memberumbrella.com Open in urlscan Pro
172.67.153.226 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://memberumbrella.com/
Submission: On June 24 via api (June 24th 2024, 3:57:28 am UTC) from BE — Scanned from DE

Summary HTTP 62 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 11 domains to perform 62 HTTP transactions. The main IP is 172.67.153.226, located in United States and belongs to CLOUDFLARENET, US. The main domain is memberumbrella.com.
TLS certificate: Issued by E1 on May 23rd 2024. Valid for: 3 months.

This is the only time memberumbrella.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	172.67.153.226 172.67.153.226	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	151.101.129.170 151.101.129.170	54113 (FASTLY) (FASTLY)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:293c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:1200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
62	16

5 172.67.153.226 (United States)

ASN13335 (CLOUDFLARENET, US)

memberumbrella.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 151.101.129.170 (San Francisco, United States)

ASN54113 (FASTLY, US)

c.tadst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:1200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c59bb39b6a005f6775543020cafef86f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	tadst.com c.tadst.com — Cisco Umbrella Rank: 27135	79 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 137 c59bb39b6a005f6775543020cafef86f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 177	39 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 486	104 KB
5	memberumbrella.com memberumbrella.com	398 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 ad.doubleclick.net — Cisco Umbrella Rank: 164	175 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1092	1 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1625 pixel.quantserve.com — Cisco Umbrella Rank: 1193	10 KB
2	btloader.com btloader.com — Cisco Umbrella Rank: 1087 api.btloader.com — Cisco Umbrella Rank: 1198	19 KB
1	gstatic.com fonts.gstatic.com	34 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	2 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1607	2 KB
62	11

	Domain	Requested by
29	c.tadst.com	memberumbrella.com c.tadst.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	memberumbrella.com	memberumbrella.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net memberumbrella.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com memberumbrella.com
3	securepubads.g.doubleclick.net	memberumbrella.com securepubads.g.doubleclick.net
2	ad-delivery.net	memberumbrella.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	c59bb39b6a005f6775543020cafef86f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pixel.quantserve.com	memberumbrella.com
1	ad.doubleclick.net	memberumbrella.com
1	api.btloader.com	btloader.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	memberumbrella.com
1	btloader.com	memberumbrella.com
62	16

This site contains no links.

Subject Issuer	Validity	Valid
memberumbrella.com E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
c.tadst.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-03` - `2025-05-05`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
btloader.com WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
quantserve.com R3	`2024-04-25` - `2024-07-24`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2024-06-04` - `2024-09-02`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
misc-sni.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://memberumbrella.com/
Frame ID: 97B0DFB846C72C99743758DA94E5B423
Requests: 49 HTTP requests in this frame

Frame: https://c59bb39b6a005f6775543020cafef86f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0F615AB699A2A5F1FFB15C59D0D1B3F2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5E2BF46E89D59A67F0F8F3C1650DE90D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012405231944000/amp4ads-v0.mjs
Frame ID: 07E50459E6D0979BE480B7116328AB3A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Current Local Time in Denizli, Turkey

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

62
Requests

97 %
HTTPS

60 %
IPv6

11
Domains

16
Subdomains

16
IPs

2
Countries

864 kB
Transfer

1817 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
memberumbrella.com/ 87 KB
18 KB 248ms
186ms Document
text/html 172.67.153.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://memberumbrella.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.153.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bfd6b7faea18715c35ccc9e6dee5c18778bc3f231e86e4ec82a020024e5a24a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8989cb1acbfb9191-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 24 Jun 2024 03:57:23 GMT
expires: Mon, 24 Jun 2024 03:57:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FlKs9qD0hyk90TeJEiGUrLnfxWkl%2BFolKw3MpAP3eyThQT%2F2dsF1pkX0I07VIzz%2Faf%2FIqIhH%2FZh9Ppj1zDG%2B1qnfMG6xcxGOdXUdtKs6dDDnRI5CDzqJGll7%2BWU8wpZ3quUpOAk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 iconfont.woff2@v8
memberumbrella.com/lander/white-tr-mesmero2/ 5 KB
6 KB 68ms
67ms Font
application/octet-stream 172.67.153.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://memberumbrella.com/lander/white-tr-mesmero2/iconfont.woff2@v8

Requested by

Host: memberumbrella.com
URL: https://memberumbrella.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.153.226 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef4479b867b50cb063a81ff5d78c68ca95b732ef59591375cdecc79d1a57a958

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Origin: https://memberumbrella.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 03:57:23 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Apr 2024 11:23:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6628eba1-15a0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fBRDkBwq0ZzvJVfxarpoxLRYBhS%2BQZhKbGEYg4HqGE2dZkXT168%2Fkqn35u%2Fz9IPrq7lnBU3ginJtKoXYnIxnZTiYTm75WOMzsxO6WOqv%2FpAxFwdwZHnKRX3SF0aCITJoF8ZSlh0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 8989cb1bfce19191-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5536

GET
H2 200 global_31.css.br
c.tadst.com/com/common/ 80 KB
18 KB 150ms
44ms Stylesheet
text/css 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/com/common/global_31.css.br
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 85c10f32ac3cf1d4e831179577e732883d99e9215405c0f3506847ebc5687351

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Mon, 24 Jun 2024 03:57:23 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Fri, 07 Jun 2024 13:09:18 GMT
last-modified: Tue, 30 Apr 2024 10:15:45 GMT
age: 312464
x-timer: S1719201443.298992,VS0,VE1
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: text/css
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 17967
x-served-by: cache-fra-etou8220050-FRA

GET
H3 200 prebidtad.reg.desk_3.js.br Show response
memberumbrella.com/lander/white-tr-mesmero2/ 371 KB
371 KB 87ms
87ms Script
application/octet-stream 172.67.153.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://memberumbrella.com/lander/white-tr-mesmero2/prebidtad.reg.desk_3.js.br

Requested by

Host: memberumbrella.com
URL: https://memberumbrella.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.153.226 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04f51db40dc1ecb0d0661e836432a08de8e5c2556e24c20d179c547c5d6a30f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 03:57:23 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Apr 2024 11:23:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6628eba1-5cb6e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2FWWfcieUPmZsBhY1%2BjiP%2B%2FlQNFi%2FzabUbFv20iBdqoA0lirqnwTYGMHXRZT3oO%2FE9vOlRFTdR1tX57%2FbpLNnC910rjoxdezyaxGrbYmClkV%2FvfUZFbKCf9Jf%2BREIfpE%2Ft26uXA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 8989cb1bfce39191-FRA
alt-svc: h3=":443"; ma=86400
content-length: 379758

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
31 KB 160ms
80ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: memberumbrella.com
URL: https://memberumbrella.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ff4206df81a2f0aa9506061cc46bf06f9a9a886790a3d0be947e6b35290dd7b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 03:57:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31468
x-xss-protection: 0
server: cafe
etag: 625 / 19898 / m202406170101 / config-hash: 994685364493883849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 24 Jun 2024 03:57:23 GMT

GET
H2 200 tag Show response
btloader.com/ 55 KB
19 KB 139ms
50ms Script
application/javascript 2606:4700:10::ac43:293c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5174239513018368&upapi=true
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b5a438070e7cd73cf158f9a3f3f10402657392d6149779a57ac47e77361537a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 03:57:23 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 24 Jun 2024 02:57:03 GMT
server: cloudflare
age: 3414
etag: "57472f837e07aa09dd05828de19fc294"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8989cb1c9d079131-FRA
content-length: 18694

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 129ms
40ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 03:57:23 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 01 Jul 2024 03:57:23 GMT

GET
H2 200 tpl_banner_22.css.br
c.tadst.com/com/common/ 9 KB
2 KB 147ms
41ms Stylesheet
text/css 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/com/common/tpl_banner_22.css.br
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 09db698e1c40227a81ec4886e65dcc230b544324c7981cd203b5455058a7476f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 359
date: Mon, 24 Jun 2024 03:57:23 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Fri, 07 Jun 2024 12:17:57 GMT
last-modified: Tue, 23 Jan 2024 10:09:18 GMT
age: 315565
x-timer: S1719201443.299223,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: text/css
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 1536
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 citypages_53.css.br
c.tadst.com/com/common/ 10 KB
3 KB 144ms
39ms Stylesheet
text/css 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/com/common/citypages_53.css.br
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3140d841459c7dc7b848d1ddc37c07120d8b2558decb24450b0c4aa9d1d2d866

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 10
date: Mon, 24 Jun 2024 03:57:23 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Fri, 07 Jun 2024 12:17:57 GMT
last-modified: Tue, 23 Jan 2024 10:09:22 GMT
age: 315562
x-timer: S1719201443.298746,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: text/css
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 2738
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 city_overview_26.css.br
c.tadst.com/com/common/ 12 KB
3 KB 143ms
38ms Stylesheet
text/css 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/com/common/city_overview_26.css.br
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9d17e6d55bf3d47e1932a1bafbe4f9a6737e79e982c38dfc2981cad4918d59e2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 5
date: Mon, 24 Jun 2024 03:57:23 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Fri, 07 Jun 2024 12:17:58 GMT
last-modified: Tue, 23 Jan 2024 10:09:15 GMT
age: 1129134
x-timer: S1719201443.298630,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: text/css
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 2921
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 tr.png
c.tadst.com/gfx/n/fl/48/ 861 B
976 B 53ms
47ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/fl/48/tr.png
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5571293335b57878844fbad3aea3f8af9e9909f90f00249b6f0b676e86a01333

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Mon, 24 Jun 2024 03:57:23 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:08:14 GMT
last-modified: Sat, 05 Sep 2015 22:17:25 GMT
age: 1036449
x-timer: S1719201443.345052,VS0,VE1
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 861
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 tr-10.png
c.tadst.com/gfx/citymap/ 7 KB
7 KB 147ms
42ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/citymap/tr-10.png?9
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2f7f8f2d1ccc10a6e92fc58f6818f26ab3385765b92f46b84678f739c5cc31a6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Mon, 24 Jun 2024 03:57:23 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:08:14 GMT
last-modified: Thu, 21 Jul 2016 13:41:05 GMT
age: 1524949
x-timer: S1719201443.299196,VS0,VE1
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 6939
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 icon-map-pin.png
c.tadst.com/gfx/n/icon/ 441 B
606 B 52ms
47ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/icon/icon-map-pin.png
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fa052601ef12ee9562dfc62b446d1a8a3ebad33ed9e9108bf0675f3a09ef7b65

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 4
date: Mon, 24 Jun 2024 03:57:23 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Sun, 11 Jan 2015 02:07:33 GMT
age: 329821
x-timer: S1719201443.345051,VS0,VE0
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 441
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 wt-7.svg
c.tadst.com/gfx/w/svg/ 2 KB
756 B 48ms
43ms Image
image/svg+xml 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/w/svg/wt-7.svg
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ee3e3c9a4c1c88c2490b22a3c2811657ca2ba50e38426ae5bbc985e8bf19f33c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 4
date: Mon, 24 Jun 2024 03:57:23 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Tue, 25 Feb 2020 15:57:01 GMT
age: 524204
x-timer: S1719201443.344761,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: image/svg+xml
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 581
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 wt-2.svg
c.tadst.com/gfx/w/svg/ 2 KB
661 B 48ms
43ms Image
image/svg+xml 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/w/svg/wt-2.svg
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7d160e1776e304d37c9c2b636563d7dfce97d3a4db4ed05025c7c9df951ae058

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 3
date: Mon, 24 Jun 2024 03:57:23 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Mon, 30 Mar 2020 11:44:13 GMT
age: 434036
x-timer: S1719201443.344740,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: image/svg+xml
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 568
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 wc-tmz.png
c.tadst.com/gfx/n/i/ 987 B
1 KB 146ms
41ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-tmz.png
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8a0dddcb62bcc681f8cda02134c3216e93ec701bfcb19adbf311935600eacb8f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 2
date: Mon, 24 Jun 2024 03:57:23 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Sun, 11 Jan 2015 02:07:10 GMT
age: 527635
x-timer: S1719201443.299196,VS0,VE0
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 987
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 wc-nodst.png
c.tadst.com/gfx/n/i/ 717 B
832 B 51ms
46ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-nodst.png
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c00280650f672626c573272512b1ccb326c2a8bc16ee87b1c41ca88f7f80da94

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 2
date: Mon, 24 Jun 2024 03:57:23 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:42 GMT
last-modified: Sun, 11 Jan 2015 02:07:09 GMT
age: 1525160
x-timer: S1719201443.345012,VS0,VE0
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 717
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 wc-dff.png
c.tadst.com/gfx/n/i/ 716 B
808 B 45ms
39ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-dff.png
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b5aa51ea20ae2ea52cd995c3dd0002e1bf9d8d014a72f8d7b519a1adf673522a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 4
date: Mon, 24 Jun 2024 03:57:23 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Sun, 11 Jan 2015 02:07:06 GMT
age: 450119
x-timer: S1719201443.343752,VS0,VE0
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 716
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 wc-snr.png
c.tadst.com/gfx/n/i/ 469 B
657 B 46ms
40ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-snr.png
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d8138b7a7a9081c3cfe1a7c96f85f4d92b6e66f55700356dec892b8e28509b44

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 5
date: Mon, 24 Jun 2024 03:57:23 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Sun, 11 Jan 2015 02:07:10 GMT
age: 1525164
x-timer: S1719201443.343895,VS0,VE0
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 469
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 wc-sns.png
c.tadst.com/gfx/n/i/ 466 B
529 B 46ms
40ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-sns.png
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a9aa1e94039ec3e2d657e3dc598c5ba7f67fb68a48e330fd9832b3cb50f949f0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 6
date: Mon, 24 Jun 2024 03:57:23 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Sun, 11 Jan 2015 02:07:10 GMT
age: 1525164
x-timer: S1719201443.343869,VS0,VE0
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 466
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 wc-dln.png
c.tadst.com/gfx/n/i/ 607 B
696 B 51ms
46ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-dln.png
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7690fe188596a70bfd1cf255a78a79947dcba2e9cc46481cef75db835ee38fa3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 3
date: Mon, 24 Jun 2024 03:57:23 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Sun, 11 Jan 2015 02:07:08 GMT
age: 1525165
x-timer: S1719201443.345057,VS0,VE0
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 607
x-served-by: cache-fra-etou8220050-FRA

GET
H3 200 moon.php@m=1&i=0.998&p=3.845&r=0.266
memberumbrella.com/lander/white-tr-mesmero2/ 1 KB
2 KB 63ms
63ms Image
application/octet-stream 172.67.153.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://memberumbrella.com/lander/white-tr-mesmero2/moon.php@m=1&i=0.998&p=3.845&r=0.266

Requested by

Host: memberumbrella.com
URL: https://memberumbrella.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.153.226 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541a25ed4f2a16dbfae243dd9885cc998b09649e06d37b318e732f92c637fe01

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 03:57:23 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Apr 2024 11:23:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6628eba1-4e7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yHLqAIsJFsZGLWflpF5rcjXoSTMsrcW4dOlz7aATUL5GMvWo%2F1daiDbouceTgS6%2FvXEaRCcL%2FFjN9OVsK32l6XybBkGCHQKx0hk89vhmbhBjGu5p3r6gek0xSjBdUw0Ou05%2BJSs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 8989cb1c2d079191-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1255

GET
H2 200 wc-clc.png
c.tadst.com/gfx/n/i/ 457 B
560 B 49ms
43ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-clc.png
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b342157b6e91ecd217341928d5fe8b2b723aabfd9a9cadbbb8c1094b250ef12d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 4
date: Mon, 24 Jun 2024 03:57:23 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Sun, 11 Jan 2015 02:07:04 GMT
age: 507565
x-timer: S1719201443.344705,VS0,VE0
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 457
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 wc-cal.png
c.tadst.com/gfx/n/i/ 423 B
512 B 47ms
42ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-cal.png
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2f0fd4c6fc5db5f1ea9fe9eba9ad25901cd6c38964915f235ebbf02332a0128e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 5
date: Mon, 24 Jun 2024 03:57:23 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Sun, 11 Jan 2015 02:07:02 GMT
age: 948609
x-timer: S1719201443.344694,VS0,VE0
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 423
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 wc-nrb.png
c.tadst.com/gfx/n/i/ 426 B
518 B 49ms
44ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-nrb.png
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a2a5fc560c5b46a79385b2c425fccfdb13808281bc2fa3ab7f4960ea597561ce

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 5
date: Mon, 24 Jun 2024 03:57:23 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Sun, 11 Jan 2015 02:07:10 GMT
age: 1051556
x-timer: S1719201443.344680,VS0,VE0
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 426
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 logo-2021--horizontal-inverted-darkbg.svg
c.tadst.com/gfx/n/logo/ 3 KB
1 KB 44ms
41ms Image
image/svg+xml 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/logo/logo-2021--horizontal-inverted-darkbg.svg
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 297cd8b0fe160762ae89400620fd42a099b16af38aeceae08e7c48b681313e0e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1413
date: Mon, 24 Jun 2024 03:57:23 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:34 GMT
last-modified: Fri, 26 May 2023 07:30:21 GMT
age: 1525170
x-timer: S1719201443.344666,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: image/svg+xml
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 1112
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 tr.png
c.tadst.com/gfx/n/fl/128/ 2 KB
2 KB 72ms
70ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/fl/128/tr.png
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 876dc1a0b2578479bb9c086e503dd0ea5bb9d5fabef5302419ceadde930d2727

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Mon, 24 Jun 2024 03:57:23 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:08:14 GMT
last-modified: Sat, 04 Jul 2015 22:20:13 GMT
age: 440973
x-timer: S1719201443.374118,VS0,VE1
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 2366
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 wcommon_27.js.br Show response
c.tadst.com/com/common/ 51 KB
21 KB 53ms
47ms Script
application/javascript 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/com/common/wcommon_27.js.br
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 077572536e8c66c7d44492376cc4d7f749633ed420bebdd00bdddfc4971539c4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Mon, 24 Jun 2024 03:57:23 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Fri, 21 Jun 2024 12:22:17 GMT
last-modified: Wed, 12 Jun 2024 07:42:26 GMT
age: 315305
x-timer: S1719201443.344001,VS0,VE3
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: application/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 20953
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 togglefullscreen_11.js.br Show response
c.tadst.com/com/common/ 2 KB
1 KB 48ms
42ms Script
application/javascript 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/com/common/togglefullscreen_11.js.br
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1d6c1eb6129a6eda2d6622390def01b906dba2a1fafc75beed913ea76b0813b2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 4
date: Mon, 24 Jun 2024 03:57:23 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Fri, 21 Jun 2024 12:18:01 GMT
last-modified: Wed, 12 Jun 2024 07:42:02 GMT
age: 315562
x-timer: S1719201443.344793,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: application/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 1012
x-served-by: cache-fra-etou8220050-FRA

GET
H3 200 classonhover.js Show response
memberumbrella.com/lander/white-tr-mesmero2/ 1 KB
1 KB 197ms
197ms Script
application/javascript 172.67.153.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://memberumbrella.com/lander/white-tr-mesmero2/classonhover.js
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.153.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11477603ff1a8a307c02a1463df2d4a3da182b85a15bedd5e0e557733de17401

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 03:57:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 24 Apr 2024 11:23:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6628eba1-5cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OFi%2BQorb%2Bq%2Fd4%2F0OgZSOf%2BTn0rScNZv4VaOFuaVG34YYuuKlMvzNiJJ4M%2FzouX7%2F4AA84sr2qTEcaINwCxilcxLx%2B37Tcx1Hf4X6NnRDHr%2FQ0KejJHa8nwi%2Bm%2BX6nL78sXdcSqY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8989cb1c2d099191-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jul 2024 03:57:23 GMT

GET
H2 200 rules-p-8QLn8vj66GL9W.js Show response
rules.quantcount.com/ 4 KB
2 KB 123ms
40ms Script
application/javascript 2600:9000:223c:1200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-8QLn8vj66GL9W.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cae04a82151b0dbf40cb7c3853cb4e75761e22973b9d0d0bfe3dd8da5fee5b69

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 03:06:32 GMT
content-encoding: gzip
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 3052
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Wed, 02 Nov 2022 13:45:25 GMT
server: AmazonS3
etag: W/"413808edb2d8489603e145cf44d200ee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: WhBZJwZ9NxQdYxRKS1HtZ0iNnco4j0qteSjEfWWkuD4Viu0T29huKg==

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 240ms
154ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5174239513018368&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 24 Jun 2024 03:57:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
336 B 134ms
48ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 03:57:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65523
x-guploader-uploadid: ACJd0NogFWNOPXIaIQIUwSsSF9dgvEpz3gNtP5CnXp63p5Wq9hLK3IKjdhyT54xqIEjNUykIZivVAN3WPg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HFyOQUxBMc4ptAtWaAAWFmANpaJgL3Z0N8xppq0PPuupF9jFg0ZOZ4W2hKcrqp6MkAv0iQbq5WtuKQWfyib2rk%2Bi93Qi3%2Battx3IHpHPBOpaznqgI4n9xkEtmGM2VgZRlO0lKWyg7vyVCZ8puw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8989cb1d8a939176-FRA
expires: Sun, 23 Jun 2024 10:42:08 GMT

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 90ms
40ms Image
image/x-icon 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: memberumbrella.com
URL: https://memberumbrella.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 14:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48794
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 24 Jun 2024 14:24:09 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
922 B 133ms
47ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.4096223743098706
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 03:57:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65523
x-guploader-uploadid: ACJd0NogFWNOPXIaIQIUwSsSF9dgvEpz3gNtP5CnXp63p5Wq9hLK3IKjdhyT54xqIEjNUykIZivVAN3WPg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nNmigLJE9maF5PohGYbeSQEgKDdxqiDZ0mPaUifu%2F2y6RnFjwTot%2BbBCUh4ZRL1L%2BhJmUJjY7uOA2SuSdc9T2dQ0nG1262K%2Fvp%2FtWJhj8CPRqcm8jYEj2UmdJNwFO1FkgeHWAJHmy4c5pJORYg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8989cb1d8a929176-FRA
expires: Sun, 23 Jun 2024 10:42:08 GMT

GET
H2 200 banner--2023.svg
c.tadst.com/gfx/n/ 2 KB
994 B 51ms
40ms Image
image/svg+xml 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/banner--2023.svg
Requested by: Host: c.tadst.com
URL: https://c.tadst.com/com/common/global_31.css.br
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5a03058e53c7d4a03d7348a052995ff28c6577433179cbfd930d4d6bb6efa406

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://c.tadst.com/com/common/global_31.css.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 47
date: Mon, 24 Jun 2024 03:57:23 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Wed, 20 Sep 2023 13:28:14 GMT
age: 1525165
x-timer: S1719201443.393404,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: image/svg+xml
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 865
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 logo-2021--vertical-color-whitebg.svg
c.tadst.com/gfx/n/logo/ 8 KB
4 KB 51ms
41ms Image
image/svg+xml 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/logo/logo-2021--vertical-color-whitebg.svg
Requested by: Host: c.tadst.com
URL: https://c.tadst.com/com/common/global_31.css.br
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f33acb319f8f8a4cf1d577a5723a232ceb2739d041eb363eb61b357b907ba69a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://c.tadst.com/com/common/global_31.css.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 58
date: Mon, 24 Jun 2024 03:57:23 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Fri, 24 Sep 2021 10:22:46 GMT
age: 937634
x-timer: S1719201443.393497,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: image/svg+xml
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 3481
x-served-by: cache-fra-etou8220050-FRA

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/ 463 KB
144 KB 42ms
41ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 20:28:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26916
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147664
x-xss-protection: 0
server: cafe
etag: 1926151935331161023
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 23 Jun 2025 20:28:47 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 72 B
80 B 153ms
71ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=memberumbrella.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

590e2f087ca5021e4218ce34a4f8b58bf2725c4d7fef274b97b0aa84767482b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 03:57:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
x-xss-protection: 0
expires: Mon, 24 Jun 2024 03:57:23 GMT

GET
H2 200 service__supporter.svg
c.tadst.com/gfx/n/i/ 964 B
613 B 39ms
39ms Image
image/svg+xml 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/service__supporter.svg
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9de07b9af64229d0697f40ad1a422f3ef7ac84cbb1e89ed8116a2a6d5f3e3d94

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 9
date: Mon, 24 Jun 2024 03:57:23 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:36 GMT
last-modified: Fri, 15 Jun 2018 08:21:10 GMT
age: 1525167
x-timer: S1719201444.501861,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: image/svg+xml
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 497
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 spr-footer-social.png
c.tadst.com/gfx/n/i/ 2 KB
3 KB 39ms
38ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/spr-footer-social.png
Requested by: Host: c.tadst.com
URL: https://c.tadst.com/com/common/global_31.css.br
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 10c56d84fe8a6c731b232b702f3ad71e643adc1fc118892b9834697d218aa1a0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://c.tadst.com/com/common/global_31.css.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 2213
date: Mon, 24 Jun 2024 03:57:23 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:34 GMT
last-modified: Mon, 30 Oct 2023 09:22:39 GMT
age: 1525168
x-timer: S1719201444.503813,VS0,VE0
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 2451
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 pixel;r=1532270645;rf=0;a=p-8QLn8vj66GL9W;url=https%3A%2F%2Fmemberumbrella.com%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-991057393-1719201443333;pbc...
pixel.quantserve.com/ 35 B
456 B 43ms
41ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1532270645;rf=0;a=p-8QLn8vj66GL9W;url=https%3A%2F%2Fmemberumbrella.com%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-991057393-1719201443333;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=memberumbrella.com;dst=1;et=1719201443488;tzo=-120;ogl=image.https%3A%2F%2Fwww%252Etimeanddate%252Ecom%2Fscripts%2Fcityog%252Ephp%3Ftitle%3DCurrent%2520Local%2520Time%2520in%2Cimage%3Awidth.1366%2Cimage%3Aheight.738%2Ctype.website;ses=e3d8f369-a77c-4224-89a5-50290d09af19;mdl=

Requested by

Host: memberumbrella.com
URL: https://memberumbrella.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 03:57:23 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 logo-2021--horizontal-color-whitebg.svg
c.tadst.com/gfx/n/logo/ 8 KB
4 KB 39ms
38ms Image
image/svg+xml 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/logo/logo-2021--horizontal-color-whitebg.svg
Requested by: Host: memberumbrella.com
URL: https://memberumbrella.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 61b74e87662c8856f5d3bf3f8ae9f6f3405d76a6ba5df3815f548dd0f0f3f36d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 64
date: Mon, 24 Jun 2024 03:57:23 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:36 GMT
last-modified: Thu, 23 Sep 2021 08:12:11 GMT
age: 1525167
x-timer: S1719201444.511536,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: image/svg+xml
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 3515
x-served-by: cache-fra-etou8220050-FRA

GET
H2 200 favicon-32x32.png
c.tadst.com/ 741 B
854 B 39ms
39ms Other
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/favicon-32x32.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3323913991aeb916043c96187df36e4e4b6d59ef4349f7efbc5465089a04009b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220050-FRA
date: Mon, 24 Jun 2024 03:57:23 GMT
via: 1.1 varnish
last-modified: Mon, 11 Sep 2023 18:39:47 GMT
age: 14807
x-timer: S1719201444.608581,VS0,VE0
etag: "2e5-60519a69bf3c6"
x-cache: HIT
content-type: image/png
accept-ranges: bytes
content-length: 741
x-cache-hits: 2

GET
H2 200 favicon-16x16.png
c.tadst.com/ 456 B
539 B 40ms
39ms Other
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/favicon-16x16.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5164076595a480f57d530a850655617e7f1cfa896856492efdc28f52c8a42627

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220050-FRA
date: Mon, 24 Jun 2024 03:57:23 GMT
via: 1.1 varnish
last-modified: Mon, 11 Sep 2023 18:39:47 GMT
age: 74486
x-timer: S1719201444.650865,VS0,VE0
etag: "1c8-60519a69b76ad"
x-cache: HIT
content-type: image/png
accept-ranges: bytes
content-length: 456
x-cache-hits: 72

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 178ms
95ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202406170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a620c7efe98a6c624850677a4987a2ed8dc636b9508498458e75c45e8387c4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 03:57:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12859
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 57 KB
13 KB 489ms
427ms Fetch
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=2844909671133348&correlator=403409907797670&eid=31079957%2C31079525%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202406170101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=1004254%2Ctadcom_300x600%2Ctadcom_970&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x600%7C300x250%7C160x600%7C120x600%2C970x90%7C728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1719201446525&lmt=1719201446&adxs=1284%2C430&adys=338%2C10&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&url=https%3A%2F%2Fmemberumbrella.com%2F&vis=1&psz=300x11%7C970x-1&msz=300x0%7C970x-1&fws=512%2C512&ohw=0%2C0&ga_vid=1693283607.1719201447&ga_sid=1719201447&ga_hid=65359805&ga_fc=false&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1719201443172&idt=381&cust_params=ab%3Db%26hr%3D10%26ut%3Ds%26art%3D3712%26si%3D1&adks=686471698%2C2541254599&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9ad5fd0babddb902b56203c77db37a72e72235d64a0fb1c5ebbb7066bc6eb41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 03:57:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13114
x-xss-protection: 0
google-lineitem-id: -2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://memberumbrella.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c59bb39b6a005f6775543020cafef86f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0F61 0
0 183ms
46ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c59bb39b6a005f6775543020cafef86f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://memberumbrella.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jun 2024 03:57:26 GMT
expires: Mon, 24 Jun 2024 03:57:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 158ms
55ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 03:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 24 Jun 2024 03:57:26 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5E2B 0
0 126ms
40ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://memberumbrella.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 46808
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jun 2024 14:57:18 GMT
expires: Mon, 23 Jun 2025 14:57:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012405231944000/ Frame 07E5 196 KB
56 KB 185ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405231944000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3ef0328b9e699304f321dac58d3f7aaeae3203bfdb04f1c3c85990d4b5d1b70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 19 Jun 2024 11:00:26 GMT
age: 406621
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56221
x-xss-protection: 0
server: sffe
etag: "4f8c718905502572"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 19 Jun 2025 11:00:26 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012405231944000/v0/ Frame 07E5 15 KB
5 KB 268ms
125ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405231944000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6254fb3bab91044c5237f2337add838f4aa853f30b4dae6725b61acd95d6b33

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 19 Jun 2024 11:00:24 GMT
age: 406623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5215
x-xss-protection: 0
server: sffe
etag: "520f632e10627ab5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 19 Jun 2025 11:00:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012405231944000/v0/ Frame 07E5 95 KB
28 KB 248ms
105ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405231944000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b003c20bcde948b63be4c022ab5c4d83c1a639f6ac2d658839fdcc2a955670f6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 19 Jun 2024 11:00:24 GMT
age: 406623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29049
x-xss-protection: 0
server: sffe
etag: "d2ee33e5ff8fd311"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 19 Jun 2025 11:00:24 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012405231944000/v0/ Frame 07E5 5 KB
2 KB 245ms
103ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405231944000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d7f525f2da6e73de996f39ecc0d200f1a6c8e2555dbc5d9022e677f2be3d9f9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 19 Jun 2024 11:00:26 GMT
age: 406621
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1909
x-xss-protection: 0
server: sffe
etag: "bfb34e064e92ea30"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 19 Jun 2025 11:00:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012405231944000/v0/ Frame 07E5 40 KB
13 KB 271ms
129ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405231944000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5474849a40cebcdaf1d26ef7b09c19033284aa51a6ac0ebdb95ac7736cc59c22

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 19 Jun 2024 11:00:26 GMT
age: 406621
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12965
x-xss-protection: 0
server: sffe
etag: "35ded0b44597563f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 19 Jun 2025 11:00:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 07E5 18 KB
2 KB 147ms
47ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac0de4b42abf65a70a248df54d442549060d9c7d478dbffcc975fa3b5b2eb2a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jun 2024 03:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jun 2024 02:27:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jun 2024 03:57:27 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15418615844798036040/ Frame 07E5 4 KB
4 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15418615844798036040/14763004658117789537?w=195&h=102&tw=1&q=75

Requested by

Host: memberumbrella.com
URL: https://memberumbrella.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8794fe49acc43cb0e2367fc1fec4591b20b237cb8450b7dfe5dbda9c55b21b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 18 Jun 2025 15:08:10 GMT
date: Tue, 18 Jun 2024 15:08:10 GMT
x-content-type-options: nosniff
age: 478157
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4008
x-xss-protection: 0
last-modified: Sat, 06 Apr 2024 15:37:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 07E5 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 084acc7287adad6bd165da6d65811928439ebaa5bc333ecc1a9e8d71d0983e52

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 en.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 07E5 2 KB
2 KB 125ms
40ms Image
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: memberumbrella.com
URL: https://memberumbrella.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 20:06:50 GMT
x-content-type-options: nosniff
server: cafe
age: 28237
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 24 Jun 2024 20:06:50 GMT

GET
H3 200 icon.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 07E5 295 B
319 B 123ms
39ms Image
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: memberumbrella.com
URL: https://memberumbrella.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://memberumbrella.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 14:46:19 GMT
x-content-type-options: nosniff
server: cafe
age: 47468
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 24 Jun 2024 14:46:19 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v59/ Frame 07E5 33 KB
34 KB 127ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v59/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://memberumbrella.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:46:54 GMT
x-content-type-options: nosniff
age: 479433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34184
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 23:36:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:46:54 GMT

GET adview
pagead2.googlesyndication.com/pagead/ Frame 07E5 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/adview?ai=CKQ8-pu54Zv7RJ8qMjuwPuryN0A6Hxpq_eObT1-O9EpCgzLbeCRABIMix_BtglYKAgJQHoAH--ObZKcgBCeACAKgDAcgDCqoEpgJP0E4KPNm0JXkDgh13vqNU5_42IoZe0KL7EFxf1IT9DD_0CACiqGlTrhwjXPmUzmRb16yQ79uShexpnuSWlNAACsDCRglWEHFbuetbYIieLE236V53PCt7wqnxDHY_T1G6hP0U3Wph5PKG6d0jtipBtV45RtlZ9oiFzG0SeZNMBpTRzKW61mNvMUV08zS4Pr_wwRsj2bSs0XvrWTJawbnZn73JCPkmR2HMBiItLf9eGOZVKAWcPOBKq5HVZROlGu2VQ4KVlte5Dak0IVhREwYdPALFKQZkZ_71gg4YjwzMd2ja4t419--RysuUJuKqnANngDn1xo9FPZjVqKqSDLBHlah6q0fqmODCKGDyOdgNGz0bqQh-jp2AzYfK8OJPJbmC3mfmzgzABJ2-65DXBOAEAYgF6b6X6k6SBQQIBBgBkgUECAUYBKAGLoAH_rC3uQSoB9m2sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAPIHBBCIlQbSCCoIkeGAcBABGB0yB-uLgOC_gA06CACAgICAgJQoSL39wTpYyLiYvKzzhgOaCSZodHRwczovL2Jlcmd4cGVydGVuLmRlL3Byb2R1Y3RzL29ydGhveIAKA8gLAeINEwip45i8rPOGAxVKhoMHHTpeA-rYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDAzNDI2NzY5MjA5MTQ0OBiu4AWyGAkSAsFPGC4iAQA&sigh=WmgdEpO_2Yw&uach_m=%5B%5D&ase=2&nis=6&template_id=5000&cbvp=2

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202406170101&jk=2844909671133348&bg=!4uGl4a7NAAb64txl2uI7ADQBe5WfOKLjOEAUdYfoNB4hCuzh7i2Dn4vRtz1rMh3f-38ba4c2xUBkquNqAKJ6clhYKdyDAgAAAEVSAAAAA2gBB34ANgrTrGUnbY2dfgxY-LwPVPvQfYVZP3kWGtE5lhh7sp__drcnnP8-JS0H2-piPOLSktIOcjCrCgoAYH0Oc-xqA7pkr8_hVubU_n_5QT02YRN311tcIl25RoIxSJRbM4uUrPy9vq65jBA0ZJ1Fu0bqkJeHA9v0l8hp0pXbqclsNB6bDymWPKKux9vaLNvT-nPaZk67TD9ptyMWwpkCrpib1N0JPHZqKwK9mSdYb_NrrENYG4dMlirdbb9axrStePTpkPU9Jq0JsxktGFT95EEGYm5bwsxuwF1C5zbFBMq8aQIUQ6smutnMaDGP8KA1PmUisVhXs949pot_nDW9HLZCeq0ud5Rc6ktxJ6FexJJlfUbM8lkOma8P-DnaK2ZDUWKeWgiJfegJBJ2Cgt87xCq-NOf9akb9R7alGs_OcZogDw-GRL6cypQYR3vca_46zXU9qVkS9AmnyearWZTDQRKZpG0DVWOziIYIVNfj6ZrLYrzVqWYxig8gyJX7OrvBl3Qkkfb71tIVjAiSi6dc9PxcTyk6PAbtnyM1zuxOE3dAlbMNkP2C5Mu8lWi8Q6Wfn_FHqtiKakHpgeg2qj7PS6g82dbZ5Kg3uYD9MYQ0e2JYZqrKGlSgL2Mu1ms14YdJKWbnK0tX7MaD7-uO_u8mahX4yolIm3J1yTAzY6-s3SFrDnJMqOGfONG6luDEggkyhGDUD2QBQrVUQelL6Kz4-Ki6_oSl6cAgGL2vnQeBQD_HQrDUtWA7JK6XeZsa1YksTCe38GEyr_rKHA6heJrk3CyCr6g_-VocwWUCM2oRka-ZYn6FjaBMulv0ba7wlD9IwOvapghGtcNOCIMrfMwNyHqPyO7QJdC1txFeYZhWOLp7yq8lIj6DgtoTebx6Sxl2x6COtudOyn9gxJrEhjRaCicGiLeCjGLxcH8TJxXnL-wgxnRnzQfE-e2iUwksiFGFpCZQxF5D7XR4VyMGeo__cPFjhOqOXvo8jBncITG7GND3rTxJciKoBzVKyTCrjjv9uw3TnQzl7yJAzNUbHprgP-iuhAu7xK8FFIxtM4K_tK8OVfMmP9uWRjfAKsUNCXX-XXWRBlOxqYEQd_R5dh-tei_UI_k3Id66Z3jJ2U_a

Verdicts & Comments Add Verdict or Comment

181 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.quantserve.com/	1970-01-21 07:03:35	Name: mc Value: 6678eea3-7ccec-69668-63410
			.memberumbrella.com/	1970-01-21 06:57:50	Name: __qca Value: P0-991057393-1719201443333

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://memberumbrella.com/(Line 1076) Message: Refused to execute script from 'https://memberumbrella.com/lander/white-tr-mesmero2/prebidtad.reg.desk_3.js.br' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
api.btloader.com
btloader.com
c.tadst.com
c59bb39b6a005f6775543020cafef86f.safeframe.googlesyndication.com
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
memberumbrella.com
pagead2.googlesyndication.com
pixel.quantserve.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
130.211.23.194
142.250.181.226
142.250.184.198
142.250.185.194
151.101.129.170
172.67.153.226
2600:9000:223c:1200:6:44e3:f8c0:93a1
2606:4700:10::ac43:293c
2606:4700:20::681a:246
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:806::2001
2a00:1450:4001:806::200a
2a00:1450:4001:810::2001
2a00:1450:4001:813::2003
2a00:1450:4001:831::2001
04f51db40dc1ecb0d0661e836432a08de8e5c2556e24c20d179c547c5d6a30f8
077572536e8c66c7d44492376cc4d7f749633ed420bebdd00bdddfc4971539c4
084acc7287adad6bd165da6d65811928439ebaa5bc333ecc1a9e8d71d0983e52
09db698e1c40227a81ec4886e65dcc230b544324c7981cd203b5455058a7476f
10c56d84fe8a6c731b232b702f3ad71e643adc1fc118892b9834697d218aa1a0
11477603ff1a8a307c02a1463df2d4a3da182b85a15bedd5e0e557733de17401
1d6c1eb6129a6eda2d6622390def01b906dba2a1fafc75beed913ea76b0813b2
297cd8b0fe160762ae89400620fd42a099b16af38aeceae08e7c48b681313e0e
2f0fd4c6fc5db5f1ea9fe9eba9ad25901cd6c38964915f235ebbf02332a0128e
2f7f8f2d1ccc10a6e92fc58f6818f26ab3385765b92f46b84678f739c5cc31a6
3140d841459c7dc7b848d1ddc37c07120d8b2558decb24450b0c4aa9d1d2d866
3323913991aeb916043c96187df36e4e4b6d59ef4349f7efbc5465089a04009b
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3d7f525f2da6e73de996f39ecc0d200f1a6c8e2555dbc5d9022e677f2be3d9f9
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
5164076595a480f57d530a850655617e7f1cfa896856492efdc28f52c8a42627
541a25ed4f2a16dbfae243dd9885cc998b09649e06d37b318e732f92c637fe01
5474849a40cebcdaf1d26ef7b09c19033284aa51a6ac0ebdb95ac7736cc59c22
5571293335b57878844fbad3aea3f8af9e9909f90f00249b6f0b676e86a01333
590e2f087ca5021e4218ce34a4f8b58bf2725c4d7fef274b97b0aa84767482b5
5a03058e53c7d4a03d7348a052995ff28c6577433179cbfd930d4d6bb6efa406
61b74e87662c8856f5d3bf3f8ae9f6f3405d76a6ba5df3815f548dd0f0f3f36d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7690fe188596a70bfd1cf255a78a79947dcba2e9cc46481cef75db835ee38fa3
7b5a438070e7cd73cf158f9a3f3f10402657392d6149779a57ac47e77361537a
7bfd6b7faea18715c35ccc9e6dee5c18778bc3f231e86e4ec82a020024e5a24a
7d160e1776e304d37c9c2b636563d7dfce97d3a4db4ed05025c7c9df951ae058
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
85c10f32ac3cf1d4e831179577e732883d99e9215405c0f3506847ebc5687351
876dc1a0b2578479bb9c086e503dd0ea5bb9d5fabef5302419ceadde930d2727
89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f
8a0dddcb62bcc681f8cda02134c3216e93ec701bfcb19adbf311935600eacb8f
9ad5fd0babddb902b56203c77db37a72e72235d64a0fb1c5ebbb7066bc6eb41c
9d17e6d55bf3d47e1932a1bafbe4f9a6737e79e982c38dfc2981cad4918d59e2
9de07b9af64229d0697f40ad1a422f3ef7ac84cbb1e89ed8116a2a6d5f3e3d94
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2a5fc560c5b46a79385b2c425fccfdb13808281bc2fa3ab7f4960ea597561ce
a620c7efe98a6c624850677a4987a2ed8dc636b9508498458e75c45e8387c4e7
a9aa1e94039ec3e2d657e3dc598c5ba7f67fb68a48e330fd9832b3cb50f949f0
ac0de4b42abf65a70a248df54d442549060d9c7d478dbffcc975fa3b5b2eb2a0
b003c20bcde948b63be4c022ab5c4d83c1a639f6ac2d658839fdcc2a955670f6
b342157b6e91ecd217341928d5fe8b2b723aabfd9a9cadbbb8c1094b250ef12d
b5aa51ea20ae2ea52cd995c3dd0002e1bf9d8d014a72f8d7b519a1adf673522a
b8794fe49acc43cb0e2367fc1fec4591b20b237cb8450b7dfe5dbda9c55b21b8
c00280650f672626c573272512b1ccb326c2a8bc16ee87b1c41ca88f7f80da94
cae04a82151b0dbf40cb7c3853cb4e75761e22973b9d0d0bfe3dd8da5fee5b69
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3ef0328b9e699304f321dac58d3f7aaeae3203bfdb04f1c3c85990d4b5d1b70
d8138b7a7a9081c3cfe1a7c96f85f4d92b6e66f55700356dec892b8e28509b44
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
ee3e3c9a4c1c88c2490b22a3c2811657ca2ba50e38426ae5bbc985e8bf19f33c
ef4479b867b50cb063a81ff5d78c68ca95b732ef59591375cdecc79d1a57a958
f33acb319f8f8a4cf1d577a5723a232ceb2739d041eb363eb61b357b907ba69a
f6254fb3bab91044c5237f2337add838f4aa853f30b4dae6725b61acd95d6b33
fa052601ef12ee9562dfc62b446d1a8a3ebad33ed9e9108bf0675f3a09ef7b65
ff4206df81a2f0aa9506061cc46bf06f9a9a886790a3d0be947e6b35290dd7b8

memberumbrella.com Open in urlscan Pro 172.67.153.226 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

97 %HTTPS

60 %IPv6

11 Domains

16 Subdomains

16 IPs

2 Countries

864 kBTransfer

1817 kBSize

2 Cookies

0 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

memberumbrella.com Open in urlscan Pro
172.67.153.226 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

97 %
HTTPS

60 %
IPv6

11
Domains

16
Subdomains

16
IPs

2
Countries

864 kB
Transfer

1817 kB
Size

2
Cookies

62 HTTP transactions
1 data transactions