e75575813d1014a355655ea9428ceea6df6ece84a9d6ff30c26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 09 Jun 2022 14:16:04 GMT

GET
H3 200 60cqUPxYThY Show response
www.youtube.com/embed/ Frame 0DB1 57 KB
24 KB 83ms
83ms Document
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/lander.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e21daebd8890f3fdfd7ca9ff810758531241c8d2b6f8834724e226bf58244a28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 09 Jun 2022 14:16:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 24ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=321845198590810&ev=PageView&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&rl=&if=false&ts=1654784164464&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1654784164462.1864218222&it=1654784163806&coo=false&exp=p1&rqm=GET

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 09 Jun 2022 14:16:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-164010868-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2478
date: Thu, 09 Jun 2022 13:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 09 Jun 2022 15:34:46 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 119ms
49ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-459873033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15069
x-xss-protection: 0
server: cafe
etag: 11223643544955582496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Jun 2022 14:16:04 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 198 KB
70 KB 136ms
56ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1YZK2FN9X9&l=cDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba8d74863aaa6b9eb44878b9c505cfdea99cb30c4f46ce0e6adcaef96af9b146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71873
x-xss-protection: 0
expires: Thu, 09 Jun 2022 14:16:04 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 45ms
10ms Script
application/javascript 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:04 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 16 Jun 2022 14:16:04 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 197ms
132ms Script
application/javascript 2a02:26f0:6c00:298::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:298::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 C4F968F0-90C1-4C34-89CF-15D8B4DE20B8.js Show response
ndn.statistinamics.com/cstnxtm/ 498 B
631 B 318ms
96ms Script
application/javascript 67.205.176.157
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ndn.statistinamics.com/cstnxtm/C4F968F0-90C1-4C34-89CF-15D8B4DE20B8.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.205.176.157 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: statistinamics.com
Software: openresty /
Resource Hash: d093eeff8b86d94c0f65ea0b61fe2d1e84a43c99e3a3d0d1c8a683933c768e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:04 GMT
cache-control: max-age=0
server: openresty
content-type: application/javascript
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK tag_gen.js Show response
a.exoclick.com/ 1 KB
959 B 78ms
16ms Script
application/javascript 2001:4de0:ac19::1:b:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.exoclick.com/tag_gen.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 07d5e5f440ca5ac95ca64e9e9bfd61f0feece6a0e7c3c0f5a42d673da490c7d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:16:04 GMT
Content-Encoding: gzip
Server: nginx
etag: W/"599a9242165611ea099e1938f18"
X-HW: 1654784164.dop136.am5.t,1654784164.cds310.am5.shn,1654784164.dop136.am5.t,1654784164.cds118.am5.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 521

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 15 KB
5 KB 176ms
130ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1654784164526
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8098c6938d10947bf06e59e59b684daf1ef70c1e520bd7e6d4d85e28ee94f00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 038b079b-1b9b-4b14-818f-8c0fb2de6109
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 718a7ba49ca1921d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare

GET
H2 200 mgsensor.js Show response
a.adskeeper.co.uk/ 15 KB
5 KB 178ms
131ms Script
application/javascript 104.18.26.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.adskeeper.co.uk/mgsensor.js?d=1654784164526
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2132a4328a5491a19eaa05be8842450315c338ed54cbcf4009c77e10fd56307

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:04 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 09 Jun 2022 14:16:04 GMT
x-mg-request-uuid: 31bbc2e1-2d01-42ef-848b-ca3f9d7f3ff9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 718a7ba49cc95b74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expires: Thu, 09 Jun 2022 18:16:04 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 21 KB
8 KB 53ms
24ms Script
application/javascript 13.225.77.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-245.fra2.r.cloudfront.net
Software: CloudFront /
Resource Hash: 9fe8a8e2261e527d5b294b5cd8781b93cecf8223e22ba45630345578599cf308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:04 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA2-C2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 7452
via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
x-amz-cf-id: jo9DuDOn9U6XWr-Ft-BsSZpIyl5xqR8cf0JPdYLxllxcFITgEUqQbg==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 146 KB
42 KB 154ms
116ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 216164d79ec2c38d34fd4e09557abc30fb551386332a294cbdf48b8a0225f44c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-akamai-request-id: 58e787ff.3aede8d9
date: Thu, 09 Jun 2022 14:16:04 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a104-96-220-36.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 98,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=10, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 2022060914160401000400500600303112CC7A1E
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,104.96.220.36
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3142f8ab15ab7a021cd2977a0da63940de45a59e51813a7e3da9cd5773b72e2b039be5c63763d174546070da0b284aaa77e0e2ed691fb1f60d43674a0caa63a98df244a46ba38897f455d29c3131861aa496e08474d1224f765c0fc74f26e2461
expires: Thu, 09 Jun 2022 14:16:04 GMT

GET
H2 200 conv.js Show response
web.adblade.com/js/ads/async/ 565 B
509 B 299ms
96ms Script
application/javascript 52.45.50.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://web.adblade.com/js/ads/async/conv.js
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/lander.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.50.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-50-106.compute-1.amazonaws.com
Software: /
Resource Hash: 116e677ce1f72ac9525e2e6cd8d26a005c4dd4ba515fb8309023b2f0a2b3397a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:04 GMT
content-encoding: gzip
content-type: application/javascript; charset=UTF-8

GET
H/1.1 400
Bad Request postback
visit.prayfashion.com/ 0
0 86ms
15ms Image
application/json 85.17.54.17
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visit.prayfashion.com/postback?clickid=undefined&type=RT_View_Content
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 85.17.54.17 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H/1.1 404
Not Found postback
visit.prayfashion.com/ 0
0 69ms
21ms Image
application/json 85.17.54.17
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visit.prayfashion.com/postback?clickid=null&type=RT_View_Content&gtmcb=785652262
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 85.17.54.17 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H2 200 imps.php
pixel.adblade.com/ 43 B
362 B 301ms
97ms Image
image/gif 34.202.133.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.adblade.com/imps.php?sgms=18028

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.133.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-202-133-253.compute-1.amazonaws.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="http://www.adblade.com/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-vendor: Adiant LLC | Adiant | http://www.adiant.com
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
x-xss-protection: 1; mode=block

GET
H2 200 beacon
r.turn.com/r/ 43 B
398 B 116ms
30ms Image
image/gif 2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?b2=KPANJjDjVHhDAfytnJEyTA8FukT5N393lmvJwNpKK7_6hJpIghfb409_LNc9xlydBXybU_N7H6Fx2I53UJoQfQ&cid=
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:03 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

blank.gif
rdcdn.com/images/
Redirect Chain

https://rdcdn.com/rt?aid=19177&e=1&img=1
https://rdcdn.com/eow
https://rdcdn.com/images/blank.gif

42 B
198 B

101ms
100ms

Image
image/gif

44.196.167.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdcdn.com/images/blank.gif
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Server: 44.196.167.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-167-20.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:05 GMT
last-modified: Thu, 23 Dec 2021 21:40:22 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "0e70b045f8d71:0"
content-length: 42
content-type: image/gif

Redirect headers

date: Thu, 09 Jun 2022 14:16:05 GMT
x-aspnetmvc-version: 4.0
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-type: text/html; charset=utf-8
location: https://rdcdn.com/images/blank.gif
cache-control: private
content-length: 151

GET
H2 200 rev.js Show response
assets.revcontent.com/master/ 26 KB
10 KB 61ms
19ms Script
application/x-javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/rev.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP3XJLJ&l=cDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 894694eee28fc463a83875d519e70afaf5f40ac7c042d6114c4ee86d156b4067

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:04 GMT
content-encoding: gzip
last-modified: Wed, 09 Oct 2019 15:23:49 GMT
server: AmazonS3
x-amz-request-id: R8Q7ENC3391KEWPD
etag: "46482d4733f3f6c1f93601a6274bc264"
x-hw: 1654784164.cds207.am5.hn,1654784164.cds128.am5.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 9617
x-amz-id-2: /5y0iCVM8uRb6LFilxY48ZiRiO7sNtRXOaNpyaAK4yC4rfm5NYEihz5mCqUyOYVEuG91wIs0yQ4=

GET
H3 200 www-player.css
www.youtube.com/s/player/d97f25df/ Frame 0DB1 338 KB
46 KB 40ms
39ms Stylesheet
text/css 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d97f25df/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a8aed2402fa5b8c06158b9712611bcb35bfa05512e69dca5647fd43a712c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 15:52:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47569
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 00:20:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 08 Jun 2023 15:52:31 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/d97f25df/www-embed-player.vflset/ Frame 0DB1 303 KB
94 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d97f25df/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc5861e1b68d39ff2658b154db037e0ab20aeb049bfb251221afee115ea54c31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 15:52:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95976
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 00:20:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 08 Jun 2023 15:52:31 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/d97f25df/player_ias.vflset/de_DE/ Frame 0DB1 2 MB
533 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d97f25df/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49ceed1873b2c802ce86b551569c99ad4000f63a197a991d1521514ecbd84ca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 15:52:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 546126
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 00:20:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 08 Jun 2023 15:52:31 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d97f25df/fetch-polyfill.vflset/ Frame 0DB1 9 KB
3 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d97f25df/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 15:52:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 00:20:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 08 Jun 2023 15:52:31 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0DB1 15 KB
15 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 162563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Jun 2023 17:06:41 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/d97f25df/www-widgetapi.vflset/ 158 KB
51 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d97f25df/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29fcbc25a1308651702f73d6d3b4d8c2c303ae8305e9bcae3ddf2ecad32e144d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 13:57:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52368
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 00:20:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 09 Jun 2023 13:57:53 GMT

POST
H2 200 collect
track.segmetrics.io/ 43 B
622 B 160ms
127ms Ping
image/gif 2606:4700:20::681a:5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.segmetrics.io/collect?t=view&r=&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&v=2&a=a1Rnre&i=5374&uid=01G54D50QFQ358ZBYRWSFSZ3R5&fp=3140b01e4c735b2eb3cbfc1f9a617e47&mt=%7B%22fbp%22%3A%22fb.1.1654784164462.1864218222%22%7D
Requested by: Host: tag.segmetrics.io
URL: https://tag.segmetrics.io/a1Rnre.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:04 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouM8U7vOH3UBWhJi3eYEhLx77VOnmZsQVIlcpIgbHQ4AA2Ql8ome8AtwXv6X1DW8Gz0ud8oKsVNibHLlUoe6%2BaKt2K5LlKvX1KjnDDxSevl1N3RJ8wLhJSPo2SA6P4H9cAKH4v1Y6TEMQdkFsjBCGac%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
cf-ray: 718a7ba5abc89975-FRA
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 rules-p-N9U2JGvJG8HTY.js Show response
rules.quantcount.com/ 2 B
351 B 72ms
10ms Script
application/javascript 2600:9000:20eb:2c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-N9U2JGvJG8HTY.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 13:51:37 GMT
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
server: AmazonS3
age: 1466
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
content-length: 2
x-amz-cf-id: sl4gsu-y8xctKAf628xbMFnn4trx3keWRmg_zrKZ8RSoig5WvxiNew==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/459873033/ 2 KB
2 KB 134ms
50ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/459873033/?random=1654784164629&cv=9&fst=1654784164629&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&tiba=Carfighting%20Video&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e95064d178bcf827a4579e68aa03a902d91f6bc66eac7f9e272bcfed9cec863a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1063
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10864675517/ 2 KB
1 KB 134ms
51ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10864675517/?random=1654784164632&cv=9&fst=1654784164632&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&tiba=Carfighting%20Video&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf492e18113596c9f8f09abaaac12b6963a4d154ae02f20e04f1275120cc89f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1044
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 140ms
61ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1477329845&t=pageview&_s=1&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&ul=en-us&de=UTF-8&dt=Carfighting%20Video&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=873171665&gjid=1094281562&cid=117376602.1654784165&tid=UA-164010868-2&_gid=68103986.1654784165&_r=1&gtm=2ou660&z=178740555

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cf.spybriefing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 133ms
59ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1477329845&t=pageview&_s=1&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&ul=en-us&de=UTF-8&dt=Carfighting%20Video&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=144360655&gjid=1905773894&cid=117376602.1654784165&tid=UA-217947897-1&_gid=68103986.1654784165&_r=1&gtm=2wg660KP3XJLJ&z=1514004136

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cf.spybriefing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
480 B 70ms
22ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=dcac7434-c37f-428b-b940-285ccbce8757

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

40c5a0b55c7388ca4e499a0d3b42fc8c1895c9a3bbd4968f4c9d0d6ec2774b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:04 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://cf.spybriefing.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 64 B
150 B 71ms
23ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=dcac7434-c37f-428b-b940-285ccbce8757&tld=com

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

58a1eb62728fc1e7bd7ad259d095189c0c4707b2d9077eacb11c36bf5886e6b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:04 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://cf.spybriefing.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 5575 0
294 B 61ms
22ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=dcac7434-c37f-428b-b940-285ccbce8757

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 09 Jun 2022 14:16:04 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 0DB1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

127ms
46ms

XHR
application/json

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7e65d3003acd5423b82e3b81783dc62c180804a0e22181996d6705232a19b7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 09 Jun 2022 14:16:04 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 0DB1 29 B
588 B 120ms
39ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d97f25df/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:09:58 GMT
x-content-type-options: nosniff
age: 366
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Jun 2022 14:24:58 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 116ms
116ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-akamai-request-id: 3aedec2b
date: Thu, 09 Jun 2022 14:16:04 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=5, origin; dur=104
content-length: 30853
pragma: no-cache
server: nginx
x-tt-logid: 20220609141604010004003007735002064007A66A6
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 104,23.36.161.204
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc363c81a985446a2d9c4a5d0a50967c170a56324f9d2fdfc4047319f51d8b9d4c8a35b3985ceede9762fb5004faaa7ab91fa2ae4fda0ae178bc331b2d200eebb26f642d01d44a86601a1a1ba6f6eef5537
expires: Thu, 09 Jun 2022 14:16:04 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
723 B 441ms
441ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 286a625d.3aedecb3
date: Thu, 09 Jun 2022 14:16:05 GMT
x-cache-remote: TCP_MISS from a23-194-131-220.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 432,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=83, origin; dur=349, inner; dur=339
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022060914160401000200600500500600300508D0B1E5
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 350,23.194.131.220
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3142f8ab15ab7a021cd2977a0da63940dc16bddb4f7b2c89a7d086d6d5a7b30829c9fc7f40d616fd49bc20183f490b70be27f9c6308f8990aacf502b1c03f50c0188c90eb08c2cc884405acb359c488c6ce44080fb497fa8a57627a6712d230f1
expires: Thu, 09 Jun 2022 14:16:05 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
719 B 248ms
248ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 496d30ef.3aedecbc
date: Thu, 09 Jun 2022 14:16:05 GMT
x-cache-remote: TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 236,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=143, inner; dur=139
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022060914160401000200300200500600301111E6131F
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 143,23.220.104.8
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3142f8ab15ab7a021cd2977a0da63940db7c35c96dce8ea6bd76d5e88af0f226bcb1311e811ea32237bb0a9081e76e2f6b3f17db1cc1c55610f7420af3f7a0925fdaaa04d9bc39cd5dcea824d1907e5ba3a98100c65fd495fc9a9e441d082c7d2
expires: Thu, 09 Jun 2022 14:16:05 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
721 B 270ms
270ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 496d2e7d.3aedecc1
date: Thu, 09 Jun 2022 14:16:05 GMT
x-cache-remote: TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 257,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=170, inner; dur=163
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202206091416040100020060050050060030090EE6497C
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 170,23.220.104.8
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3142f8ab15ab7a021cd2977a0da63940db7c35c96dce8ea6bd76d5e88af0f226b5642654c372241121b6f04cf1f4a185de135315827e52e34c8e175c0504b8c6c4ec9d4adf6d408eb58e11454b614ca0fe239fd9092999d46b37421600d2c0882
expires: Thu, 09 Jun 2022 14:16:05 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
578 B 253ms
252ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:05 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220609141604010002045007735002015057BAC87
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 241,23.36.161.204
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc363c81a985446a2d9c4a5d0a50967c170f1db748e2967ae143150e17b052bc64b7a2617643797fe4df87e72828de38e407bf22a727e8518117ddf14e96affd4c71c781b7b0d69f8d106dac7af42427fce
server-timing: inner; dur=149, cdn-cache; desc=MISS, edge; dur=0, origin; dur=241
x-akamai-request-id: 3aedecc3
content-length: 0
expires: Thu, 09 Jun 2022 14:16:05 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
726 B 239ms
239ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 55668b9f.3aedeccb
date: Thu, 09 Jun 2022 14:16:05 GMT
x-cache-remote: TCP_MISS from a23-194-131-148.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 216,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=84, origin; dur=132, inner; dur=123
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202206091416040100020076370040050060030290DD854A5
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 132,23.194.131.148
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3142f8ab15ab7a021cd2977a0da63940d29d877f446f7f71d75a520f4eddf2182196e1e1bf6bbae70b0443223b92be088ebe878bb65bd4b3f671a3dd6903c97eebf09825e0952390d5bc800beb0bc2bfc1168f8135e9c2109fe0ae08830971809
expires: Thu, 09 Jun 2022 14:16:05 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
723 B 536ms
536ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 55668b95.3aedeccd
date: Thu, 09 Jun 2022 14:16:05 GMT
x-cache-remote: TCP_MISS from a23-194-131-148.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 521,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=432, inner; dur=426
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022060914160401000200600500500600300502D184A7
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 432,23.194.131.148
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3142f8ab15ab7a021cd2977a0da63940d29d877f446f7f71d75a520f4eddf2182b740d9d1a30affc5ece4eeeae8a8e83449e152b10a7702d111850e8cc20cfb5875b5ba607577f25b885daf9f18c3895e818e64bb6238063097b7802d8697b5ee
expires: Thu, 09 Jun 2022 14:16:05 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 868 B
1 KB 113ms
113ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C86L4GL8U2K62KB9IPVG&hostname=cf.spybriefing.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2e08628dfbdeb5fe6ccc883c071f5fc3da5b9f94f2747d9352d2ae91261bb9cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-akamai-request-id: 709ce92f.3aedecd2
date: Thu, 09 Jun 2022 14:16:04 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 99,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=10, inner; dur=4
content-length: 346
pragma: no-cache
server: nginx
x-tt-logid: 20220609141604010002006005005006003047060B996F
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,23.220.104.19
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3142f8ab15ab7a021cd2977a0da63940dc6627e7991e3faab8a7fc6bfa3c712a8bc93962dab03cd8c1fdfd8db60bf13167369444c111bff313653f66bc2adb3f266442cb36733c120a15ecafdea2d1ad3b610ed1d197076d43990acb21229464c
expires: Thu, 09 Jun 2022 14:16:04 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
578 B 357ms
357ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:05 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202206091416040100040030077350020640E78E5F1
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 319,23.36.161.204
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc363c81a985446a2d9c4a5d0a50967c170a56324f9d2fdfc4047319f51d8b9d4c8a2d3cdf89aaa5149d0fc0d46d46eb77ae19d0ca3c2a7b459c4aca2b1dbd77c7aab87e50c601ed68de47d6f10b3dbf3c4
server-timing: inner; dur=177, cdn-cache; desc=MISS, edge; dur=9, origin; dur=319
x-akamai-request-id: 3aedecd8
content-length: 0
expires: Thu, 09 Jun 2022 14:16:05 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
720 B 357ms
357ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 496d2e6c.3aedece7
date: Thu, 09 Jun 2022 14:16:05 GMT
x-cache-remote: TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 320,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=138, origin; dur=187, inner; dur=175
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202206091416040100040040077350020040C77F3C5
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 187,23.220.104.8
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3142f8ab15ab7a021cd2977a0da63940db7c35c96dce8ea6bd76d5e88af0f226b43f8fe78f66b6c605f7bf6df0bbf6f88c50b991b277b5ebbd0867a8bc73dc37aaab8f6b7d650f546a2a2a89ebefb3fbea4e678264a09c5d8891766f0c42a25c0
expires: Thu, 09 Jun 2022 14:16:05 GMT

POST
H3 200 p Show response
tr.snapchat.com/ Frame 481C 0
17 B 44ms
27ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://cf.spybriefing.com
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://cf.spybriefing.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Thu, 09 Jun 2022 14:16:04 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-217947897-1&cid=117376602.1654784165&jid=144360655&gjid=1905773894&_gid=68103986.1654784165&_u=YEDAAUABAAAAAC~&z=1361432400

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 09 Jun 2022 14:16:04 GMT
content-type: text/plain
access-control-allow-origin: https://cf.spybriefing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 59ms
20ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-164010868-2&cid=117376602.1654784165&jid=873171665&gjid=1094281562&_gid=68103986.1654784165&_u=YEBAAUAAAAAAAC~&z=893015168

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 09 Jun 2022 14:16:04 GMT
content-type: text/plain
access-control-allow-origin: https://cf.spybriefing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 129ms
45ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 09 Jun 2022 14:16:04 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0DB1 62 KB
29 KB 138ms
55ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d97f25df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d137e76bbcc453015802e5863586806e8a3a8bd380d7c94138aa94b04a4a5ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 09 Jun 2022 14:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 29244
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 0DB1 0
19 B 47ms
47ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?cpn=EPzuZKuJMBOPA95J&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24135310%2C24135692%2C24167177%2C24169501%2C24185142%2C24197275%2C24198981%2C24199709%2C24201985%2C24228609&cl=453540898&seq=1&event=streamingstats&docid=60cqUPxYThY&cbr=Chrome&cbrver=102.0.5005.61&c=WEB_EMBEDDED_PLAYER&cver=1.20220607.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d97f25df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
X-YouTube-Client-Version: 1.20220607.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt1SUd2c0VtdWhRNCikgYiVBg%3D%3D
X-YouTube-Ad-Signals: dt=1654784164731&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:04 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/d97f25df/player_ias.vflset/de_DE/ Frame 0DB1 27 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d97f25df/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d97f25df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a831d3198216e96fc92c2e6b702c90fdb0e325e599e1f139176004654183a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 15:52:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8050
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 00:20:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 08 Jun 2023 15:52:33 GMT

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 123ms
123ms Script
application/javascript 2a02:26f0:6c00:298::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:298::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18298
access-control-expose-headers: X-CDN

GET
H2 200 pixel;r=291839522;source=gtm;rf=0;a=p-N9U2JGvJG8HTY;url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778;uht=2;fpan=1;fpa=P0-1899501173-1654784164968;pbc=;ns=0;ce=1;...
pixel.quantserve.com/ 35 B
371 B 50ms
15ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=291839522;source=gtm;rf=0;a=p-N9U2JGvJG8HTY;url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778;uht=2;fpan=1;fpa=P0-1899501173-1654784164968;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=spybriefing.com;je=0;sr=1600x1200x24;dst=0;et=1654784164968;tzo=0;ogl=image.%2Ctitle.Carfighting%20Video%2Cdescription.description%20for%20your%20awesome%20landing%20page%2Curl.https%3A%2F%2Fcf%252Espybriefing%252Ecom%2Fsales-page-4977917816267594971791630527983778%2Ctype.website

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:05 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 1x1.gif
a.mgid.com/ 43 B
273 B 159ms
120ms Image
image/gif 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=697885&type=c&tg=&r=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1654784164975
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 718a7ba75bf09a3b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=321845198590810&ev=Microdata&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&rl=&if=false&ts=1654784164977&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Carfighting%20Video%22%2C%22meta%3Adescription%22%3A%22description%20for%20your%20awesome%20landing%20page%22%2C%22meta%3Akeywords%22%3A%22nodo%2C%20landing%20page%2C%20editor%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%22%2C%22og%3Atitle%22%3A%22Carfighting%20Video%22%2C%22og%3Adescription%22%3A%22description%20for%20your%20awesome%20landing%20page%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=1&o=30&fbp=fb.1.1654784164462.1864218222&it=1654784163806&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 09 Jun 2022 14:16:04 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 167ms
76ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-217947897-1&cid=117376602.1654784165&jid=144360655&_u=YEDAAUABAAAAAC~&z=1974723753

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 163ms
72ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-217947897-1&cid=117376602.1654784165&jid=144360655&_u=YEDAAUABAAAAAC~&z=1974723753

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 200ms
109ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-164010868-2&cid=117376602.1654784165&jid=873171665&_u=YEBAAUAAAAAAAC~&z=1516282716

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 163ms
73ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-164010868-2&cid=117376602.1654784165&jid=873171665&_u=YEBAAUAAAAAAAC~&z=1516282716

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/459873033/ 42 B
548 B 145ms
55ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/459873033/?random=1654784164629&cv=9&fst=1654783200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&tiba=Carfighting%20Video&async=1&fmt=3&is_vtc=1&random=1405827363&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/459873033/ 42 B
108 B 143ms
54ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/459873033/?random=1654784164629&cv=9&fst=1654783200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&tiba=Carfighting%20Video&async=1&fmt=3&is_vtc=1&random=1405827363&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10864675517/ 42 B
108 B 148ms
59ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10864675517/?random=1654784164632&cv=9&fst=1654783200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&frm=0&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&tiba=Carfighting%20Video&async=1&fmt=3&is_vtc=1&random=2068588328&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10864675517/ 42 B
548 B 142ms
53ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10864675517/?random=1654784164632&cv=9&fst=1654783200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&frm=0&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&tiba=Carfighting%20Video&async=1&fmt=3&is_vtc=1&random=2068588328&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 C4F968F0-90C1-4C34-89CF-15D8B4DE20B8.js Show response
ndn.statistinamics.com/cstnxtm/ 114 B
432 B 115ms
115ms Script
application/javascript 67.205.176.157
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ndn.statistinamics.com/cstnxtm/C4F968F0-90C1-4C34-89CF-15D8B4DE20B8.js?_uuid=20129b14-31ac-489d-b07c-20c40be17999&lsgrg=&l=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&r=
Requested by: Host: ndn.statistinamics.com
URL: https://ndn.statistinamics.com/cstnxtm/C4F968F0-90C1-4C34-89CF-15D8B4DE20B8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.205.176.157 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: statistinamics.com
Software: openresty /
Resource Hash: 35bca1f8707527adec38ae802db6c521d4b8c5eaed78408165f40257a41181c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:05 GMT
cache-control: max-age=0
server: openresty
content-type: application/javascript
etag: 86318F4C-6E03-404F-B815-7DEFC51ED1D1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 orders_t.php
web.adblade.com/ 43 B
352 B 108ms
107ms Image
image/gif 52.45.50.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.adblade.com/orders_t.php?id=63904&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&rnd=1654784164987

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.50.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-50-106.compute-1.amazonaws.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="http://www.adblade.com/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-vendor: Adiant LLC | Adiant | http://www.adiant.com
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
x-xss-protection: 1; mode=block

GET
H2 200 773c9580-7340-013a-c4ab-06a60fe5fe77 Show response
tag.simpli.fi/sifitag/ 3 KB
4 KB 76ms
22ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/773c9580-7340-013a-c4ab-06a60fe5fe77?referer=

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/lander.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

b5027926c44361f7719bdbbd6a0fb781e13842229b6ca68e38732b6fa40c6aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Thu, 09 Jun 2022 14:16:05 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3101
x-request-id: Fvb5bkOteunlYc0LuVJB
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 1x1.gif
a.adskeeper.co.uk/ 43 B
358 B 174ms
145ms Image
image/gif 104.18.26.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.adskeeper.co.uk/1x1.gif?id=697873&type=c&tg=&r=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1654784164997
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:05 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Jun 2022 14:16:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 718a7ba76b2a68fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 09 Jun 2022 18:16:05 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
724 B 391ms
391ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 30efd8d1.3aedeecd
date: Thu, 09 Jun 2022 14:16:05 GMT
x-cache-remote: TCP_MISS from a23-220-104-24.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 383,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=294, inner; dur=285
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022060914160501000200763700400500600302904CE0389
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 294,23.220.104.24
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3142f8ab15ab7a021cd2977a0da63940d4fd914cdf8a633f198c770d89584015bc1ed14b88d3d7865217b9db56a299b53117f00ccb2b1be8a32f605cf78c26078f7e6bdfba65de0d317c511ea161481a52978133f7d340e153d67f21f57cf234b
expires: Thu, 09 Jun 2022 14:16:05 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
576 B 231ms
230ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:05 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202206091416050100020030050060030050302591B
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 212,23.36.161.204
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc363c81a985446a2d9c4a5d0a50967c17055e33b53c29301f473f5f43736daf28283cf472d6fb602645d5dad30001659a6ff6804e65a30eb65d4ce6ca68fb86bcd157996656fff26fc37960545a21840e9
server-timing: inner; dur=91, cdn-cache; desc=MISS, edge; dur=8, origin; dur=212
x-akamai-request-id: 3aedeefc
content-length: 0
expires: Thu, 09 Jun 2022 14:16:05 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
716 B 181ms
180ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C86L4GL8U2K62KB9IPVG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 709cf071.3aedef07
date: Thu, 09 Jun 2022 14:16:05 GMT
x-cache-remote: TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 148,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=150, origin; dur=14, inner; dur=11
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202206091416050100040030077350020650878ABF9
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,23.220.104.19
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3142f8ab15ab7a021cd2977a0da63940dc6627e7991e3faab8a7fc6bfa3c712a8e878cc9a86d830c4e5dce57a4e924d4d89c278fd11f51558aa1e1995a645dadecc30aa1604a6ea72e28924569894ecd18065452433f2dcabe4750795727745f4
expires: Thu, 09 Jun 2022 14:16:05 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 488 B
582 B 85ms
38ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613287533480&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&cb=1654784165098
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:05 GMT
content-encoding: gzip
referrer-policy: origin
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cf.spybriefing.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
pin-unauth: dWlkPU1EVTVNbUl5TmpNdE16VXpOeTAwTlRCbExXSXhaakV0TW1VME5UZGpNbU5sTW1JNQ
x-pinterest-rid: 4324629169814469
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
content-length: 350
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
247 B 79ms
35ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2613287533480&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1654784165101
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:05 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 3740032874569451
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 523 B
643 B 62ms
15ms Script
application/javascript 178.250.2.140
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=94432

Requested by

Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/lander.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.140 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bd3e45dfb07a6cd3921b569d6d4dbcdb9b2141f7edc082873f1264d085aaace8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:04 GMT
content-encoding: br
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 68ms
31ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=94432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

dfc6678e3b812f3097334f84e4f7ed816c8339cd0f1a5e5b90281e8c3374d463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:05 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 05:07:22 GMT
server: nginx
etag: W/"6295a28a-a708"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Jun 2022 14:16:05 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/LIAFGQD4BJCQNANH5CBFII/ 61 KB
19 KB 50ms
15ms Script
text/javascript 2600:9000:20eb:ba00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/LIAFGQD4BJCQNANH5CBFII/roundtrip.js
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ba00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b86f968c4fa9d19bf131438f816036b7accf12cd726ab2ed05d04a96869b6010

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Amz-Version-Id: OTD4ochIc0HBVTZa.v4EPSzNs3CR4.OW
Content-Encoding: gzip
Etag: W/"33f658a1fb2efb35727c4dbf54cceb51"
Age: 1467
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Jun 2022 22:29:06 GMT
Server: AmazonS3
Date: Thu, 09 Jun 2022 13:51:39 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA2-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: gSYDxTPGX4BdqUckGpM--957qgpA2xXtiQiMAeW9kXgJcMZkcRz0zw==

GET
H2 200 357-22803.js Show response
m.revmizer.com/ 0
0 596ms
68ms Script
text/html 91.195.240.87
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.revmizer.com/357-22803.js?id=22803&m=357
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.195.240.87 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 61ms
10ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:16:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Feb 2022 12:30:38 GMT
Server: AkamaiNetStorage
ETag: "23b34d08f648c3f51b232443afced826:1644409863.170279"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Thu, 09 Jun 2022 14:36:05 GMT

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 17 KB
6 KB 411ms
101ms Script
text/javascript 18.205.229.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.205.229.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-229-183.compute-1.amazonaws.com
Software: /
Resource Hash: b90005e4acdff1d177d32dc0dfa574be6d2e15b915d6ba7156a96d78e183f49d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 09 Jun 2022 14:16:05 GMT
Content-Encoding: gzip
Cache-Control: max-age=5
Content-Length: 5405
Connection: keep-alive
Content-Type: text/javascript

GET
H/1.1 200
OK uniclick.js Show response
visit.prayfashion.com/ 5 KB
5 KB 46ms
19ms Script
text/plain 85.17.54.17
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://visit.prayfashion.com/uniclick.js?defaultcampaignid=61320f755617cb0001db7600&attribution=lastclick&regviewonce=false&cookiedomain=prayfashion.com&cookieduration=30
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/assets/lander.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 85.17.54.17 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 536fac39003de603f6c241901f38840138347a972922dba26a673b022d39e7e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:16:05 GMT
Server: nginx/1.21.3
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H/1.1 200
OK 61320f755617cb0001db7600 Show response
visit.prayfashion.com/ 570 B
1 KB 97ms
62ms XHR
application/json 85.17.54.17
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://visit.prayfashion.com/61320f755617cb0001db7600?format=json&referrer=&&sub19=fb.1.1654784164462.1864218222&sub20=undefined
Requested by: Host: visit.prayfashion.com
URL: https://visit.prayfashion.com/uniclick.js?defaultcampaignid=61320f755617cb0001db7600&attribution=lastclick&regviewonce=false&cookiedomain=prayfashion.com&cookieduration=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 85.17.54.17 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: f3b724d23e5fb5dd3ffec93864fe1700974dbffc97e65fca943e606388ce51e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:16:05 GMT
Server: nginx/1.21.3
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 570

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/LIAFGQD4BJCQNANH5CBFII/index.js
https://s.adroll.com/j/exp/index.js

28 B
761 B

8ms
8ms

Script
application/javascript

2600:9000:20eb:ba00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: HTTP/1.1
Server: 2600:9000:20eb:ba00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Amz-Version-Id: QCXe6z8Ijv28a3Z6pj7cPKMX4fdClAik
Via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 32599
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Wed, 18 May 2022 19:09:46 GMT
Server: AmazonS3
Date: Thu, 09 Jun 2022 05:12:48 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: uK5-3eICmSOVQ2LdpLteyWfS6Eaiqnf8J0VycydCMO0NQEacMqhoNQ==

Redirect headers

Date: Thu, 09 Jun 2022 04:00:21 GMT
Via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
Age: 36944
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA2-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 8C1KClJ5jVfd_LxvzuMcQ2bQE7-2RktdaowrSzhRO-gktWQKsE8WPQ==

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 374ms
83ms Script
application/javascript 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00b2c266a43b639ea810e3a99bdf26fa4d
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:16:05 GMT
content-encoding: gzip
X-TraceId: 32b524b19a53170cdfcb3cad2a635450
Content-Length: 56
Content-Type: application/javascript

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0DB1 98 B
141 B 49ms
49ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d97f25df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46da496d8351b32ca05d43bf08fa95ad38602d22c28b79905c896d68fb14d186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 09 Jun 2022 14:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 117
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
47ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 09 Jun 2022 14:16:05 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H/1.1 204
No Content view Show response
visit.prayfashion.com/ 0
306 B 224ms
224ms XHR
text/plain 85.17.54.17
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://visit.prayfashion.com/view?clickid=62a200a53eb867000104f74c&referrer=
Requested by: Host: visit.prayfashion.com
URL: https://visit.prayfashion.com/uniclick.js?defaultcampaignid=61320f755617cb0001db7600&attribution=lastclick&regviewonce=false&cookiedomain=prayfashion.com&cookieduration=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 85.17.54.17 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 09 Jun 2022 14:16:05 GMT
Server: nginx/1.21.3
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H2 200 LIAFGQD4BJCQNANH5CBFII Show response
d.adroll.com/consent/check/ 439 B
532 B 103ms
30ms Script
application/javascript 54.72.182.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/LIAFGQD4BJCQNANH5CBFII?arrfrr=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&_s=27a9db4516bf746e1ef6ca9f4e3cb288&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/LIAFGQD4BJCQNANH5CBFII/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.182.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-182-0.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: c812fe49a8e2d3566560c4a1526e150f21ddc5179c05bca844d719eb4fe5d9ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:05 GMT
server: nginx/1.20.0
content-length: 439
content-type: application/javascript

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 410 KB
55 KB 9ms
8ms Script
application/javascript 2600:9000:20eb:ba00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/LIAFGQD4BJCQNANH5CBFII/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ba00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Amz-Version-Id: 44sIT20LqRj70wQHqyIoOw7etYYdjkbK
Content-Encoding: gzip
Etag: W/"0a7d0ea8d7d31b07e925fe340acf431b"
Age: 183
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
Last-Modified: Wed, 04 May 2022 19:41:48 GMT
Server: AmazonS3
Date: Thu, 09 Jun 2022 14:14:35 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA2-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: bYvU2Iif7p6N5UhGImFqZz8MP0zvrygzVMOP4NvfLUMV33IqOrnlkg==

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 9ms
9ms Image
image/png 2600:9000:20eb:ba00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ba00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Age: 78382
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Date: Thu, 09 Jun 2022 01:11:28 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 7BXn9pF2er530lt6pqnIo75UUBOAMj_Tz2I3M577WoWJOk45oVb2xg==

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 65 B
292 B 100ms
100ms Stylesheet
text/css 18.205.229.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.205.229.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-229-183.compute-1.amazonaws.com
Software: /
Resource Hash: d99113afc3af2b7f7893fc2d6af2518d29730ab4e274364331893b41ca6e6b7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 09 Jun 2022 14:16:05 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 403ms
100ms Fetch
image/jpeg 18.205.229.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.205.229.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-229-183.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 09 Jun 2022 14:16:05 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 81ms
81ms Image
image/gif 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00b2c266a43b639ea810e3a99bdf26fa4d&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&optOut=false&bust=035603254829812325
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:16:05 GMT
Cache-Control: no-cache
X-TraceId: fb7a162fc33b857233973d73e97b0cd2
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 websiteTriggerIframe Show response
kw493.infusionsoft.app/app/webTracking/ Frame E583 1 KB
1018 B 187ms
186ms Document
text/html 2606:4700:4400::ac40:972a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kw493.infusionsoft.app/app/webTracking/websiteTriggerIframe

Requested by

Host: kw493.infusionsoft.app
URL: https://kw493.infusionsoft.app/app/webTracking/getTrackingCode

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:972a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c867e21ab932736662064b0ec373b19856d7dd6d42f1b05ce478e976f46b9f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 718a7bacaef05bdd-FRA
content-encoding: gzip
content-language: de-DE
content-type: text/html;charset=UTF-8
date: Thu, 09 Jun 2022 14:16:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 09 Jun 2022 14:16:05 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000;includeSubDomains
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 30ms
6ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: cf.spybriefing.com
URL: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: DQXVECYYH26T8XA2
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: eALUuukJzB4ucStWKbHKE0iJ4pHw1jEWf2JkWgG6tOJtELdAqipD0ZP+vGohR4HC654nDcLzXqg=
x-served-by: cache-hhn4051-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1654784166.906390,VS0,VE0
date: Thu, 09 Jun 2022 14:16:05 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5381

POST
H2 200 rum Show response
cf.spybriefing.com/cdn-cgi/ 0
209 B 45ms
44ms XHR
text/plain 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.spybriefing.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type: application/json

Response headers

date: Thu, 09 Jun 2022 14:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://cf.spybriefing.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 718a7bacdf1d9a09-FRA
vary: Origin

GET
H/1.1 200
OK NRJS-fc902efb332119fff33 Show response
bam.nr-data.net/1/ 49 B
725 B 192ms
152ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4791&ck=1&ref=https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778&ap=274&be=2267&fe=4753&dc=3187&perf=%7B%22timing%22:%7B%22of%22:1654784161126,%22n%22:0,%22f%22:1750,%22dn%22:1750,%22dne%22:1750,%22c%22:1750,%22ce%22:1750,%22rq%22:1750,%22rp%22:2239,%22rpe%22:2245,%22dl%22:2242,%22di%22:3185,%22ds%22:3186,%22de%22:3317,%22dc%22:4728,%22l%22:4753,%22le%22:4763%7D,%22navigation%22:%7B%7D%7D&fp=2632&fcp=2632&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:16:06 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 718a7bad3b639170-FRA

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
400 B 101ms
100ms XHR
text/plain 18.205.229.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=0xk6fdszdQvg5B_Yx1_8QQ&is_js=true&landing_url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&t=Carfighting%20Video&tip=2IHHABGfB8GIh-ALF1R-VCCGoYrF8Y6Qjb26tXXLlpk&host=https://cf.spybriefing.com&sa_conv_data_css_value=%20%220-e5415c08-0d1f-4eee-41d0-d8280f3f79d2%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9924d025ad4714ac3561a3defed655901b9d59ba2&sa-user-id-v2=s%253A0-e5415c08-0d1f-4eee-41d0-d8280f3f79d2%2524ip%2524185.213.155.162.2Ckhs762I3WRAutxgWLaPxKq6KF3mXGEJjsvqEugg%252Fc&sa-user-id=s%253A0-e5415c08-0d1f-4eee-41d0-d8280f3f79d2.CEb1uzeaM1JV6kN0nW%252BSs8kecj4r5qGEAw3gfT0xfGw
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.205.229.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-229-183.compute-1.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:16:06 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://cf.spybriefing.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 94

GET
H2 200 api.js Show response
kw493.infusionsoft.app/cdn-cgi/bm/cv/669835187/ Frame E583 35 KB
9 KB 11ms
11ms Script
text/javascript 2606:4700:4400::ac40:972a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kw493.infusionsoft.app/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: kw493.infusionsoft.app
URL: https://kw493.infusionsoft.app/app/webTracking/websiteTriggerIframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:972a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kw493.infusionsoft.app/app/webTracking/websiteTriggerIframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 718a7bae692a5bdd-FRA

GET
H2

200

spacer.gif
kw493.infusionsoft.app/slices/
Redirect Chain

https://kw493.infusionsoft.app/app/webTracking/contact/1654784163616?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=cf.spybriefing.com&location=https://cf.spybriefing.com/...
https://kw493.infusionsoft.app/slices/spacer.gif

43 B
230 B

23ms
23ms

Image
image/gif

2606:4700:4400::ac40:972a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kw493.infusionsoft.app/slices/spacer.gif

Protocol

Server

2606:4700:4400::ac40:972a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1463
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Jun 2022 10:31:53 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"43-1654770713639"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: image/gif;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=31552537
cf-ray: 718a7bafbab95bdd-FRA
expires: Fri, 09 Jun 2023 18:51:43 GMT

Redirect headers

pragma: no-cache, no-cache
date: Thu, 09 Jun 2022 14:16:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
location: /slices/spacer.gif
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
via: 1.1 google
cache-control: no-cache, no-store, no-cache, no-store
cf-ray: 718a7bae89475bdd-FRA
vary: accept-encoding
x-xss-protection: 1; mode=block
expires: Thu, 09 Jun 2022 14:16:06 GMT, -1

POST
H2 204 result Show response
kw493.infusionsoft.app/cdn-cgi/bm/cv/ Frame E583 0
322 B 11ms
11ms XHR
text/plain 2606:4700:4400::ac40:972a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kw493.infusionsoft.app/cdn-cgi/bm/cv/result?req_id=718a7bacaef05bdd
Requested by: Host: kw493.infusionsoft.app
URL: https://kw493.infusionsoft.app/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:972a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kw493.infusionsoft.app/app/webTracking/websiteTriggerIframe
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Jun 2022 14:16:06 GMT
server: cloudflare
cf-ray: 718a7baed9aa5bdd-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3C88 15 KB
6 KB 70ms
17ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=cf.spybriefing.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

4f6703cd54650cdd75f59266d630970479d273471a330e272cdaaef9481c55cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6123
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Jun 2022 14:16:06 GMT
server-processing-duration-in-ticks: 2280
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3C88
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=spybriefing.com&sn=ChromeSyncframe&so=0&topUrl=cf.spybriefing.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=-zxkVXw0OGlHbmI5Nk1GanVxWFFmckcxNzFlbWFUZW5iVEJwS2dQekdOSjc5RWFEUG80WmpLUkN6a0dEN2JsUmVURE5SYmJXeGQ3bTJhbkYvV0I3emVUMVFRenloK1hhRExEMzJlb3ZFUEtzV0oxSURTcnpwaU5NbDlaS2...

455 B
643 B

82ms
27ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=-zxkVXw0OGlHbmI5Nk1GanVxWFFmckcxNzFlbWFUZW5iVEJwS2dQekdOSjc5RWFEUG80WmpLUkN6a0dEN2JsUmVURE5SYmJXeGQ3bTJhbkYvV0I3emVUMVFRenloK1hhRExEMzJlb3ZFUEtzV0oxSURTcnpwaU5NbDlaS2xPdzNGaXlDQWwwSU9mWFNHdEd3MWdKbFFMdnZ3M244Zm9JOFVGblJ6QWxyT1hsb1hUU0N6aTIyVlJWMEZsMTQreXJPdG9kbVcvM1NXMTltRE1WdGUvSVN3WjRtMzRMRlJrUElLTmVoRXRwZ2JsWkFmR3lKUXlBandjOVc3R1I2Q0pPbWpSL0tYMXBzUE9iaVJoWWNUYkRYRWpNSFVqZz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f6051cc7f24a75c1d032e9c04955727a949498a8e77a799e1d1cc048bed43683

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:05 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 30176
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:05 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=-zxkVXw0OGlHbmI5Nk1GanVxWFFmckcxNzFlbWFUZW5iVEJwS2dQekdOSjc5RWFEUG80WmpLUkN6a0dEN2JsUmVURE5SYmJXeGQ3bTJhbkYvV0I3emVUMVFRenloK1hhRExEMzJlb3ZFUEtzV0oxSURTcnpwaU5NbDlaS2xPdzNGaXlDQWwwSU9mWFNHdEd3MWdKbFFMdnZ3M244Zm9JOFVGblJ6QWxyT1hsb1hUU0N6aTIyVlJWMEZsMTQreXJPdG9kbVcvM1NXMTltRE1WdGUvSVN3WjRtMzRMRlJrUElLTmVoRXRwZ2JsWkFmR3lKUXlBandjOVc3R1I2Q0pPbWpSL0tYMXBzUE9iaVJoWWNUYkRYRWpNSFVqZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1775
content-length: 541
expires: 0

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=94432&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=_Qm...
https://widget.us.criteo.com/event?a=94432&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=_Qm...

9 KB
9 KB

314ms
112ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=94432&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=_QmvKF9IOXUlMkJ1aDlxaUhpVkpZcUhYSmR0bnkydTNNbSUyRmJkNk91dk41JTJCNENKeWJCVDg1YzFsOCUyQkZmN2IlMkZqZ1JIY3ZOWHhPTXh5dEx0JTJGRktKZXpBTm5PazJRNlZhbWF4UTFZc3FGRzNiMjNRSjByVkRCJTJCTWpIRUJyaHpJNnZpZkxoWVVVJTJGekxIYmJWJTJCWEolMkY4OXNmd1k0QUF3ZyUzRCUzRA&tld=spybriefing.com&dy=1&fu=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&dtycbr=18752

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

de7ad4205ecac79256c4fa46922874086b0fd4dad383bfe5e54a2ac38f5703e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:06 GMT
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 16071579
content-type: application/x-javascript
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:06 GMT
server: Kestrel
location: https://widget.us.criteo.com/event?a=94432&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dviewproduct%26id%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=_QmvKF9IOXUlMkJ1aDlxaUhpVkpZcUhYSmR0bnkydTNNbSUyRmJkNk91dk41JTJCNENKeWJCVDg1YzFsOCUyQkZmN2IlMkZqZ1JIY3ZOWHhPTXh5dEx0JTJGRktKZXpBTm5PazJRNlZhbWF4UTFZc3FGRzNiMjNRSjByVkRCJTJCTWpIRUJyaHpJNnZpZkxoWVVVJTJGekxIYmJWJTJCWEolMkY4OXNmd1k0QUF3ZyUzRCUzRA&tld=spybriefing.com&dy=1&fu=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&dtycbr=18752
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 16495251
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 82C4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-XNc2pd6blIu1c81RPdEtqWHJXHzfM-mGcx1ugQ&google_cm&google_hm=ay1YTmMycGQ2YmxJdTFjODFSUGRFdHFXSEpYSHpmTS1tR...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XNc2pd6blIu1c81RPdEtqWHJXHzfM-mGcx1ugQ&google_gid=CAESEAmorR0SXKb60eLrYMduTUg&google_cver=1&google_ula=913071,0

43 B
370 B

125ms
16ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XNc2pd6blIu1c81RPdEtqWHJXHzfM-mGcx1ugQ&google_gid=CAESEAmorR0SXKb60eLrYMduTUg&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:06 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1171370
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XNc2pd6blIu1c81RPdEtqWHJXHzfM-mGcx1ugQ&google_gid=CAESEAmorR0SXKb60eLrYMduTUg&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

451

397596.gif
idsync.rlcdn.com/ Frame 82C4
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=dokn520NSRVPOWHeteU2DVlqpdpMDsgS

0
98 B

322ms
41ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=dokn520NSRVPOWHeteU2DVlqpdpMDsgS
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=dokn520NSRVPOWHeteU2DVlqpdpMDsgS
date: Thu, 09 Jun 2022 14:16:06 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2031
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1 204
NO CONTENT /
partner.mediawallahscript.com/ Frame 82C4 0
232 B 358ms
30ms Image
text/html 52.209.107.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-XNc2pd6blIu1c81RPdEtqWHJXHzfM-mGcx1ugQ&custom=&tag_format=img&tag_action=sync&custom=&cb=d87d9402-426e-4d05-a182-81d77bdcc730
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.107.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-107-65.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Jun 2022 14:16:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Server: nginx/1.20.0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

GET
H2 451 362338.gif
idsync.rlcdn.com/ Frame 82C4 0
42 B 345ms
42ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-XNc2pd6blIu1c81RPdEtqWHJXHzfM-mGcx1ugQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 82C4 0
194 B 321ms
20ms Image
text/plain 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:07 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame 82C4 43 B
631 B 337ms
36ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:07 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 09 Jun 2022 14:16:07 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 82C4
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Qwf2J96blIu1c81RPdEtqWHJXHxwGCP7pRV44Q
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Qwf2J96blIu1c81RPdEtqWHJXHxwGCP7pRV44Q&verify=true

0
121 B

11ms
11ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Qwf2J96blIu1c81RPdEtqWHJXHxwGCP7pRV44Q&verify=true

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:07 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Qwf2J96blIu1c81RPdEtqWHJXHxwGCP7pRV44Q&verify=true
date: Thu, 09 Jun 2022 14:16:07 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 82C4 0
476 B 460ms
82ms Image
text/plain 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Ts2-Y96blIu1c81RPdEtqWHJXHzLvczFeG2ufA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:16:07 GMT
Cache-Control: no-cache
X-TraceId: 4e440873260b4932bfa80c3e52a463c8
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame 82C4 0
427 B 458ms
158ms Image
text/plain 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-wMnLWd6blIu1c81RPdEtqWHJXHzwV-Lmn8FqlQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:07 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 09 Jun 2022 14:16:07 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 82C4 0
239 B 314ms
9ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-wMnLWd6blIu1c81RPdEtqWHJXHzwV-Lmn8FqlQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 82C4
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-YCEEZN6blIu1c81RPdEtqWHJXHzU9KUJmcTyEw&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-YCEEZN6blIu1c81RPdEtqWHJXHzU9KUJmcTyEw%26seg%3D95287

43 B
1 KB

8ms
7ms

Image
image/gif

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-YCEEZN6blIu1c81RPdEtqWHJXHzU9KUJmcTyEw%26seg%3D95287

Protocol

HTTP/1.1

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Jun 2022 14:16:07 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f6fefc1b-8267-4109-826e-aae4e06b7101
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Jun 2022 14:16:07 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 05041799-2ba9-4ecb-9e4d-8af1bef6d36b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-YCEEZN6blIu1c81RPdEtqWHJXHzU9KUJmcTyEw%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 82C4
Redirect Chain

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7232166593167394457

43 B
370 B

92ms
18ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7232166593167394457

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:06 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3395815
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Jun 2022 14:16:07 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f65a2d93-0bff-442d-9787-2d7e8ec304d3
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7232166593167394457
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 82C4 42 B
581 B 994ms
160ms Image
image/gif 204.237.133.120
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-E9zX3d6blIu1c81RPdEtqWHJXHz0GEQrATQHzA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.237.133.120 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:08 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 xuid
eb2.3lift.com/ Frame 82C4 37 B
140 B 48ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-3O_Kg96blIu1c81RPdEtqWHJXHwYY1wc4hWQbA&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 cksync.php
contextual.media.net/ Frame 82C4 45 B
798 B 107ms
69ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-AeiENt6blIu1c81RPdEtqWHJXHzQiAl4DJyQjA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Thu, 09 Jun 2022 14:16:07 GMT
vary: Accept-Encoding
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Thu, 09 Jun 2022 14:16:07 GMT

GET rum
r.casalemedia.com/ Frame 82C4 0
0

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 82C4
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-GFBu9N6blIu1c81RPdEtqWHJXHzme9NtzkNR9w&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-GFBu9N6blIu1c81RPdEtqWHJXHzme9NtzkNR9w&expires=30&user_group=5

43 B
510 B

109ms
109ms

Image
image/gif

35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-GFBu9N6blIu1c81RPdEtqWHJXHzme9NtzkNR9w&expires=30&user_group=5
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:16:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-GFBu9N6blIu1c81RPdEtqWHJXHzme9NtzkNR9w&expires=30&user_group=5
Date: Thu, 09 Jun 2022 14:16:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame 82C4 35 B
337 B 119ms
36ms Image
image/gif 52.49.118.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-Yv2sL96blIu1c81RPdEtqWHJXHzgJk9C0hpl9A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.118.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-118-209.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:07 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame 82C4 23 B
172 B 87ms
37ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-dkSGN96blIu1c81RPdEtqWHJXHytngXCDHYGLg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:07 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 09 Jun 2022 14:16:07 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 82C4 0
99 B 233ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-QbzWjN6blIu1c81RPdEtqWHJXHwRnAVAZYHPwA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13805

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 82C4 43 B
163 B 190ms
33ms Image
image/gif 185.86.139.106
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-tpbyE96blIu1c81RPdEtqWHJXHwnN4f-o9oC9g
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:07 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 82C4 68 B
262 B 149ms
7ms Image
image/png 18.193.215.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-29X0qt6blIu1c81RPdEtqWHJXHyVaPooILJs7g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.215.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-215-198.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:07 GMT
content-length: 68
content-type: image/png

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 82C4
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-FvfAj96blIu1c81RPdEtqWHJXHz7NkZ12RZCpQ
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-FvfAj96blIu1c81RPdEtqWHJXHz7NkZ12RZCpQ

43 B
446 B

35ms
34ms

Image
image/gif

52.210.88.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-FvfAj96blIu1c81RPdEtqWHJXHz7NkZ12RZCpQ
Protocol: H2
Server: 52.210.88.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-88-151.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Jun 2022 14:16:07 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-FvfAj96blIu1c81RPdEtqWHJXHz7NkZ12RZCpQ
date: Thu, 09 Jun 2022 14:16:07 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame 82C4
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nX3sV96blIu1c81RPdEtqWHJXHwbbrtt5dFteQ
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nX3sV96blIu1c81RPdEtqWHJXHwbbrtt5dFteQ&_li_chk=true&previous_uuid=23246e40a5cc445e91d202f8de8a9778
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nX3sV96blIu1c81RPdEtqWHJXHwbbrtt5dFteQ

43 B
419 B

373ms
123ms

Image
image/gif

2600:1f18:444a:4602:bab:b033:845c:e657
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nX3sV96blIu1c81RPdEtqWHJXHwbbrtt5dFteQ

Protocol

HTTP/1.1

Server

2600:1f18:444a:4602:bab:b033:845c:e657 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:16:08 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nX3sV96blIu1c81RPdEtqWHJXHwbbrtt5dFteQ
Date: Thu, 09 Jun 2022 14:16:07 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 82C4 43 B
428 B 309ms
97ms Image
image/gif 3.223.101.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-cQ4Mbt6blIu1c81RPdEtqWHJXHxYxl0PY0fbHg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.101.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-101-22.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:07 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 82C4 43 B
183 B 387ms
124ms Image
image/gif 2600:1f18:612b:4232:40ff:2de3:a398:119a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-qXTdOt6blIu1c81RPdEtqWHJXHyR_DrODGCjHQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:40ff:2de3:a398:119a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:07 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H/1.1

200
OK

empty.gif
cdn.stickyadstv.com/one-shot/ Frame 82C4
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-NbPnD96blIu1c81RPdEtqWHJXHy5jR7SNGV0yA&redirectId=69
https://cdn.stickyadstv.com/one-shot/empty.gif?

43 B
438 B

306ms
15ms

Image
image/gif

2001:4de0:ac19::1:b:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.stickyadstv.com/one-shot/empty.gif?
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 14:16:07 GMT
Last-Modified: Thu, 28 Feb 2013 15:45:35 GMT
ETag: "1362066335"
X-HW: 1654784167.dop141.am5.t,1654784167.cds130.am5.shn,1654784167.cds130.am5.c
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 09 Jun 2022 14:16:07 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1654784167457048-501
Expires: Thu, 09 Jun 2022 14:16:07 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 82C4 40 B
40 B 35ms
10ms Image
text/html 18.185.150.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-bkRvCd6blIu1c81RPdEtqWHJXHyAXhvKTeDUWA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.150.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-150-140.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:16:07 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 82C4 43 B
220 B 148ms
31ms Image
image/gif 52.49.242.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-dKu9_96blIu1c81RPdEtqWHJXHylRHRw__vhKg&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.242.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-242-166.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 09 Jun 2022 14:16:07 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 0DB1 28 B
54 B 54ms
53ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d97f25df/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/60cqUPxYThY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
X-YouTube-Client-Version: 1.20220607.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt1SUd2c0VtdWhRNCikgYiVBg%3D%3D
X-YouTube-Ad-Signals: dt=1654784164731&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 09 Jun 2022 14:16:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 09 Jun 2022 14:16:07 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 82C4
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7232166593167394457

43 B
370 B

16ms
16ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7232166593167394457

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 14:16:07 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1450448
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Jun 2022 14:16:07 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 70bdae73-0c25-40a8-9762-432888c9c372
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7232166593167394457
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/s/player/d97f25df/www-player.css

Domain: www.youtube.com
URL: https://www.youtube.com/s/player/d97f25df/www-embed-player.vflset/www-embed-player.js

Domain: www.youtube.com
URL: https://www.youtube.com/s/player/d97f25df/player_ias.vflset/de_DE/base.js

Domain: www.youtube.com
URL: https://www.youtube.com/s/player/d97f25df/fetch-polyfill.vflset/fetch-polyfill.js

Domain: track.addevent.com
URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=e2da4f6b-5dfc-4a25-6ee9-43b5b1db2851&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&cache=1654784164273

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Domain: r.casalemedia.com
URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ItxP196blIu1c81RPdEtqWHJXHwdU-B4dFI4WA

Verdicts & Comments Add Verdict or Comment

427 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

92 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 03:41:10	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
i.liadm.com/s	1970-01-20 04:22:56	Name: _li_ss Value: MgkI_____wcQvhI
links.spybriefing.com/	1970-01-20 03:40:27	Name: _session_id Value: 287859c79f8efe006fd679176ba30d4e
.cf.spybriefing.com/	1970-01-20 03:39:45	Name: __cf_bm Value: hHBBhJ.T_msa4sV1zl7180EgfG9yUplVDwJVNriacOg-1654784162-0-ATKiMdTm/BhvIUCtcbErbX7tjwAJo1ImrOIIbZuyrDBwJk9sBlAiNALCqjZetyRlDji5PYtzOKDPEPNs2todJzDVn4oUjppXIW+eOli3NjuU
.infusionsoft.com/	1970-01-20 03:39:45	Name: __cf_bm Value: gYKTsPlQs385zaaDZMCeWlLTOphNhLLmUYgh51mwvUg-1654784163-0-AXkti+dkppQwahSuN4zhYHifLKGYkLIxs+lRwC+3XiCWrRDtZWhEXhP1FdiAD9NvarEpe8llyBOBxreGXkKxoRU=
.clickfunnels.com/	1970-01-20 03:39:45	Name: __cf_bm Value: pFUcrCQoovC0GsGJozpUi85sJFokxHLv3UPpFGdxHPs-1654784163-0-AUo/bVD7pY1tysnUHhNixT6vNRdAF3o+V17u/Y6REL3rYfYPB0SwDNSXiSZXZEyEwd4sNXMMTXZ3nERvE6SHvz/6u5/UE2aZWLKtJ0K2m4ZD
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: spKY70Cl4r8
.youtube.com/	1970-01-20 07:58:56	Name: VISITOR_INFO1_LIVE Value: uIGvsEmuhQ4
cf.spybriefing.com/	1970-01-20 12:25:20	Name: addevent_track_cookie Value: e2da4f6b-5dfc-4a25-6ee9-43b5b1db2851
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:aff_sub2 Value:
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:aff_sub3 Value:
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:aff_sub Value:
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:affiliate_id Value:
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:cf_affiliate_id Value:
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:content Value:
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:medium Value:
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:name Value:
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:source Value:
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:term Value:
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:NDk3NzkxNzc Value: :visited=true
cf.spybriefing.com/	1970-01-20 12:25:20	Name: cf:visitor_id Value: 86f20d8d-a407-4415-927c-e17698ae041d
.spybriefing.com/	1970-01-20 05:49:20	Name: _fbp Value: fb.1.1654784164462.1864218222
.spybriefing.com/	1970-01-20 05:49:20	Name: _gcl_au Value: 1.1.1387357723.1654784164
.spybriefing.com/	1970-01-20 12:25:20	Name: _seg_uid_5374 Value: 01G54D50QFQ358ZBYRWSFSZ3R5
.spybriefing.com/	1970-01-20 12:25:20	Name: _seg_uid Value: 01G54D50QFQ358ZBYRWSFSZ3R5
.spybriefing.com/	1970-01-20 12:25:20	Name: _seg_visitor_5374 Value: {"referrer":null}
.spybriefing.com/	1970-01-20 21:10:56	Name: _ga Value: GA1.2.117376602.1654784165
.spybriefing.com/	1970-01-20 03:41:10	Name: _gid Value: GA1.2.68103986.1654784165
.spybriefing.com/	1970-01-20 03:39:44	Name: _gat_gtag_UA_164010868_2 Value: 1
.spybriefing.com/	1970-01-20 03:39:44	Name: _gat_UA-217947897-1 Value: 1
.mgid.com/	1970-01-20 03:39:45	Name: __cf_bm Value: aEKofgYSnO8k0D8zbqmrY9EJpExJPbp1OHJk9e0us9c-1654784164-0-AchTr3cU1c/e2EeAGl+/JzDvE5ilYti+toK92jpEh1TK9cP63X4CLPQ/k/7BkNkuwYz19wfCoocIgf4mijBUsps=
.spybriefing.com/	1970-01-20 13:09:30	Name: _scid Value: a58fdb41-19b1-4412-85d9-836e40a9ea2b
.turn.com/	1970-01-20 07:58:56	Name: uid Value: 2849332975017299777
.snapchat.com/	1970-01-20 13:01:20	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIAgDsItIXBwOz1HUKzjetuPSQ83mQzdGPotMt6MDuTYXdxWGU0EMVvsqimg6MgAAAA==
.tiktok.com/	1970-01-20 13:01:20	Name: _ttp Value: 2ALLxUNUhr66q5ZpOna8wSSHg23
cf.spybriefing.com/	1970-01-20 05:49:20	Name: MgidSensorNVis Value: 1
cf.spybriefing.com/	1970-01-20 05:49:20	Name: MgidSensorHref Value: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
cf.spybriefing.com/	1970-01-20 05:49:20	Name: AdskeeperSensorNVis Value: 1
cf.spybriefing.com/	1970-01-20 05:49:20	Name: AdskeeperSensorHref Value: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
.spybriefing.com/	1970-01-20 13:01:20	Name: _tt_enable_cookie Value: 1
.spybriefing.com/	1970-01-20 13:01:20	Name: _ttp Value: 640c9e7f-8c3f-4344-ba0f-afd660cfbea9
.quantserve.com/	1970-01-20 13:09:58	Name: mc Value: 62a200a5-03b82-c5c9e-3a9b8
.spybriefing.com/	1970-01-20 13:04:12	Name: __qca Value: P0-1899501173-1654784164968
rdcdn.com/	1970-01-25 20:05:38	Name: aid Value: 19177
rdcdn.com/	1970-01-25 20:05:38	Name: ref Value: https://cf.spybriefing.com/sales-page-4977917816267594971791630527983778
rdcdn.com/	1970-01-25 20:05:38	Name: img Value: http://rdcdn.com/rt?aid=19177&e=1&img=1
.simpli.fi/	1970-01-20 12:26:46	Name: suid Value: A3B4B1017DED49B6AC6CA09C88A58D98
.statistinamics.com/	1970-01-21 23:27:44	Name: scgrg Value: %7B%22grg%22%3A%22895A38B2-FEE7-EC11-B656-0003FFCA8DF826919298-594E-43AC-B276-26C2464B743E%22%7D
.cf.spybriefing.com/	1970-01-20 12:25:20	Name: _pin_unauth Value: dWlkPU1EVTVNbUl5TmpNdE16VXpOeTAwTlRCbExXSXhaakV0TW1VME5UZGpNbU5sTW1JNQ
tags.srv.stackadapt.com/	1970-01-20 12:25:20	Name: sa-user-id Value: s%3A0-e5415c08-0d1f-4eee-41d0-d8280f3f79d2.CEb1uzeaM1JV6kN0nW%2BSs8kecj4r5qGEAw3gfT0xfGw
.srv.stackadapt.com/	1970-01-20 12:25:20	Name: sa-user-id-v2 Value: s%3A5UFcCA0fTu5B0NgoDz950rnVm6I.pLJlQciQG3n4fUhdecqpTPz72fU8wcrDU6tcrDlDuYg
cf.spybriefing.com/	1970-01-20 12:25:20	Name: sa-user-id Value: s%253A0-e5415c08-0d1f-4eee-41d0-d8280f3f79d2.CEb1uzeaM1JV6kN0nW%252BSs8kecj4r5qGEAw3gfT0xfGw
cf.spybriefing.com/	1970-01-20 12:25:20	Name: sa-user-id-v2 Value: s%253A0-e5415c08-0d1f-4eee-41d0-d8280f3f79d2%2524ip%2524185.213.155.162.2Ckhs762I3WRAutxgWLaPxKq6KF3mXGEJjsvqEugg%252Fc
cf.spybriefing.com/	1970-01-20 03:39:44	Name: outbrain_cid_fetch Value: true
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: aac441a995738595
.infusionsoft.app/	1970-01-20 03:39:45	Name: __cf_bm Value: t571yfhNHnVEmMh3AxyoKwjLhKngpxN_BCSS8pX9VOY-1654784166-0-ATqjZh346AXeoeJP2NiZRgkmTpi2aklDoR8Ku1HPas9JKn9hWC5vFUSMAoPBqrhjU8l9+0n0m2Z/Uuw/iKuSDQLGKKcUAzFNKim4gsYuWeQqVcc4gAosjDZOK2Oq1gteYaDR/vM8VxpyR9yo7+nqPS1/MJG2raj34v+b0SAqDdDkpRZu0EniaTEILhSIRvzHcw==
kw493.infusionsoft.app/	1970-01-20 12:25:20	Name: InfusionsoftTrackingCookie Value: 0da05073a05e9e9ecc50fe26326d052a
.criteo.com/	1970-01-20 13:01:20	Name: uid Value: 6da4e408-f5c0-42bd-a413-cc0ba2d6c511
.spybriefing.com/	1970-01-20 13:09:08	Name: cto_bundle Value: _QmvKF9IOXUlMkJ1aDlxaUhpVkpZcUhYSmR0bnkydTNNbSUyRmJkNk91dk41JTJCNENKeWJCVDg1YzFsOCUyQkZmN2IlMkZqZ1JIY3ZOWHhPTXh5dEx0JTJGRktKZXpBTm5PazJRNlZhbWF4UTFZc3FGRzNiMjNRSjByVkRCJTJCTWpIRUJyaHpJNnZpZkxoWVVVJTJGekxIYmJWJTJCWEolMkY4OXNmd1k0QUF3ZyUzRCUzRA
.adnxs.com/	1970-01-20 05:49:20	Name: uuid2 Value: 7232166593167394457
.analytics.yahoo.com/	1970-01-20 12:25:20	Name: IDSYNC Value: 18zh~25d2
.yahoo.com/	1970-01-20 12:25:41	Name: A3 Value: d=AQABBKcAomICEF5QlLA80DzBnM0M3AkQrMoFEgEBAQFSo2KrYgAAAAAA_eMAAA&S=AQAAAs_38QHqlT__zMoBhEf7qsA
.doubleclick.net/	1970-01-20 13:01:20	Name: IDE Value: AHWqTUmLH6nE3raM33qNAHBvgFXL1cBZD0tajzktJHPJDQJhlpIaY9fJwuJxlmlEMXM
.media.net/	1970-01-20 12:25:20	Name: visitor-id Value: 2977857678397092000V10
.media.net/	1970-01-20 04:22:56	Name: data-c-ts Value: 1654784167
.media.net/	1970-01-20 04:22:56	Name: data-c Value: k-AeiENt6blIu1c81RPdEtqWHJXHzQiAl4DJyQjA~~3
.addthis.com/	1970-01-20 13:01:20	Name: ouid Value: 62a200a700014766561ea26b10d7d917b69e56e5bc8256d02b2d
.addthis.com/	1970-01-20 13:01:20	Name: uid Value: 62a200a71bc57d04
.addthis.com/	1970-01-20 13:01:20	Name: na_id Value: 2022060914160734900885118948
.outbrain.com/	1970-01-20 05:49:20	Name: obuid Value: f6d9e3b0-de22-40e7-a60a-77303901f045
.outbrain.com/	1970-01-20 04:08:32	Name: criteo Value: k-Ts2-Y96blIu1c81RPdEtqWHJXHzLvczFeG2ufA
.revcontent.com/	1970-02-07 09:39:44	Name: __ID Value: 0114a2469d8845f8b5012abfd2ab68f6
.revcontent.com/	1970-01-20 04:22:56	Name: v1_151 Value: 1
.sharethrough.com/	1970-01-20 04:22:56	Name: stx_user_id Value: fef69e8a-6738-4967-a9f4-7b065daa0a49
ads.stickyadstv.com/	1970-01-20 04:22:56	Name: UID Value: aa3b7e11efd24623fd79772d5bf3563
ads.stickyadstv.com/	1970-01-20 04:22:56	Name: uid-bp-11554 Value: k-NbPnD96blIu1c81RPdEtqWHJXHy5jR7SNGV0yA
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 206f8d617d9f98f4529954327e8c86
.360yield.com/	1970-01-20 05:49:20	Name: tuuid Value: cc86607f-f1bf-42a0-a31e-f72766150f48
.360yield.com/	1970-01-20 05:49:20	Name: tuuid_lu Value: 1654784167
exchange.mediavine.com/	1970-01-20 03:59:53	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22b4643be0-e7fe-11ec-b8e0-23947a60d2f2%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 03:59:53	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22b4643be0-e7fe-11ec-b8e0-23947a60d2f2%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 03:59:53	Name: criteo Value: %7B%22id%22%3A%22k-bkRvCd6blIu1c81RPdEtqWHJXHyAXhvKTeDUWA%22%2C%22version%22%3A%22criteo%22%7D
.360yield.com/	1970-01-20 05:49:20	Name: um Value: !38,.IO.uaq1dSd-thq4k.2x4NC6fTnI7wSWXv7i-kq.-JaPh4AP4gFU35orUxsugFDO0S3kOaRH,1662560167
.360yield.com/	1970-01-20 05:49:20	Name: umeh Value: !38,0,1716992167,-1
.adnxs.com/	1970-01-20 05:49:20	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2E?(Fz5BD!EKw)0I^OS4<OqA4uZ9OWV$Rww94AI7E00M2M`:8?Lzo'deg]Z7O>d#blONVTA%l-g9A4oK#hN5CoP1wCrtOdCnY3/^X)QD
.postrelease.com/	1970-01-20 12:25:20	Name: opt_out Value: 1
.liadm.com/	1970-01-20 21:10:56	Name: lidid Value: 23246e40-a5cc-445e-91d2-02f8de8a9778
.bidswitch.net/	1970-01-20 12:25:20	Name: tuuid Value: cec2c8bf-886e-4d6f-b9d2-b7ff5af88d50
.bidswitch.net/	1970-01-20 12:25:20	Name: c Value: 1654784167
.bidswitch.net/	1970-01-20 12:25:20	Name: tuuid_lu Value: 1654784167
.pubmatic.com/	1970-01-20 04:22:56	Name: KRTBCOOKIE_97 Value: 3385-uid:k-E9zX3d6blIu1c81RPdEtqWHJXHz0GEQrATQHzA&KRTB&23144-uid:k-E9zX3d6blIu1c81RPdEtqWHJXHz0GEQrATQHzA&KRTB&23286-uid:k-E9zX3d6blIu1c81RPdEtqWHJXHz0GEQrATQHzA&KRTB&23287-uid:k-E9zX3d6blIu1c81RPdEtqWHJXHz0GEQrATQHzA
.pubmatic.com/	1970-01-20 04:22:56	Name: PugT Value: 1654784168

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=e2da4f6b-5dfc-4a25-6ee9-43b5b1db2851&url=https%3A%2F%2Fcf.spybriefing.com%2Fsales-page-4977917816267594971791630527983778&cache=1654784164273 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://visit.prayfashion.com/postback?clickid=undefined&type=RT_View_Content Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://visit.prayfashion.com/postback?clickid=null&type=RT_View_Content&gtmcb=785652262 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://static.criteo.net/js/ld/ld.js Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://idsync.rlcdn.com/397596.gif?partner_uid=dokn520NSRVPOWHeteU2DVlqpdpMDsgS Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-XNc2pd6blIu1c81RPdEtqWHJXHzfM-mGcx1ugQ Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ItxP196blIu1c81RPdEtqWHJXHwdU-B4dFI4WA Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.adskeeper.co.uk
a.exoclick.com
a.mgid.com
ad.360yield.com
ads.stickyadstv.com
ads.yahoo.com
amplify.outbrain.com
analytics.tiktok.com
app.clickfunnels.com
assets.clickfunnels.com
assets.revcontent.com
bam.nr-data.net
cdn.stickyadstv.com
cf.spybriefing.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
ct.pinterest.com
cw.addthis.com
d.adroll.com
dis.criteo.com
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
jadserve.postrelease.com
jnn-pa.googleapis.com
js-agent.newrelic.com
kw493.infusionsoft.app
kw493.infusionsoft.com
links.spybriefing.com
m.revmizer.com
match.sharethrough.com
mug.criteo.com
ndn.statistinamics.com
partner.mediawallahscript.com
pixel.adblade.com
pixel.quantserve.com
pixel.rubiconproject.com
r.casalemedia.com
r.turn.com
rdcdn.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.adroll.com
s.pinimg.com
sc-static.net
secure.adnxs.com
secure.quantserve.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.cloudflareinsights.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tag.segmetrics.io
tag.simpli.fi
tags.srv.stackadapt.com
tr.outbrain.com
tr.snapchat.com
track.addevent.com
track.segmetrics.io
trends.revcontent.com
ups.analytics.yahoo.com
use.fontawesome.com
visit.prayfashion.com
web.adblade.com
widget.us.criteo.com
www.clickcease.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
x.bidswitch.net
fonts.gstatic.com
r.casalemedia.com
track.addevent.com
www.youtube.com
104.18.26.174
104.19.134.78
104.75.88.126
13.225.77.245
13.225.78.123
13.248.245.213
141.226.228.48
142.250.184.194
142.250.186.66
151.101.128.84
151.101.2.137
151.139.128.11
162.247.241.14
169.50.137.179
178.250.0.163
178.250.2.140
178.250.2.146
18.185.150.140
18.193.215.198
18.205.229.183
185.86.139.106
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:1b
2001:678:cb4:bbbb::11
204.237.133.120
212.82.100.181
23.35.228.23
23.35.229.117
23.35.237.56
23.35.237.86
23.36.163.232
2600:1f18:444a:4602:bab:b033:845c:e657
2600:1f18:612b:4232:40ff:2de3:a398:119a
2600:9000:20eb:2c00:6:44e3:f8c0:93a1
2600:9000:20eb:ba00:6:9280:1080:93a1
2606:4700:20::681a:5
2606:4700:4400::6812:2791
2606:4700:4400::ac40:972a
2606:4700:440e::ac40:9c1a
2606:4700::6810:dc2
2606:4700::6810:ec2
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1288:80:807::1
2a00:1450:4001:801::2004
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:812::2008
2a00:1450:4001:813::2006
2a00:1450:4001:813::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2003
2a00:1450:400c:c07::9c
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00:298::1931
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:98c1:3120::3
3.126.56.137
3.223.101.22
34.202.133.253
35.190.43.134
35.211.178.172
35.238.129.105
35.244.174.68
37.252.172.45
37.252.173.215
44.196.167.20
52.209.107.65
52.210.88.151
52.45.50.106
52.49.118.209
52.49.242.166
54.205.192.169
54.72.182.0
67.205.176.157
69.173.144.138
70.42.32.191
74.119.119.150
85.17.54.17
91.195.240.87
004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158
00d334a19d88f3d2e38b960842f66f72cac7859e75c77374445bd592cc75dfcf
025e4337e3c0b187ad9311ba6245f342852379ba27ea3e0ed63b6ad2d13ceb17
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
07d5e5f440ca5ac95ca64e9e9bfd61f0feece6a0e7c3c0f5a42d673da490c7d1
09ffdb3e6d22186867640de565afd309cde6d1727665826093f161ea4ae0da8e
0a006127f3ac3af107355ede29826abfa058fd2bf97f5ab9e49e38c36884af8f
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0e7db8a58e717a428cc1ef7503bc697bef2e68751f79e09ecef3bb03599fe747
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
116e677ce1f72ac9525e2e6cd8d26a005c4dd4ba515fb8309023b2f0a2b3397a
17aa2e94685669ebd3d2f5fcada99421d2e980de81f0c6f3be1bb579b6af7e6b
19e30a7d52bf395dc0ab88b8d1fc9f969923c23d3099ab5749a924d6218509dc
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1fb3605148bef5e3a620bb845ed7883d8431f4fb95e15203b9451d243ebb28ac
2095855bb7d7234482f92598b097576fe0cd42a6145e38d3d1ece32a76433add
216164d79ec2c38d34fd4e09557abc30fb551386332a294cbdf48b8a0225f44c
21c7a27fce9ba250a5907d9af97c2617de9e63ff5495f126322c99743fd4a696
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
29fcbc25a1308651702f73d6d3b4d8c2c303ae8305e9bcae3ddf2ecad32e144d
2a831d3198216e96fc92c2e6b702c90fdb0e325e599e1f139176004654183a64
2a8aed2402fa5b8c06158b9712611bcb35bfa05512e69dca5647fd43a712c2ce
2d879cce1d3b8d492e394e9be9e78042509f0d46aac16250c43cace3782a5a55
2e08628dfbdeb5fe6ccc883c071f5fc3da5b9f94f2747d9352d2ae91261bb9cb
2e2885606820de818f23a4d95e72051f4b025951e38578740dac202462cf7dfd
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
35bca1f8707527adec38ae802db6c521d4b8c5eaed78408165f40257a41181c2
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40c5a0b55c7388ca4e499a0d3b42fc8c1895c9a3bbd4968f4c9d0d6ec2774b99
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46da496d8351b32ca05d43bf08fa95ad38602d22c28b79905c896d68fb14d186
46f9d86045547e75575813d1014a355655ea9428ceea6df6ece84a9d6ff30c26
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49ceed1873b2c802ce86b551569c99ad4000f63a197a991d1521514ecbd84ca2
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f6703cd54650cdd75f59266d630970479d273471a330e272cdaaef9481c55cc
50ef2ba0ac1df3b199f3363b5870074528cda342a6ecead079a0e973705e554d
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
536fac39003de603f6c241901f38840138347a972922dba26a673b022d39e7e0
540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559f7cd9a09fd3e5fecd298149ea6c2cf70a1082e391af9ffe6e70b133ce16c7
58a1eb62728fc1e7bd7ad259d095189c0c4707b2d9077eacb11c36bf5886e6b4
5d137e76bbcc453015802e5863586806e8a3a8bd380d7c94138aa94b04a4a5ec
5e3a28df51924c57892c425cf0e17f6509339c8c90c86f9aa71279d3295e66b4
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
65fe5c0c5a06bbf5841f03219a3cb5c120928a84ba31242b21357a0d466426a3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
7b4337c676312e00f11b5e884489a3d9e4ded93e334ce3ddb551fbf94b22f6e6
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d
8276765a27484dcb04805218f99cfdbaa5256ae24350382f1b187798ff16f75f
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
894694eee28fc463a83875d519e70afaf5f40ac7c042d6114c4ee86d156b4067
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c867e21ab932736662064b0ec373b19856d7dd6d42f1b05ce478e976f46b9f0
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
9fe8a8e2261e527d5b294b5cd8781b93cecf8223e22ba45630345578599cf308
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a36500e83ddd457e5e41c712041085e300b4f4bb1776488a6393433895ae05ac
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b5027926c44361f7719bdbbd6a0fb781e13842229b6ca68e38732b6fa40c6aa5
b86f968c4fa9d19bf131438f816036b7accf12cd726ab2ed05d04a96869b6010
b8f53899a9b6f3ce7aa34aeb24ee5d09c3e2d2465d40dc9ca2b3e95744bbe569
b90005e4acdff1d177d32dc0dfa574be6d2e15b915d6ba7156a96d78e183f49d
ba8d74863aaa6b9eb44878b9c505cfdea99cb30c4f46ce0e6adcaef96af9b146
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bd2beb84a9ac7aa13c8f4ca265aca0a75bd952f1b646b0a177258cc33cd9d3c2
bd3e45dfb07a6cd3921b569d6d4dbcdb9b2141f7edc082873f1264d085aaace8
c2132a4328a5491a19eaa05be8842450315c338ed54cbcf4009c77e10fd56307
c812fe49a8e2d3566560c4a1526e150f21ddc5179c05bca844d719eb4fe5d9ba
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
cc5861e1b68d39ff2658b154db037e0ab20aeb049bfb251221afee115ea54c31
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cec2a729182e5d96055c73654d17990a0543ffa9134159a1b0b1c0d4dec02099
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf492e18113596c9f8f09abaaac12b6963a4d154ae02f20e04f1275120cc89f4
d093eeff8b86d94c0f65ea0b61fe2d1e84a43c99e3a3d0d1c8a683933c768e40
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d99113afc3af2b7f7893fc2d6af2518d29730ab4e274364331893b41ca6e6b7a
dab3de50e1ddfa138a0572ae7f02067f29b23ddead6fcd446114e23cbe558249
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7ad4205ecac79256c4fa46922874086b0fd4dad383bfe5e54a2ac38f5703e0
dfc6678e3b812f3097334f84e4f7ed816c8339cd0f1a5e5b90281e8c3374d463
e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982
e21daebd8890f3fdfd7ca9ff810758531241c8d2b6f8834724e226bf58244a28
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8098c6938d10947bf06e59e59b684daf1ef70c1e520bd7e6d4d85e28ee94f00
e95064d178bcf827a4579e68aa03a902d91f6bc66eac7f9e272bcfed9cec863a
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f3b724d23e5fb5dd3ffec93864fe1700974dbffc97e65fca943e606388ce51e1
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f60126adef3f76bf6db4a26fd70b1c2d7c758d3307866883ac7bcf0a456b9aa5
f6051cc7f24a75c1d032e9c04955727a949498a8e77a799e1d1cc048bed43683
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
f784e4a8bb0cee3ec5be0a59c80631ce8375c1070a7b7b3d9924df6dcbe006f3
f7e65d3003acd5423b82e3b81783dc62c180804a0e22181996d6705232a19b7d
fbafd37b04603f38be311dca28a3e5ff54b8117a0bf6b56ba37674367c863dd7
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

cf.spybriefing.com Open in urlscan Pro 2606:4700::6810:dc2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

186 Requests

88 %HTTPS

39 %IPv6

67 Domains

90 Subdomains

79 IPs

8 Countries

6759 kBTransfer

13087 kBSize

92 Cookies

3 Outgoing links

Page URL History

Redirected requests

186 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cf.spybriefing.com Open in urlscan Pro
2606:4700::6810:dc2 Public Scan

Screenshot
Live screenshot

Full Image

186
Requests

88 %
HTTPS

39 %
IPv6

67
Domains

90
Subdomains

79
IPs

8
Countries

6759 kB
Transfer

13087 kB
Size

92
Cookies

186 HTTP transactions
0 data transactions