secured.kraftgun.com Open in urlscan Pro
18.196.95.178 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/30DLQek#sfgsf.html?od=1syd602bdaaed417c_vl_Active1vl_qc4.pl7ocx.U0000rfurnn000003s_x1948.gd38vMm...
Effective URL:
https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8...
Submission: On February 16 via api (February 16th 2021, 8:22:07 pm UTC) from BE

Summary HTTP 115 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 38 IPs in 5 countries across 34 domains to perform 115 HTTP transactions. The main IP is 18.196.95.178, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is secured.kraftgun.com.
TLS certificate: Issued by R3 on January 5th 2021. Valid for: 3 months.

This is the only time secured.kraftgun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 2	163.172.70.120 163.172.70.120	12876 (Online SAS) (Online SAS)
1	109.232.225.44 109.232.225.44	57172 (GLOBALLAYER) (GLOBALLAYER)
1 1	34.102.170.20 34.102.170.20	15169 (GOOGLE) (GOOGLE)
1	18.196.95.178 18.196.95.178	16509 (AMAZON-02) (AMAZON-02)
3	65.9.20.23 65.9.20.23	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.113.131 151.101.113.131	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:212... 2600:9000:2127:4600:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
1 6	2606:4700:20:... 2606:4700:20::ac43:486a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 8	2600:9000:212... 2600:9000:2127:5c00:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.107.168.177 34.107.168.177	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:12d... 2a02:26f0:12d::b819:ef73	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	151.101.113.2 151.101.113.2	54113 (FASTLY) (FASTLY)
1	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1	65.9.20.72 65.9.20.72	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	104.108.145.107 104.108.145.107	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.230.50.184 3.230.50.184	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.94.126 65.9.94.126	16509 (AMAZON-02) (AMAZON-02)
3	70.42.32.95 70.42.32.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	13.84.54.237 13.84.54.237	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2a04:4e42:1b:... 2a04:4e42:1b::626	54113 (FASTLY) (FASTLY)
17	65.9.91.213 65.9.91.213	16509 (AMAZON-02) (AMAZON-02)
1	35.173.63.32 35.173.63.32	14618 (AMAZON-AES) (AMAZON-AES)
8	2606:4700:10:... 2606:4700:10::6816:1983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b140:28d8:9783:2a08:4b54	14618 (AMAZON-AES) (AMAZON-AES)
1	34.199.213.67 34.199.213.67	14618 (AMAZON-AES) (AMAZON-AES)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:76b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
115	38

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 163.172.70.120 (France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: armenianside.com

goduare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.232.225.44 (Netherlands)

ASN57172 (GLOBALLAYER, NL)

circulationimpartial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.170.20 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.vdksda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.95.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-95-178.eu-central-1.compute.amazonaws.com

secured.kraftgun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.20.23 (Orlando, United States)

ASN16509 (AMAZON-02, US)

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.131 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

92ab5d6997844ed5b484a962b8c15274.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2127:4600:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:486a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

apps.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
__events.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2127:5c00:1:a3fa:7cc0:93a1 (United States) 4 redirects

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.168.177 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 177.168.107.34.bc.googleusercontent.com

www.ghj65trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:12d::b819:ef73 (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.20.72 (Orlando, United States)

ASN16509 (AMAZON-02, US)

cdn.powerinboxedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.145.107 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-107.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.230.50.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.94.126 (United States)

ASN16509 (AMAZON-02, US)

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.84.54.237 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

track.rev-stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a04:4e42:1b::626 (United States)

ASN54113 (FASTLY, US)

ssl.p.jwpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets-jpcust.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prd.jwpltx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ping-meta-prd.jwpltx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 65.9.91.213 (United States)

ASN16509 (AMAZON-02, US)

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.173.63.32 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-63-32.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-v.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vsa72.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b140:28d8:9783:2a08:4b54 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.213.67 (Maple Heights, United States)

ASN14618 (AMAZON-AES, US)

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:76b (United States)

ASN13335 (CLOUDFLARENET, US)

storage.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	cloudfront.net d34qb8suadcc4g.cloudfront.net d9hhrg4mnvzow.cloudfront.net	184 KB
10	gstatic.com fonts.gstatic.com	159 KB
8	tawk.to embed.tawk.to static-v.tawk.to va.tawk.to vsa72.tawk.to	118 KB
8	jwplayer.com 4 redirects cdn.jwplayer.com	77 KB
7	elfsight.com 1 redirects apps.elfsight.com static.elfsight.com __events.elfsight.com storage.elfsight.com	124 KB
7	googletagmanager.com www.googletagmanager.com	158 KB
5	googleapis.com ajax.googleapis.com fonts.googleapis.com	27 KB
4	jwpsrv.com assets-jpcust.jwpsrv.com	107 KB
4	jwpcdn.com ssl.p.jwpcdn.com	203 KB
4	outbrain.com amplify.outbrain.com tr.outbrain.com	4 KB
3	jsdelivr.net cdn.jsdelivr.net	54 KB
3	jwpltx.com prd.jwpltx.com ping-meta-prd.jwpltx.com	134 B
3	google.de www.google.de	397 B
3	google.com 1 redirects www.google.com	1 KB
3	facebook.com www.facebook.com	573 B
3	doubleclick.net 1 redirects googleads.g.doubleclick.net	5 KB
3	quora.com a.quora.com q.quora.com	15 KB
3	liadm.com 1 redirects b-code.liadm.com rp.liadm.com rp4.liadm.com	11 KB
3	unbounce.com builder-assets.unbounce.com	39 KB
2	googleadservices.com www.googleadservices.com	15 KB
2	bing.com bat.bing.com	9 KB
2	yimg.com s.yimg.com	7 KB
2	facebook.net connect.facebook.net	92 KB
2	ghj65trk.com www.ghj65trk.com	15 KB
2	ubembed.com 92ab5d6997844ed5b484a962b8c15274.js.ubembed.com assets.ubembed.com	48 KB
2	goduare.com 1 redirects goduare.com	1 KB
1	ub-analytics.com events.ub-analytics.com	245 B
1	rev-stripe.com track.rev-stripe.com	281 B
1	powerinboxedge.com cdn.powerinboxedge.com	1 KB
1	taboola.com cdn.taboola.com	22 KB
1	kraftgun.com secured.kraftgun.com	27 KB
1	vdksda.com 1 redirects www.vdksda.com	459 B
1	circulationimpartial.com circulationimpartial.com	443 B
1	bit.ly 1 redirects bit.ly	137 B
115	34

	Domain	Requested by
17	d9hhrg4mnvzow.cloudfront.net	secured.kraftgun.com
10	fonts.gstatic.com	fonts.googleapis.com
8	cdn.jwplayer.com	4 redirects secured.kraftgun.com cdn.jwplayer.com
7	www.googletagmanager.com	secured.kraftgun.com www.googletagmanager.com
4	assets-jpcust.jwpsrv.com	secured.kraftgun.com
4	fonts.googleapis.com	builder-assets.unbounce.com static-v.tawk.to
4	ssl.p.jwpcdn.com	cdn.jwplayer.com
3	vsa72.tawk.to	static-v.tawk.to
3	cdn.jsdelivr.net	static-v.tawk.to
3	va.tawk.to	static-v.tawk.to
3	www.google.de	secured.kraftgun.com
3	www.google.com	1 redirects secured.kraftgun.com
3	www.facebook.com	secured.kraftgun.com
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
3	tr.outbrain.com	amplify.outbrain.com secured.kraftgun.com
3	builder-assets.unbounce.com	secured.kraftgun.com
2	prd.jwpltx.com
2	__events.elfsight.com	apps.elfsight.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	q.quora.com	secured.kraftgun.com
2	bat.bing.com	secured.kraftgun.com
2	s.yimg.com	secured.kraftgun.com s.yimg.com
2	connect.facebook.net	secured.kraftgun.com connect.facebook.net
2	www.ghj65trk.com	secured.kraftgun.com www.ghj65trk.com
2	static.elfsight.com	secured.kraftgun.com apps.elfsight.com
2	apps.elfsight.com	1 redirects apps.elfsight.com
2	d34qb8suadcc4g.cloudfront.net	secured.kraftgun.com d34qb8suadcc4g.cloudfront.net
2	goduare.com	1 redirects
1	static-v.tawk.to	embed.tawk.to
1	ping-meta-prd.jwpltx.com
1	storage.elfsight.com	static.elfsight.com
1	rp4.liadm.com	secured.kraftgun.com
1	rp.liadm.com	1 redirects
1	embed.tawk.to	secured.kraftgun.com
1	events.ub-analytics.com	secured.kraftgun.com
1	track.rev-stripe.com	secured.kraftgun.com
1	assets.ubembed.com	92ab5d6997844ed5b484a962b8c15274.js.ubembed.com
1	amplify.outbrain.com	secured.kraftgun.com
1	cdn.powerinboxedge.com	secured.kraftgun.com
1	cdn.taboola.com	secured.kraftgun.com
1	a.quora.com	secured.kraftgun.com
1	b-code.liadm.com	secured.kraftgun.com
1	92ab5d6997844ed5b484a962b8c15274.js.ubembed.com	secured.kraftgun.com
1	ajax.googleapis.com	secured.kraftgun.com
1	secured.kraftgun.com	circulationimpartial.com
1	www.vdksda.com	1 redirects
1	circulationimpartial.com	goduare.com
1	bit.ly	1 redirects
115	48

This site contains links to these domains. Also see Links.

Domain
apps.elfsight.com
elfsight.com

Subject Issuer	Validity	Valid
circulationimpartial.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-24` - `2021-04-20`	a year	crt.sh
secured.kraftgun.com R3	`2021-01-05` - `2021-04-05`	3 months	crt.sh
*.unbounce.com Amazon	`2020-04-08` - `2021-05-08`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
z.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-02` - `2021-04-23`	8 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
elfsight.com Cloudflare Inc ECC CA-3	`2020-06-30` - `2021-06-30`	a year	crt.sh
jwplayer.com Amazon	`2021-01-29` - `2022-02-26`	a year	crt.sh
ghj65trk.com Go Daddy Secure Certificate Authority - G2	`2020-12-03` - `2021-10-04`	10 months	crt.sh
b-code.liadm.com DigiCert Secure Site ECC CA-1	`2020-06-23` - `2021-09-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
quora.com R3	`2021-02-07` - `2021-05-08`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
cdn.powerinboxedge.com Amazon	`2020-06-17` - `2021-07-17`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-01-14` - `2021-03-02`	2 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
*.quora.com R3	`2021-02-07` - `2021-05-08`	3 months	crt.sh
assets.ubembed.com Amazon	`2020-04-04` - `2021-05-04`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
track.rev-stripe.com R3	`2021-02-08` - `2021-05-09`	3 months	crt.sh
jwplayer.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-24` - `2021-04-25`	a year	crt.sh
*.ub-analytics.com Amazon	`2020-06-08` - `2021-07-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-29` - `2021-07-29`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.liadm.com Amazon	`2020-03-31` - `2021-04-30`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh

This page contains 4 frames:

Primary Page: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Frame ID: 11670F361526E1FD9C43FCA87BB8D454
Requests: 109 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 580F860EBE85816FAE9E290C45AA53A5
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 7A164FE6154F0012DBC93B8AB40DBFB7
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 7C22FA86A3E82EF85293438C7D91FFDE
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/30DLQek HTTP 301
http://goduare.com/short/ Page URL
http://goduare.com/sfgsf.html?od=1syd602bdaaed417c_vl_Active1vl_qc4.pl7ocx.U0000rfurnn000003s_x... HTTP 302
https://circulationimpartial.com/1764065842ff79c1800/COVDDD_qc602bdaaee10a4/ydqc%7CM21unJj=%7Cgd38v%7C2bqvo3%... Page URL
https://www.vdksda.com/2L4JQSH/DTSHN3J/?sub2=690372&sub3=1122336141 HTTP 302
https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5... Page URL

Page Statistics

115
Requests

98 %
HTTPS

50 %
IPv6

34
Domains

48
Subdomains

38
IPs

5
Countries

1519 kB
Transfer

4413 kB
Size

12
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.elfsight.com/panel/applications/facebook-feed/?utm_source=websites&utm_medium=clients&utm_content=facebook-feed&utm_term=secured.kraftgun.com&utm_campaign=deactivated-widget&show_pricing=true
Title: Widget is deactivated. Please, visit Elfsight Apps.

Search URL Search Domain Scan URL

URL: https://elfsight.com/facebook-reviews-widget/?utm_source=websites&utm_medium=clients&utm_content=facebook-reviews&utm_term=secured.kraftgun.com&utm_campaign=free-widget
Title: Free Facebook Reviews widget

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/30DLQek HTTP 301
http://goduare.com/short/ Page URL
http://goduare.com/sfgsf.html?od=1syd602bdaaed417c_vl_Active1vl_qc4.pl7ocx.U0000rfurnn000003s_x1948.gd38vMmJxdm8zLTM4b2JucmM0t59rh HTTP 302
https://circulationimpartial.com/1764065842ff79c1800/COVDDD_qc602bdaaee10a4/ydqc%7CM21unJj=%7Cgd38v%7C2bqvo3%7C38obnrc%7C0%7C0000rfurnn%7CU%7CM21unJj=%7CPC%7C3colm1c/p3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0 Page URL
https://www.vdksda.com/2L4JQSH/DTSHN3J/?sub2=690372&sub3=1122336141 HTTP 302
https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://bit.ly/30DLQek HTTP 301
http://goduare.com/short/

Request Chain 1

http://goduare.com/sfgsf.html?od=1syd602bdaaed417c_vl_Active1vl_qc4.pl7ocx.U0000rfurnn000003s_x1948.gd38vMmJxdm8zLTM4b2JucmM0t59rh HTTP 302
https://circulationimpartial.com/1764065842ff79c1800/COVDDD_qc602bdaaee10a4/ydqc%7CM21unJj=%7Cgd38v%7C2bqvo3%7C38obnrc%7C0%7C0000rfurnn%7CU%7CM21unJj=%7CPC%7C3colm1c/p3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0

Request Chain 9

https://apps.elfsight.com/p/platform.js HTTP 301
https://static.elfsight.com/platform/platform.js

Request Chain 78

https://rp.liadm.com/j?tna=v2.0.1&aid=a-04g1&wpn=lc-bundle&pu=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&refr=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&duid=b915b628ebc1--01eyp834v0e0mtymn7bem7v2ab&se=e30&dtstmp=1613506909219 HTTP 302
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-04g1&wpn=lc-bundle&pu=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&refr=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&duid=b915b628ebc1--01eyp834v0e0mtymn7bem7v2ab&se=e30&dtstmp=1613506909219&i6=MmEwMTo0Zjg6MTIxOjEzMWE6OjI%3D&n3pc=true

Request Chain 87

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580489503/?random=1782212358&cv=9&fst=1613506909135&num=1&label=PxaBCNvg5N8BEJ-i5pQC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=XSksYJ_7CoLwtgeG3YmIAg&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/580489503/?random=1782212358&cv=9&fst=1613506909135&num=1&label=PxaBCNvg5N8BEJ-i5pQC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=XSksYJ_7CoLwtgeG3YmIAg&cid=CAQSKQCNIrLMD4_UIRT2h62OnCeKwKjCm_tGa1Hi_grbM2UckyeORexwVN1m&random=2232315357&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/580489503/?random=1782212358&cv=9&fst=1613506909135&num=1&label=PxaBCNvg5N8BEJ-i5pQC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=XSksYJ_7CoLwtgeG3YmIAg&cid=CAQSKQCNIrLMD4_UIRT2h62OnCeKwKjCm_tGa1Hi_grbM2UckyeORexwVN1m&random=2232315357&resp=GooglemKTybQhCsO&ipr=y&ezwbk=AZuM4hDIRaqqFKhGDp5iW7cKvEb2bhn85qwnQgI6bVvGXh6TmLJHNgxPPXI4zvRR759slI5Aw8FFKEH9Jxl13utVc-Dp

Request Chain 88

https://cdn.jwplayer.com/strips/PSSJZVRO-120.vtt HTTP 301
https://assets-jpcust.jwpsrv.com/strips/PSSJZVRO-120.vtt

Request Chain 90

https://cdn.jwplayer.com/strips/DQ2Yjd5J-120.vtt HTTP 301
https://assets-jpcust.jwpsrv.com/strips/DQ2Yjd5J-120.vtt

Request Chain 91

https://cdn.jwplayer.com/v2/media/PSSJZVRO/poster.jpg?width=720 HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/nx7qe81p-720.jpg

Request Chain 92

https://cdn.jwplayer.com/v2/media/DQ2Yjd5J/poster.jpg?width=720 HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/rfaumry6-720.jpg

115 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
goduare.com/short/
Redirect Chain

https://bit.ly/30DLQek
http://goduare.com/short/

578 B
908 B

37ms
28ms

Document
text/html

163.172.70.120
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: http://goduare.com/short/
Protocol: HTTP/1.1
Server: 163.172.70.120 , France, ASN12876 (Online SAS, FR),
Reverse DNS: armenianside.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: f1ebb16c09e1401b3a2488f0648b7081471d7b73353feb53f2528d0bb9281bd4

Request headers

Host: goduare.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Feb 2021 20:21:47 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Sun, 21 Jul 2019 11:01:33 GMT
ETag: "242-58e2ee1e612c0"
Accept-Ranges: bytes
Content-Length: 578
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

server: nginx
date: Tue, 16 Feb 2021 20:21:46 GMT
content-type: text/html; charset=utf-8
content-length: 112
cache-control: private, max-age=90
content-security-policy: referrer always;
location: http://goduare.com/short/
referrer-policy: unsafe-url
set-cookie: _bit=l1gklK-db3959a3052f5c6a34-004; Domain=bit.ly; Expires=Sun, 15 Aug 2021 20:21:46 GMT
via: 1.1 google
alt-svc: clear

GET
H/1.1

200
OK

Cookie set p3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0 Show response
circulationimpartial.com/1764065842ff79c1800/COVDDD_qc602bdaaee10a4/ydqc%7CM21unJj=%7Cgd38v%7C2bqvo3%7C38obnrc%7C0%7C0000rfurnn%7CU%7CM21unJj=%7CPC%7C3colm1c/
Redirect Chain

http://goduare.com/sfgsf.html?od=1syd602bdaaed417c_vl_Active1vl_qc4.pl7ocx.U0000rfurnn000003s_x1948.gd38vMmJxdm8zLTM4b2JucmM0t59rh
https://circulationimpartial.com/1764065842ff79c1800/COVDDD_qc602bdaaee10a4/ydqc%7CM21unJj=%7Cgd38v%7C2bqvo3%7C38obnrc%7C0%7C0000rfurnn%7CU%7CM21unJj=%7CPC%7C3colm1c/p3yxAwNlLzEuLJIxAQR3L192oS9OL3E...

130 B
443 B

884ms
368ms

Document
text/html

109.232.225.44
GLOBALLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://circulationimpartial.com/1764065842ff79c1800/COVDDD_qc602bdaaee10a4/ydqc%7CM21unJj=%7Cgd38v%7C2bqvo3%7C38obnrc%7C0%7C0000rfurnn%7CU%7CM21unJj=%7CPC%7C3colm1c/p3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0
Requested by: Host: goduare.com
URL: http://goduare.com/short/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 109.232.225.44 , Netherlands, ASN57172 (GLOBALLAYER, NL),
Reverse DNS
Software: Apache /
Resource Hash: 5649d503e735e57589c5024915adf84be454b0ba65b8486ebaa35ba7245efc88

Request headers

Host: circulationimpartial.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://goduare.com/short/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://goduare.com/short/#sfgsf.html?od=1syd602bdaaed417c_vl_Active1vl_qc4.pl7ocx.U0000rfurnn000003s_x1948.gd38vMmJxdm8zLTM4b2JucmM0t59rh

Response headers

Date: Tue, 16 Feb 2021 20:21:48 GMT
Server: Apache
Set-Cookie: uid25439=1122336141-20210216152148-eb3885e624ecf1834dc67f347d0bd89d-; domain=; expires=Thu, 18-Mar-2021 20:21:48 GMT; path=/; SameSite=None; Secure
Content-Length: 130
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 16 Feb 2021 20:21:47 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
Location: https://circulationimpartial.com/1764065842ff79c1800/COVDDD_qc602bdaaee10a4/ydqc|M21unJj=|gd38v|2bqvo3|38obnrc|0|0000rfurnn|U|M21unJj=|PC|3colm1c/p3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

Primary Request / Show response
secured.kraftgun.com/special-offer/
Redirect Chain

https://www.vdksda.com/2L4JQSH/DTSHN3J/?sub2=690372&sub3=1122336141
https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com

224 KB
27 KB

56ms
18ms

Document
text/html

18.196.95.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Requested by: Host: circulationimpartial.com
URL: https://circulationimpartial.com/1764065842ff79c1800/COVDDD_qc602bdaaee10a4/ydqc%7CM21unJj=%7Cgd38v%7C2bqvo3%7C38obnrc%7C0%7C0000rfurnn%7CU%7CM21unJj=%7CPC%7C3colm1c/p3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.196.95.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-95-178.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 805ecfd7d133a29af3e4aa9860423382673a4f7986e8c0ff7574eeeab3976fa9

Request headers

Host: secured.kraftgun.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://circulationimpartial.com/1764065842ff79c1800/COVDDD_qc602bdaaee10a4/ydqc%7CM21unJj=%7Cgd38v%7C2bqvo3%7C38obnrc%7C0%7C0000rfurnn%7CU%7CM21unJj=%7CPC%7C3colm1c/p3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://circulationimpartial.com/1764065842ff79c1800/COVDDD_qc602bdaaee10a4/ydqc%7CM21unJj=%7Cgd38v%7C2bqvo3%7C38obnrc%7C0%7C0000rfurnn%7CU%7CM21unJj=%7CPC%7C3colm1c/p3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0

Response headers

date: Tue, 16 Feb 2021 20:21:48 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
p3p: CP="This is not a privacy policy."
x-unbounce-pageid: 9177cfcd-7d13-4f97-ad68-ae2e0b0577a9
etag: e33c83d5b773633086fbea72ebd47adb
content-location: https://secured.kraftgun.com/special-offer/
x-unbounce-visitorid: 217.138.216.441614191670163470
last-modified: Mon, 15 Feb 2021 15:40:17 GMT
x-unbounce-variant: dp
link: <https://secured.kraftgun.com/special-offer/>; rel="canonical"
set-cookie: ubpv=dp%2C9177cfcd-7d13-4f97-ad68-ae2e0b0577a9; Max-Age=15897600; Expires=Thu, 19 Aug 2021 20:21:48 GMT; Path=/special-offer/; SameSite=Lax ubrs=weighted; Path=/special-offer/; SameSite=Lax ubvs=217.138.216.441614191670163470; Max-Age=15552000; Expires=Sun, 15 Aug 2021 20:21:48 GMT; Path=/; SameSite=Lax ubvt=217.138.216.441614191670163470; Max-Age=259200; Expires=Fri, 19 Feb 2021 20:21:48 GMT; Path=/; Domain=kraftgun.com; SameSite=Lax
content-encoding: gzip
x-proxy-backend: page-server
connection: close

Redirect headers

server: nginx
date: Tue, 16 Feb 2021 20:21:48 GMT
content-type: text/html; charset=utf-8
content-length: 222
location: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
set-cookie: uniqueClick_DTSHN3J=f967ffa1-4fb1-49b7-96e9-a146a468aca5:1613506908; Path=/; Expires=Tue, 23 Feb 2021 20:21:48 GMT; Secure; SameSite=None transaction_id=916d64e0ab504fc99e8dc37757e76659; Path=/; Expires=Mon, 17 May 2021 20:21:48 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: cf8582cd-330b-4902-ba3f-5fb5b9af9316
via: 1.1 google
alt-svc: clear

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 84ms
27ms Stylesheet
text/css 65.9.20.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.20.23 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 02 Jan 2021 03:11:54 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 17:18:52 GMT
server: AmazonS3
age: 3949795
etag: "cd0dc5f3bbefd8a34b8e19c0a6dd75e5"
x-cache: Hit from cloudfront
x-amz-version-id: a2uJdoMSQ1AGBOFyETBT0EXZA0nFzQX9
via: 1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-type: text/css
content-length: 2902
x-amz-cf-id: ebolzJGvNM4dE-Df8_GIvhIB11OtV3BgovAxBfI34SxG904uOKM2OA==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 70 KB
24 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 08:22:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129560
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24715
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Feb 2022 08:22:28 GMT

GET
H2 200 jquery-shims.bundle-0983003.z.js Show response
builder-assets.unbounce.com/published-js/ 6 KB
2 KB 84ms
27ms Script
application/javascript 65.9.20.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-0983003.z.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.20.23 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 01:58:43 GMT
content-encoding: gzip
last-modified: Tue, 13 Oct 2020 18:07:24 GMT
server: AmazonS3
age: 6891786
etag: "d2a192590a76ade095caec7cb83bb5e3"
x-cache: Hit from cloudfront
x-amz-version-id: wCBS76d9D6FOnvl8xXmd742tpe3Qctzy
via: 1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 1993
x-amz-cf-id: i_mLYznRmtxkfyVPjvcRKYHEbRx_OCMM22Xv1JAk5g5piDnbR-V8DA==

GET
H2 200 / Show response
92ab5d6997844ed5b484a962b8c15274.js.ubembed.com/ 5 KB
2 KB 64ms
11ms Script
application/json 151.101.113.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://92ab5d6997844ed5b484a962b8c15274.js.ubembed.com/
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.131 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: de8c308c919da61b100f09671307cf1aa3914c150367e85228f7a30a8dae61b5

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:48 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 4301
etag: 2546a44a9164cc67a6c7018f5cf4c5bc-v0.179.0
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: none
x-amz-apigw-id: a2jGbHJxjoEFbWw=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 38ms
35ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-996215059

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6447d29d06c0a6d7832a74892f0d2802a5b87cd3ffbb65b73bc280828790cfc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39131
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Feb 2021 20:21:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 40ms
38ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-580489503

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fca188bcda4577e136a5d6948b701cde91cb840cdfc751a3fb4504eaea2f0d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39132
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Feb 2021 20:21:48 GMT

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 43ms
11ms Script
application/javascript 2600:9000:2127:4600:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1605293159
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:4600:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 146713f310842933dc62d2bed7f0eaaf8a9cf3cdf72fd37610ef51e58378c8dc

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 07:27:16 GMT
content-encoding: gzip
last-modified: Fri, 13 Nov 2020 18:45:36 GMT
server: AmazonS3
age: 7390473
etag: "91086183e2039359e4bf5622dfb57722"
x-cache: Hit from cloudfront
x-amz-version-id: D6xyQ1UlRnHjPycouA5Yb4DYOQiJWBkd
via: 1.1 41b7bdf4fb536a6c72b9f49d9b6affe9.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 1992
x-amz-cf-id: TVdn0ntv4rDHrGAc0QNgywdc0GoOftZDJcAPmMaRAmurJcCrGzcqpw==

GET
H2

200

platform.js Show response
static.elfsight.com/platform/
Redirect Chain

https://apps.elfsight.com/p/platform.js
https://static.elfsight.com/platform/platform.js

47 KB
15 KB

35ms
24ms

Script
application/javascript

2606:4700:20::ac43:486a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/platform/platform.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:486a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be565e2df3f82b724d6914a93528679b6535ee17c2c47f98855dd7abbbbb86c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:48 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 361
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: tx0000000000000092fe8d9-006020ff59-5ed4160-sfo2a
cf-request-id: 084e1aab0000004be2f6093000000001
last-modified: Tue, 26 Jan 2021 10:54:16 GMT
server: cloudflare
cache-control: max-age=3600
etag: W/"3463ca58a80f722291130e1e9150e952"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0I0aHyrZhEyBZSfwMk69%2BN4AGRAm9NN6fxP7Rw1%2B8uyRhC0xZke6IFRdrksR0QPudE196zaCgvKMsNVMJyHwlI9qdQf7TQpQCAY1D%2FTb9sfCQUWt%2F0wlcdNqQQxyGdvk"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
x-rgw-object-type: Normal
cf-ray: 6229fa24cb804be2-AMS

Redirect headers

date: Tue, 16 Feb 2021 20:21:48 GMT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ejUQzo1CZjCCr%2Fm57IQqplCSwcMthzu6bUDfArO4ZcKYl96sWyig3I2WisPFLB8QyuOoKpFSQgdma6JMhVsh1Cqpu3i8fcFPoKzTwgFOq6Yp%2BTUVnUfYS8pjsxG6HA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
location: https://static.elfsight.com/platform/platform.js
cache-control: max-age=3600
strict-transport-security: max-age=0
cf-ray: 6229fa23e89a4be2-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084e1aaa6e00004be25d36d000000001
expires: Tue, 16 Feb 2021 21:21:48 GMT

GET
H2 200 PSSJZVRO-vG2mJbcu.js Show response
cdn.jwplayer.com/players/ 113 KB
37 KB 222ms
197ms Script
text/javascript 2600:9000:2127:5c00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/players/PSSJZVRO-vG2mJbcu.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:5c00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: fd45b619e0418c72eea1af4307871571d595d89cf88fb65b597390917c73bd1c

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:48 GMT
content-encoding: gzip
server: openresty
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=150, max-stale=180
content-length: 37558
via: 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-amz-cf-id: JQTusxpVLY0D_SN4TaBTIWhUqeYLv7X7nZmrv2S_YnF1uODL8ECwmQ==
expires: Tue, 16 Feb 2021 20:24:18 GMT

GET
H2 200 DQ2Yjd5J-NZo33V7a.js Show response
cdn.jwplayer.com/players/ 113 KB
37 KB 212ms
188ms Script
text/javascript 2600:9000:2127:5c00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/players/DQ2Yjd5J-NZo33V7a.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:5c00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: fa0334ad54880f1b98c677b318932c51ab193a27291660371e013d49b44f7c67

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:48 GMT
content-encoding: gzip
server: openresty
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=150, max-stale=180
content-length: 37554
via: 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-amz-cf-id: MKiLFiyWbP_T5Y3o3KVQh-tVY8sngFXFZ-EnM9hpyrk4KjEbhCFQHg==
expires: Tue, 16 Feb 2021 20:24:18 GMT

GET
H2 200 everflow.js Show response
www.ghj65trk.com/scripts/sdk/ 44 KB
14 KB 167ms
120ms Script
text/javascript 34.107.168.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ghj65trk.com/scripts/sdk/everflow.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.168.177 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 177.168.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3a35b42068a61c55a20f5c9b684d040105ccfbac546a5459d47852159e00f0ab

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:48 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: text/javascript
content-encoding: gzip
x-eflow-request-id: c0ebd8d8-3511-408a-a87e-a29c5942d5d8
alt-svc: clear

GET
H2 200 main.bundle-5c6e41c.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 34ms
32ms Script
application/javascript 65.9.20.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.20.23 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:28:57 GMT
content-encoding: gzip
last-modified: Tue, 13 Oct 2020 18:07:24 GMT
server: AmazonS3
age: 6713572
etag: "8f54ee429acc92c4ec90173c4494c176"
x-cache: Hit from cloudfront
x-amz-version-id: 3Tf5CLt4Hplptlwy2gR6SrQuS3YM4exc
via: 1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 33645
x-amz-cf-id: vvvl5cCI-Ho5IGvTbVZ0QSNgPClaEf-37gaTGM5Ch1YRo50u6H5ZcA==

GET
H2 200 a-04g1.min.js Show response
b-code.liadm.com/ 25 KB
10 KB 207ms
169ms Script
application/javascript 2a02:26f0:12d::b819:ef73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-04g1.min.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d::b819:ef73 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 671d10f7c57123625a336067f3b4de6933b918cb54bc53b8f19c07c4d3fec119

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:48 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 14:47:04 GMT
etag: "3e1dcddb94914b4fee5fb11a0269a2bd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 9833

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: SlW1m8vm+pjz3fW1pewk9ieSErpOSUGDLSHvNJXMSWYP2Bi/KmkhKAq4yW+nY0hrTT6XgFmImXAFndALAaok3g==
x-fb-trip-id: 2052514463
x-frame-options: DENY
date: Tue, 16 Feb 2021 20:21:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 qevents.js Show response
a.quora.com/ 39 KB
14 KB 33ms
12ms Script
text/plain 151.101.113.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: s3LlaOWABX1LUjiLldBNr49lVAylKDRo
content-encoding: gzip
etag: "f32ebb1e93a72c0a57add6d07f688510"
age: 6445
x-cache: HIT, HIT
content-length: 13681
x-amz-id-2: 94JeRsAql5wKjFeS3J2P/dtefGDSGaKfBTRuQAAOXFh33iSqLHa8S/jky3eOQQ/UkWcjJoudYQ8=
x-served-by: cache-bwi5150-BWI, cache-hhn4059-HHN
last-modified: Fri, 25 Oct 2019 19:28:38 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1572031715/ctime:1572031714/gid:1000000/gname:employee/md5:f32ebb1e93a72c0a57add6d07f688510/mode:33188/mtime:1149709104/uid:1000332/uname:tzhou
x-timer: S1613506909.756748,VS0,VE0
date: Tue, 16 Feb 2021 20:21:48 GMT
vary: Accept-Encoding
x-amz-request-id: E9991AFD9A0915EF
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=7200
accept-ranges: bytes
content-type: text/plain
x-cache-hits: 1, 2143

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1218832/ 64 KB
22 KB 128ms
108ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1218832/tfa.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 562c176f75228c71c53f4634f48c5b1a486710c1fd527d87346032b7b0b31ec0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: J7_aqlL13J6U8aFokPSeH7yQz42P8cs8
content-encoding: gzip
etag: "3cde8307db2bdd60a25f2dc3b02d6a9f"
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 21902
x-amz-id-2: xHoK23qc9tMahyfeBygZ2EvCSnePrjSbykuJFrmox9KZURzpDf/g8452LYAoh1+JptMeXEWrE8k=
x-served-by: cache-hhn11542-HHN
last-modified: Mon, 15 Feb 2021 20:56:38 GMT
server: AmazonS3
x-timer: S1613506909.755978,VS0,VE99
date: Tue, 16 Feb 2021 20:21:48 GMT
vary: Accept-Encoding
x-amz-request-id: 45051D23C72CDD21
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 96
x-cache-hits: 1

GET
H2 200 pi-notify.js Show response
cdn.powerinboxedge.com/framework/ 690 B
1 KB 143ms
29ms Script
application/javascript 65.9.20.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.powerinboxedge.com/framework/pi-notify.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.20.72 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ed5969737902a6ab2815c64df0d19336fe38d3ed2e020e481fd3c90bc97dd520

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 12:36:01 GMT
via: 1.1 a208b778c983eefafa95a32c5d34e8bc.cloudfront.net (CloudFront)
last-modified: Fri, 28 Feb 2020 19:56:54 GMT
server: AmazonS3
age: 27947
etag: "3e005973746aab66674e6f3460b1c781"
x-cache: Hit from cloudfront
x-amz-version-id: 0SZAKAkqoVR4qIcDsMcVeBU8Pq855goE
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 690
x-amz-cf-id: zl340R7TEn-nQPhevZlQpOSIl1zQASqix8RnkcDdNMMAEIbUo44U3A==

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 20ms
7ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

f62f08f3ab60810f61bab547392133c2574341dd4cc752e84013aecaa8b13355

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 16 Feb 2021 20:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5592
x-amz-id-2: xckUPg00gpba602PnQmx/MwqPtFAYjCkOdFvAa7YZFpD3Zz7yE0pWzLZ0JI3pGveALngBNwXuow=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 24 Mar 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 16 Feb 2021 13:57:47 GMT
server: ATS
etag: "1df8e446cd30e6c37112e12c8ecb829f-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 7BC533752E771D3C
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: MJIGBGGvv7TR43GKkoC7wmMST5TBj9G5
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 7 KB
3 KB 59ms
15ms Script
application/x-javascript 104.108.145.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-107.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Feb 2021 20:21:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jan 2021 14:42:51 GMT
Server: AkamaiNetStorage
ETag: "c43e7f1b0459d05cce32768dd16af59b:1611585771.492103"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2864
Expires: Tue, 16 Feb 2021 20:41:48 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
9 KB 45ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:48 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref: Ref A: 4340568B1DF545F79735C7352B1DCA17 Ref B: FRAEDGE1510 Ref C: 2021-02-16T20:21:48Z
etag: "0b27f152fa7d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 10093044.json Show response
s.yimg.com/wi/config/ 2 B
493 B 379ms
367ms XHR
application/json 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10093044.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: A75FA2471BE2A600
x-amz-id-2: fh7/6UggzzJY0/WLaP7hl+hTliGANxiD5ce2EDAfQYZLU6YoXUj8eFaavq8XlwbOdEzck+eTt4w=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 10ms
10ms Script
application/javascript 2600:9000:2127:4600:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1605293159
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:4600:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 03:43:58 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
age: 1183071
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
via: 1.1 41b7bdf4fb536a6c72b9f49d9b6affe9.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 30399
x-amz-cf-id: 7ATX_XmmtkIFaizhrw-peL2-sOThkKQzyzHE6OkHUyvCSm7c6HGCfw==

GET
H2 200 444674280268662 Show response
connect.facebook.net/signals/config/ 240 KB
69 KB 144ms
144ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/444674280268662?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

676139110081858300e270e344848783134bb86a4957d009dbb35728076ca51e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: UvnauxSMjltKP/PCXrpkTeFjr65FkaqxuK0zLXLxTAh8lKmp0Akgk2be43wE7lIQ+nkjNyr6KTuwQ1Ooz5mJyA==
x-fb-trip-id: 2052514463
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 16 Feb 2021 20:21:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 679918182
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/359c5f08b9924164b65dde426918fdb8/ 43 B
422 B 401ms
100ms Image
image/gif 3.230.50.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/359c5f08b9924164b65dde426918fdb8/pixel?j=1&u=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&tag=ViewContent&ts=1613506908925

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.230.50.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Feb 2021 20:21:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,56955717182eb99ea4ae85e430f68d43,10.0.0.219,16436,217.138.216.44,,67038691549,1,1613506909.276,0.002,,.,0,0,0.004,0.004,-,0,0,197,187,93,10,26847,,,,,,-,
Content-Type: image/gif

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/359c5f08b9924164b65dde426918fdb8/ 43 B
423 B 409ms
103ms Image
image/gif 3.230.50.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.230.50.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Feb 2021 20:21:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,bdd8a76d4d6935c55c9c6c3ed252edfe,10.0.0.219,16456,217.138.216.44,,67038691583,1,1613506909.284,0.001,,.,0,0,0.000,0.000,-,0,0,197,292,146,10,26847,,,,,,-,
Content-Type: image/gif

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.0/ 162 KB
46 KB 67ms
23ms Script
application/javascript 65.9.94.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.0/bundle.js
Requested by: Host: 92ab5d6997844ed5b484a962b8c15274.js.ubembed.com
URL: https://92ab5d6997844ed5b484a962b8c15274.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aef23deda339b41ec1128bd29fb926bd6b5317b06583cfe713da67ae9db605ba

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 03:34:38 GMT
content-encoding: gzip
last-modified: Wed, 16 Dec 2020 18:50:36 GMT
server: AmazonS3
age: 1097231
etag: W/"5989757bd8ad29a05f48a0b643993aae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b9288402a0a891e0bbaca832ecabae61.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: 6asImKUBp9SiIMxZ3MF38RACwAJ9L2AFq9A36jYYS-n506kAhWzONw==

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-996215059&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-580489503

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee4b51d6f0cf0a7ea6cb3127cba01e10cecfcc1659b79925dc349f0d0d1d49bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39103
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Feb 2021 20:21:48 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 1915ms
1647ms Script
application/javascript 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00b6640ba49ae3ec9e80120704a43048c1
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Feb 2021 20:21:50 GMT
content-encoding: gzip
X-TraceId: f0eca2b430d15c8b76e2103bbb59c1bb
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 356ms
88ms Image
image/gif 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00b6640ba49ae3ec9e80120704a43048c1&obApiVersion=1.1&obtpVersion=1.4.1&name=PAGE_VIEW&dl=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&optOut=false&bust=06087763494857947
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Feb 2021 20:21:49 GMT
Cache-Control: no-cache
X-TraceId: 1a544bd8666a5ad44a3636825d9f8f81
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 363ms
90ms Image
image/gif 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00b6640ba49ae3ec9e80120704a43048c1&obApiVersion=1.1&obtpVersion=1.4.1&name=Add-to-cart&dl=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&optOut=false&bust=018464078163534525
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Feb 2021 20:21:49 GMT
Cache-Control: no-cache
X-TraceId: b9c9b3832819aac4d8a53b843a07500b
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 31 KB
13 KB 54ms
31ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-996215059

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

11e4390972243444bef13a861d73eed252a6d4c9cc43e98a7e4e19bceb46bee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12360
x-xss-protection: 0
server: cafe
etag: 195370021859676167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 Feb 2021 20:21:48 GMT

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
95 B 27ms
27ms Image
image/gif 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-996215059&cv=1&v=3&t=t&pid=359530654&rv=230&es=1&e=gtm.js&eid=5&tc=1&tr=1rep&ti=1rep&z=0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 20:21:48 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
21 B 28ms
27ms Image
image/gif 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-996215059&cv=1&v=3&t=t&pid=359530654&rv=230&es=1&e=*&eid=7&tc=1&z=0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 20:21:48 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 notify
track.rev-stripe.com/postback/ 43 B
281 B 417ms
130ms Image
image/gif 13.84.54.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.rev-stripe.com/postback/notify?pi_href=https%3A//secured.kraftgun.com/special-offer/%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&companyid=2518
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.84.54.237 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:49 GMT
x-aspnetmvc-version: 5.2, 5.2
server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET, ASP.NET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: private, private
content-length: 43
request-context: appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff

GET
H2 200 jwpsrv.js Show response
ssl.p.jwpcdn.com/player/v/8.18.4/ 57 KB
17 KB 21ms
6ms Script
application/javascript 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/jwpsrv.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/PSSJZVRO-vG2mJbcu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c616b0445de7236c857bbcff63e3236985202ead1d6676dd74b6151a5d88800

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:48 GMT
content-encoding: gzip
age: 166
x-cache: HIT
content-length: 17360
via: 1.1 varnish
x-served-by: cache-hhn4072-HHN
last-modified: Mon, 08 Feb 2021 19:59:45 GMT
server: AmazonS3
x-timer: S1613506909.986826,VS0,VE0
etag: "9babdf430d4678f3029506d58b1f0c17"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, immutable
accept-ranges: bytes
x-cache-hits: 1071

GET
H2 200 jwplayer.core.controls.js Show response
ssl.p.jwpcdn.com/player/v/8.18.4/ 298 KB
76 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/jwplayer.core.controls.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/PSSJZVRO-vG2mJbcu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbddb5dc71dbc432fe3c0882955fd4942934d931ea1cf8ed3107b6f8e8f6c7c8

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:48 GMT
content-encoding: gzip
age: 2310007
x-cache: HIT
content-length: 78129
via: 1.1 varnish
x-served-by: cache-hhn4072-HHN
last-modified: Fri, 15 Jan 2021 21:39:06 GMT
server: AmazonS3
x-timer: S1613506909.995005,VS0,VE0
etag: "bce8a935003a2164805362d8ad7026a6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1330772

GET
H2 200 PSSJZVRO Show response
cdn.jwplayer.com/v2/media/ 2 KB
942 B 189ms
167ms XHR
application/json 2600:9000:2127:5c00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/v2/media/PSSJZVRO?recommendations_playlist_id=hdCZ6xMG
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/PSSJZVRO-vG2mJbcu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:5c00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: a5e7b25f9eab6976f2b436f3fd293903a4df424898ab60314c318c07dd51029c

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:49 GMT
content-encoding: gzip
server: openresty
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1200, max-stale=180
content-length: 592
via: 1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
x-amz-cf-id: wjn5tg791QjmfQ8qAEAELbrGVSSWYKU3UdAEct64dwYoBbEWbpDwsA==
expires: Tue, 16 Feb 2021 20:41:49

GET
H2 200 DQ2Yjd5J Show response
cdn.jwplayer.com/v2/media/ 2 KB
924 B 196ms
175ms XHR
application/json 2600:9000:2127:5c00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/v2/media/DQ2Yjd5J?recommendations_playlist_id=hdCZ6xMG
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/PSSJZVRO-vG2mJbcu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:5c00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 15d50926a491534630fd3014a812310fa2a9ee5f8c60236cdcfc366588f87ce3

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:49 GMT
content-encoding: gzip
server: openresty
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1200, max-stale=180
content-length: 575
via: 1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
x-amz-cf-id: XV9gcLE1tfgcEumScBgmiUslrnpBnj1jv5_OpKYUpKcV3hslQ4M7sg==
expires: Tue, 16 Feb 2021 20:41:49

GET
H2 200 cc1c1686-bg-06_1000000000000000000028.jpg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 53 KB
54 KB 99ms
38ms Image
image/jpeg 65.9.91.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/cc1c1686-bg-06_1000000000000000000028.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02b3bb1f88fed173c3534d0da79d5059ca521dc7dd198966c93ecb0d05899d9d

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 18:08:30 GMT
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:46 GMT
server: AmazonS3
age: 353600
etag: "63d2efbffae48a066a4c70bcb51edc56"
x-cache: Hit from cloudfront
x-amz-version-id: kmWV2VKQawGp0x9NKuWlldxqiP_q4xdR
cache-control: max-age=31557600
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 54578
x-amz-cf-id: sgQLSvkOXpJJiDWnxkdjN5d9CEq86dgO3YI6jDpVdE_EN_LC0W5PJQ==

GET
H2 200 i
events.ub-analytics.com/ 43 B
245 B 315ms
100ms Image
image/gif 35.173.63.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1613506908983&e=pv&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&page=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&refr=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=f6b1351b-afdc-4d00-bbc8-60ba2b76bfbd&dtm=1613506908981&vp=1600x1200&ds=1600x7108&vid=1&sid=b7a3423b-684a-4f51-95fe-9a15dd791136&duid=94037606-3524-4c77-a3b8-1311a002ef1e&uid=217.138.216.441614191670163470&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiOTE3N2NmY2QtN2QxMy00Zjk3LWFkNjgtYWUyZTBiMDU3N2E5IiwidmFyaWFudElkIjoiZHAiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.63.32 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-63-32.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 16 Feb 2021 20:21:49 GMT
access-control-allow-credentials: true
server: akka-http/10.0.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 43
content-type: image/gif

GET
H2 200 default Show response
embed.tawk.to/5cd1205ed07d7e0c63924148/ 11 KB
4 KB 466ms
448ms Script
application/x-javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5cd1205ed07d7e0c63924148/default

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6cb35768200fed66c189f15b5d753304edfc6c815f418b06c975a501c428ec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://secured.kraftgun.com
Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
server: cloudflare
etag: W/"stable-v3-709-en"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, s-maxage=3600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 6229fa257e301762-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084e1aab6b00001762358d5000000001

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 121 KB
43 KB 47ms
45ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W24J9CP

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83421646893781edf2a0e6138b64d269fca4cfe73201d2ba92252e2971d255f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43637
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Feb 2021 20:21:49 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 47ms
45ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25073442&Ver=2&mid=4ce07c37-4350-4ecb-ace9-4591cf111d22&sid=990ab820709411ebbf6e35ea2d061f70&vid=990ae0b0709411ebbe8795e6422c1b72&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&kw=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&p=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&r=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&lt=636&evt=pageLoad&msclkid=N&sv=1&rn=607461
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 16 Feb 2021 20:21:48 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 3CEDAF9BD5C942199B22C85B58348F65 Ref B: FRAEDGE1510 Ref C: 2021-02-16T20:21:49Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 6e54d159-63a8-4f8f-80ea-34f6b1cc73f6
https://secured.kraftgun.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secured.kraftgun.com/6e54d159-63a8-4f8f-80ea-34f6b1cc73f6
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 5603
Content-Type: text/css

GET
H3-Q050 200 css
fonts.googleapis.com/ 25 KB
1 KB 19ms
19ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

485684debae59368f4869b98b228c36719ba92fe983e42c66aea2a729c1b6f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 20:21:49 GMT
server: ESF
date: Tue, 16 Feb 2021 20:21:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Feb 2021 20:21:49 GMT

GET
H2 200 / Show response
apps.elfsight.com/p/boot/ 3 KB
2 KB 249ms
248ms XHR
application/json 2606:4700:20::ac43:486a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.elfsight.com/p/boot/?w=083c159a-cc85-42fc-8afc-298850561176

Requested by

Host: apps.elfsight.com
URL: https://apps.elfsight.com/p/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:486a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c64b3c13cbec214d71d5bb65728b45743ff4defc44da055c2d0ce8b3d0aa7e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
access-control-max-age: 86400
access-control-allow-methods: GET
strict-transport-security: max-age=0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084e1aab6c00004be23f2b4000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g0WzTzqF6%2FPaZi%2Ff9r9u5YuUpdlJLNH2X2RtPWEnc%2BGX82iHr%2F9WHa5LIqMD5WFbf1v7NiroB8mxVAmcFgmOk8RnLEg7dABP20KxTIDUpNTlE7G1rkS7nc%2F9MnWEKw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/json
access-control-allow-origin: https://secured.kraftgun.com
x-xss-protection: 1; mode=block
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6229fa257d264be2-AMS
access-control-allow-headers: DNT, Referer, Content-Type, Set-Cookie, x-csrf-token, x-socket-id

GET
H2 200 78eeaf98-whatsapp-image-2020-05-15-at-9-52-22-am_108x05606204800t00h028.jpeg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 8 KB
9 KB 54ms
52ms Image
image/jpeg 65.9.91.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/78eeaf98-whatsapp-image-2020-05-15-at-9-52-22-am_108x05606204800t00h028.jpeg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1da9819bcabac9e138d1f10c7d1c76f3da09e894f7a140ffb82e15710d877199

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 19:23:56 GMT
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:46 GMT
server: AmazonS3
age: 262674
etag: "57559a16a4bb5671d254f410eea7f3ec"
x-cache: Hit from cloudfront
x-amz-version-id: RGuwavWBuTTnrwiV7vPb5wJRgikqk7Ym
cache-control: max-age=31557600
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 8427
x-amz-cf-id: cnTtFxxDotpsF6R2_fdWZuHn2zrwosdWMcyNKYnBiNWkRWLHeVkYxA==

GET
H2 200 e8f5f976-heart_100p00p000000000000000.png
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 513 B
904 B 55ms
52ms Image
image/png 65.9.91.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/e8f5f976-heart_100p00p000000000000000.png
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64f7626a65bb8304d55454d4b8049040d0875269980147a3d6f2d5b2f14580fb

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 05:50:11 GMT
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:46 GMT
server: AmazonS3
age: 311499
etag: "f2e438e10a995e7ed072462717fad78b"
x-cache: Hit from cloudfront
x-amz-version-id: 2O_6PYpBAJ7IN5asoM6k4fpO2EuYVZub
cache-control: max-age=31557600
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: image/png
content-length: 513
x-amz-cf-id: VTluLFFdjCQCvmFdtnwxA7swbpe-HGNMebr9mj6Rl8TSjP3b4X9oxQ==

GET
H2 200 7697b8da-chat_100p00p000000000000000.png
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 546 B
936 B 54ms
52ms Image
image/png 65.9.91.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/7697b8da-chat_100p00p000000000000000.png
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51a5c52f86e1f5c17f703d83aea85809292aed00d81029344a6dc631c1bb2a26

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 07:14:33 GMT
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:46 GMT
server: AmazonS3
age: 565637
etag: "9a867481cf8d5f3b6a0b9795de8222d8"
x-cache: Hit from cloudfront
x-amz-version-id: mkrZMDjR9j9IpaltC12B4LUV0Xy7q2w2
cache-control: max-age=31557600
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: image/png
content-length: 546
x-amz-cf-id: SmHmkbazS3_Arotv2o5rhtjrlq62vqczbEqK0b-tY2pnGIgeCToHhw==

GET
H2 200 68c9d2ec-8-photo_106206o062049000000028.jpg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 9 KB
9 KB 56ms
53ms Image
image/jpeg 65.9.91.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/68c9d2ec-8-photo_106206o062049000000028.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6654e48770de22777ac01873bbf8164bc4650880375aca22245f43d6cabae6ef

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 18:08:30 GMT
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:45 GMT
server: AmazonS3
age: 353600
etag: "231e298c1ef96f5501d9127994076437"
x-cache: Hit from cloudfront
x-amz-version-id: WlLWYuG_jaYE_kQBHC_fpc3Vi5m2auaK
cache-control: max-age=31557600
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 9018
x-amz-cf-id: VocKKMbJrOb2Y6fsH8S2c8th9E77Zbb8YYKarvGafMPsJq1qITUxvQ==

GET
H2 200 a68fa811-whatsapp-image-2020-05-15-at-9-52-34-am_107904906204900p000028.jpeg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 10 KB
10 KB 60ms
58ms Image
image/jpeg 65.9.91.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/a68fa811-whatsapp-image-2020-05-15-at-9-52-34-am_107904906204900p000028.jpeg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1dd065c2a10c5c9ab803c37299252f97e4fe7daa78734ad70600ab39e1de3da2

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 01:00:27 GMT
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:46 GMT
server: AmazonS3
age: 933683
etag: "b4db8c3d5bd1e38ef4d43d0892ec1a49"
x-cache: Hit from cloudfront
x-amz-version-id: lqLBqeyEAolRAuxBaybHVjby3mIDfSRT
cache-control: max-age=31557600
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 9828
x-amz-cf-id: ooOh6lJNN5uUr-Ri-KN32ULTpI2KHYlkw-jIWCxQ-dPQKcnYSs9cTA==

GET
H2 200 18eabe1a-82794525-10156438546971601-2810766721810432000-n_1062083062049000000028.jpg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 5 KB
5 KB 57ms
55ms Image
image/jpeg 65.9.91.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/18eabe1a-82794525-10156438546971601-2810766721810432000-n_1062083062049000000028.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 55e05ce33fadaa42b4fea7b79cb849c3bc84329390cfd18fe373a8d2c799143c

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 18:08:30 GMT
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:45 GMT
server: AmazonS3
age: 353600
etag: "a981026ec7a833aff68588dd9fd9ca4c"
x-cache: Hit from cloudfront
x-amz-version-id: .bPxMelLIDuX6xWJUbTYs0q544KgmaGY
cache-control: max-age=31557600
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 4881
x-amz-cf-id: EFDFFa-u3dH9Nrfm-fodnraSvYjFOMFtNjUH-yzoR2Q507pOV04DJQ==

GET
H2 200 79f347e3-81334184-10101719822224892-1309683262540480512-n_106208306204900001x028.jpg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 5 KB
5 KB 58ms
55ms Image
image/jpeg 65.9.91.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/79f347e3-81334184-10101719822224892-1309683262540480512-n_106208306204900001x028.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cbb6455cb0bee893bfdad8ce1adb134523cfa2a371430626fd1f5a574db6f5a2

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 18:08:30 GMT
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:46 GMT
server: AmazonS3
age: 353600
etag: "fc79f5065e5d981e72796e5325fcfbff"
x-cache: Hit from cloudfront
x-amz-version-id: 2HSpzAwmB9ZpmPWHIyQWhxygkzfAHaYu
cache-control: max-age=31557600
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 4760
x-amz-cf-id: XoOmQDGvzWz-j8HQuDXWlDhH6x6eHfXsS_MjECJOfCVNK-ctgS_Crg==

GET
H2 200 539855ae-7-photo_1062062062049000001028.jpg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 6 KB
6 KB 61ms
59ms Image
image/jpeg 65.9.91.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/539855ae-7-photo_1062062062049000001028.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95ae25c936e35ab8dfe9eadaeb5854cf241279f4d7f72a954285e12bb5ee0212

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 19:23:56 GMT
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:45 GMT
server: AmazonS3
age: 262674
etag: "10f0e349bced3647b8d84d69fdc4e6e0"
x-cache: Hit from cloudfront
x-amz-version-id: YcgffnHA6xwe4PZNOCopyjBSeR6ANO3h
cache-control: max-age=31557600
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 5703
x-amz-cf-id: 8yoMb55vjZdSbxkVN3f94k4eL2NpZ350bbCFuOPblnysNWed_JoeZA==

GET
H2 200 cfd3697b-5-photo_106207l062049000029028.jpg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 6 KB
6 KB 56ms
53ms Image
image/jpeg 65.9.91.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/cfd3697b-5-photo_106207l062049000029028.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1f14612916bca52fcd4e2df47e39fb08b1dab021cf0585f2279e35b2a542ecb

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 18:08:30 GMT
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:46 GMT
server: AmazonS3
age: 353600
etag: "53df43f14f194634c178bcc64449dd18"
x-cache: Hit from cloudfront
x-amz-version-id: _nn04mkIB3uVOI0Ddnn0sOGgk5NGuWoT
cache-control: max-age=31557600
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 6098
x-amz-cf-id: P8oe8a6-R5WqzHnqAVF_22cqyz4V3N-B0ccFK_VDM_Rcte0aey5EuA==

GET
H2 200 6657ec83-82148792-1052027901806929-1111988031029510144-n_106208306204900001x028.jpg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 3 KB
3 KB 58ms
56ms Image
image/jpeg 65.9.91.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/6657ec83-82148792-1052027901806929-1111988031029510144-n_106208306204900001x028.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a28afcf4acdbf76fa66d2e70a5247503b4c4c8513f60fa502c030f188e610401

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 15:08:26 GMT
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:45 GMT
server: AmazonS3
age: 1314804
etag: "b6eb9392184a5c9370cb72ea076de43f"
x-cache: Hit from cloudfront
x-amz-version-id: lZ30pgrEImROvG6YycdJ6E2OIfzWVJAw
cache-control: max-age=31557600
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3077
x-amz-cf-id: s02rbHYCxT-9OwyXai-YrZluf3JB4YM8Hc6xy5rKoOcz8Gxys25QDQ==

GET
H2 200 7b12d87f-kraft-force.png
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 706 B
1 KB 60ms
58ms Image
image/png 65.9.91.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/7b12d87f-kraft-force.png
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89ffbe9e6cde6f9a1887c2132dba300a9f57d3ceb3dcb4042947e0cd8fdf0f9e

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 07:36:54 GMT
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:46 GMT
server: AmazonS3
age: 996296
etag: "34fde48e88b9a3a40fa917d140c7445a"
x-cache: Hit from cloudfront
x-amz-version-id: CYs.A7XUZC7RlXxe4Z9fMwJXM3F_TWH5
cache-control: max-age=31557600
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: image/png
content-length: 706
x-amz-cf-id: iD9W0UE-lIicQnmYxEg4XXLPpUKLuYm91jSo6csjGj38iQpIL1mYkg==

GET
H2 200 8c5abf44-logo-wellfit_104p01d04p012000005000.jpg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 3 KB
3 KB 61ms
59ms Image
image/jpeg 65.9.91.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/8c5abf44-logo-wellfit_104p01d04p012000005000.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b21d841d8c418f185506ff91595be0acb8ac14e9ff8c129ba1a0a7138c11184b

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 18:08:30 GMT
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:46 GMT
server: AmazonS3
age: 353600
etag: "b6f57d3cda33729e6222ea261081d7cf"
x-cache: Hit from cloudfront
x-amz-version-id: 8XKx0lsPnDNHHNNFlc4YOuNobgg7QX_D
cache-control: max-age=31557600
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2738
x-amz-cf-id: Sl2l5Y2oqDC9-ZCv7TDD4x_3eAbjZZI3GkMc8EoKE-hv0_Ute3KE0g==

GET
H2 200 083ebb37-mens_104r012000000000000028.jpg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 3 KB
3 KB 61ms
59ms Image
image/jpeg 65.9.91.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/083ebb37-mens_104r012000000000000028.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 114c86edc7d1cb27c3ffbe36a75538940cec1945a0dcd18886e46ff403ad25b9

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:14:48 GMT
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:45 GMT
server: AmazonS3
age: 1055222
etag: "98af8f1d54460375ad4e2a0f259e7583"
x-cache: Hit from cloudfront
x-amz-version-id: _C6BxCSvI3A6ffju7DBJNupb.oZl_Qhm
cache-control: max-age=31557600
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3083
x-amz-cf-id: 6zG8uP1FcZa7Jk7T1ypFlR0OmHuOYXJTUziqCxZnrzcoeh0pBY26OQ==

GET
H2 200 71ce9ba0-cropped-png-transparent-background-2_107d012000000000000000.png
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 12 KB
12 KB 66ms
64ms Image
image/png 65.9.91.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/71ce9ba0-cropped-png-transparent-background-2_107d012000000000000000.png
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d576307215d8210dc87ef40f71a4c2eb4f283d807179544dce9321ecd2117604

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:14:48 GMT
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:45 GMT
server: AmazonS3
age: 1055221
etag: "9c5513775b52583e94e92122b109d450"
x-cache: Hit from cloudfront
x-amz-version-id: gOV1FejjMwdEGf64UBdtzWCwn806rfNj
cache-control: max-age=31557600
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: image/png
content-length: 12000
x-amz-cf-id: ZhxJJKcY-NUTL27oeXsKvpz9mg15sveMWWCxlSa1j8knAyV7u7zucg==

GET
H2 200 9d458a67-test1_10c70gb09x0gb015000028.jpg
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 20 KB
20 KB 67ms
66ms Image
image/jpeg 65.9.91.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/9d458a67-test1_10c70gb09x0gb015000028.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f9423e6b6787be5118f00c71c19df2146fa7bc508f34d9e2d40cdff38b016306

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 18:08:30 GMT
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jan 2021 16:20:46 GMT
server: AmazonS3
age: 353600
etag: "85cdd07d935ad179755b9557f25a5352"
x-cache: Hit from cloudfront
x-amz-version-id: fsWNsZtqIGEA7.88tDHRLj.GqQTdJisG
cache-control: max-age=31557600
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 19989
x-amz-cf-id: BFt-kjBAkRtHN17Hd22RGdK0b-Tipr9A898oEcAcyU0s4R4kpVWc0w==

GET
H2 200 c310889d-five-star-reviews-localcoin-on-google_102301f02300i00000f000.png
d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/ 2 KB
3 KB 66ms
65ms Image
image/png 65.9.91.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/secured.kraftgun.com/special-offer/c310889d-five-star-reviews-localcoin-on-google_102301f02300i00000f000.png
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37db44090775a0db612e85eb879059ea05283db5af38eb665434b55399df8e1b

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 09:37:28 GMT
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
last-modified: Mon, 15 Feb 2021 15:40:17 GMT
server: AmazonS3
age: 38662
etag: "be6376923515c326264a35b5b028ac48"
x-cache: Hit from cloudfront
x-amz-version-id: Z33EdXsalo83Q29M9BJodJxC8V69F1xj
cache-control: max-age=31557600
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: image/png
content-length: 2295
x-amz-cf-id: UQrvIu4nNnSga8UVKWZpYQX19S9zHm08pmifHT93W5r4hrO-9-leQg==

GET
H3-Q050 200 2sDcZGJYnIjSi6H75xkzaGW5Kb8VZA.woff2
fonts.gstatic.com/s/assistant/v7/ 20 KB
20 KB 33ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/assistant/v7/2sDcZGJYnIjSi6H75xkzaGW5Kb8VZA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c57e3e2b22c5bf3cd60a9a7bb27fb9447b5dc632b7f2ae2401e611ba6a635c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://secured.kraftgun.com
Referer: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 01:16:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:35:30 GMT
server: sffe
age: 327911
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20532
x-xss-protection: 0
expires: Sun, 13 Feb 2022 01:16:38 GMT

GET
H3-Q050 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v19/ 41 KB
42 KB 23ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://secured.kraftgun.com
Referer: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 01:09:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:51:07 GMT
server: sffe
age: 328311
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42444
x-xss-protection: 0
expires: Sun, 13 Feb 2022 01:09:58 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 26ms
23ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://secured.kraftgun.com
Referer: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 05:54:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 52035
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 16 Feb 2022 05:54:34 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://secured.kraftgun.com
Referer: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 05:54:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 52035
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Wed, 16 Feb 2022 05:54:34 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://secured.kraftgun.com
Referer: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 05:54:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 52026
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Wed, 16 Feb 2022 05:54:43 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://secured.kraftgun.com
Referer: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 16:25:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 100584
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 15 Feb 2022 16:25:25 GMT

GET
H3-Q050 200 KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v20/ 12 KB
12 KB 16ms
12ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d630df8a89d2ec3c590c3b036b610c60fda3df53b3a4c81f3a9e5c94a0de5929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://secured.kraftgun.com
Referer: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 22:07:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:03 GMT
server: sffe
age: 512066
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12688
x-xss-protection: 0
expires: Thu, 10 Feb 2022 22:07:23 GMT

GET
H3-Q050 200 S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://secured.kraftgun.com
Referer: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 16:27:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 100440
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13912
x-xss-protection: 0
expires: Tue, 15 Feb 2022 16:27:49 GMT

GET
H3-Q050 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://secured.kraftgun.com
Referer: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 13:34:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 110818
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Tue, 15 Feb 2022 13:34:51 GMT

GET
H3-Q050 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://secured.kraftgun.com
Referer: https://fonts.googleapis.com/css?family=Assistant:700,regular,300,200,800,600%7CRaleway:regular,700,900,300,600%7CRoboto:regular,500,300,700,700italic%7CLato:300,regular,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 16:27:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:25 GMT
server: sffe
age: 100438
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Tue, 15 Feb 2022 16:27:51 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/580489503/ 3 KB
1 KB 51ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580489503/?random=1613506909133&cv=9&fst=1613506909133&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4521d2b355bcaaa69d8eb93b30eac99fb003bf5be52b2e89a21d9b7e4589a1e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 20:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/580489503/ 2 KB
2 KB 57ms
42ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/580489503/?random=1613506909135&cv=9&fst=1613506909135&num=1&label=PxaBCNvg5N8BEJ-i5pQC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54544a57dc63ce72cf56a42b10d09a10a4350da08675ddf343f4a9ac2f365ef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 20:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1411
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/996215059/ 3 KB
2 KB 47ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/996215059/?random=1613506909138&cv=9&fst=1613506909138&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2c2b9e8410312875dba5cf3c3d5a2878552a2e02d1c4615420e556fa0707931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 20:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?tna=v2.0.1&aid=a-04g1&wpn=lc-bundle&pu=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%...
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-04g1&wpn=lc-bundle&pu=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141...

13 B
569 B

316ms
110ms

XHR
application/json

34.199.213.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?tna=v2.0.1&aid=a-04g1&wpn=lc-bundle&pu=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&refr=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&duid=b915b628ebc1--01eyp834v0e0mtymn7bem7v2ab&se=e30&dtstmp=1613506909219&i6=MmEwMTo0Zjg6MTIxOjEzMWE6OjI%3D&n3pc=true

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.199.213.67 Maple Heights, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secured.kraftgun.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:49 GMT
x-pixel-event-id: 31994e87-f70c-4b50-ad3a-4f7e10da1c40
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
request-time: 7
vary: Origin
content-length: 13
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.16.1
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 4d535fe8e3f72bee

Redirect headers

date: Tue, 16 Feb 2021 20:21:49 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.16.1
vary: Origin
location: https://rp4.liadm.com/j?tna=v2.0.1&aid=a-04g1&wpn=lc-bundle&pu=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&refr=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&duid=b915b628ebc1--01eyp834v0e0mtymn7bem7v2ab&se=e30&dtstmp=1613506909219&i6=MmEwMTo0Zjg6MTIxOjEzMWE6OjI%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://secured.kraftgun.com
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 8e4a0c7316f200d4
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H2 200 provider.hlsjs.js Show response
ssl.p.jwpcdn.com/player/v/8.18.4/ 283 KB
86 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/provider.hlsjs.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/PSSJZVRO-vG2mJbcu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dfa05a5964f7993f83a296584170a7e49ace63db0891f1e53add0635e022bf6b

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:49 GMT
content-encoding: gzip
age: 2733601
x-cache: HIT
content-length: 87594
via: 1.1 varnish
x-served-by: cache-hhn4072-HHN
last-modified: Fri, 15 Jan 2021 21:39:09 GMT
server: AmazonS3
x-timer: S1613506909.226530,VS0,VE0
etag: "7ad588058a2b5fbdc9f3b1642b7383fa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 977599

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=444674280268662&ev=PageView&dl=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&rl=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&if=false&ts=1613506909266&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1613506909265.157144895&it=1613506908922&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 16 Feb 2021 20:21:49 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=444674280268662&ev=AddToCart&dl=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&rl=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&if=false&ts=1613506909268&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1613506909265.157144895&it=1613506908922&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 16 Feb 2021 20:21:49 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/996215059/ 42 B
135 B 58ms
58ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/996215059/?random=1613506909138&cv=9&fst=1613505600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&async=1&fmt=3&is_vtc=1&random=2261441167&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 20:21:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/996215059/ 42 B
154 B 22ms
21ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/996215059/?random=1613506909138&cv=9&fst=1613505600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&async=1&fmt=3&is_vtc=1&random=2261441167&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 20:21:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/580489503/ 42 B
66 B 60ms
59ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/580489503/?random=1613506909133&cv=9&fst=1613505600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&async=1&fmt=3&is_vtc=1&random=841560541&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 20:21:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/580489503/ 42 B
108 B 29ms
28ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/580489503/?random=1613506909133&cv=9&fst=1613505600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&async=1&fmt=3&is_vtc=1&random=841560541&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 20:21:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 facebook-reviews.js Show response
static.elfsight.com/apps/facebook-reviews/release/5b03c028-86aa-4646-a270-9919d2da8c48/app/ 413 KB
105 KB 54ms
54ms Script
application/javascript 2606:4700:20::ac43:486a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/apps/facebook-reviews/release/5b03c028-86aa-4646-a270-9919d2da8c48/app/facebook-reviews.js

Requested by

Host: apps.elfsight.com
URL: https://apps.elfsight.com/p/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:486a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

109fad99353bbe333d48b73f4596496db0f58587547646eee5efeef9fc559d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:49 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 731642
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: tx0000000000000092ffa41-006020ff62-5ed4160-sfo2a
cf-request-id: 084e1aad0200004be23488e000000001
last-modified: Wed, 20 Jan 2021 07:59:50 GMT
server: cloudflare
cache-control: max-age=31536000
etag: W/"18c7ce1811563c845a2114f190516b1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q0z9CdYbts7SaKmYG46gvIqb7nVHq4T5EAEUPW1laFQxzcglI8bcGa%2Bxdo1h4eovbIlD7hKY%2F8Wysk4w7egIq7z%2BJTxR4Pb0seUxDNIZRGyrk%2FoJo1Z8AAjNHzExSvfM"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
x-rgw-object-type: Normal
cf-ray: 6229fa280c104be2-AMS

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/580489503/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580489503/?random=1782212358&cv=9&fst=1613506909135&num=1&label=PxaBCNvg5N8BEJ-i5pQC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
https://www.google.com/pagead/1p-conversion/580489503/?random=1782212358&cv=9&fst=1613506909135&num=1&label=PxaBCNvg5N8BEJ-i5pQC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
https://www.google.de/pagead/1p-conversion/580489503/?random=1782212358&cv=9&fst=1613506909135&num=1&label=PxaBCNvg5N8BEJ-i5pQC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
135 B

22ms
22ms

Image
image/gif

2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/580489503/?random=1782212358&cv=9&fst=1613506909135&num=1&label=PxaBCNvg5N8BEJ-i5pQC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=XSksYJ_7CoLwtgeG3YmIAg&cid=CAQSKQCNIrLMD4_UIRT2h62OnCeKwKjCm_tGa1Hi_grbM2UckyeORexwVN1m&random=2232315357&resp=GooglemKTybQhCsO&ipr=y&ezwbk=AZuM4hDIRaqqFKhGDp5iW7cKvEb2bhn85qwnQgI6bVvGXh6TmLJHNgxPPXI4zvRR759slI5Aw8FFKEH9Jxl13utVc-Dp

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 20:21:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 20:21:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/580489503/?random=1782212358&cv=9&fst=1613506909135&num=1&label=PxaBCNvg5N8BEJ-i5pQC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&ref=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&tiba=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=XSksYJ_7CoLwtgeG3YmIAg&cid=CAQSKQCNIrLMD4_UIRT2h62OnCeKwKjCm_tGa1Hi_grbM2UckyeORexwVN1m&random=2232315357&resp=GooglemKTybQhCsO&ipr=y&ezwbk=AZuM4hDIRaqqFKhGDp5iW7cKvEb2bhn85qwnQgI6bVvGXh6TmLJHNgxPPXI4zvRR759slI5Aw8FFKEH9Jxl13utVc-Dp
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

PSSJZVRO-120.vtt Show response
assets-jpcust.jwpsrv.com/strips/
Redirect Chain

https://cdn.jwplayer.com/strips/PSSJZVRO-120.vtt
https://assets-jpcust.jwpsrv.com/strips/PSSJZVRO-120.vtt

5 KB
1 KB

111ms
95ms

XHR
text/vtt

2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-jpcust.jwpsrv.com/strips/PSSJZVRO-120.vtt
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 57bfe1e2f003fe73760150f93bcabc700a196342d84a6fa4008f1b6b8e3d1911

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:49 GMT
content-encoding: gzip
age: 421
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
access-control-max-age: 180
content-length: 826
x-served-by: cache-bwi5137-BWI, cache-hhn4030-HHN
access-control-allow-origin: *
last-modified: Tue, 15 Dec 2020 13:41:21 GMT
server: nginx
x-timer: S1613506910.612079,VS0,VE85
etag: "1cfe677908afed0917df077908debd79"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/vtt
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 1, 0

Redirect headers

date: Tue, 16 Feb 2021 20:21:49 GMT
via: 1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: PRG50-C1
location: https://assets-jpcust.jwpsrv.com/strips/PSSJZVRO-120.vtt
x-cache: Miss from cloudfront
content-type: text/html
access-control-allow-origin: *
content-length: 178
x-amz-cf-id: JJuKAty6qKg2s-k3DmfMBi4flN2w8h1k6Cnu8Q8PYD9vf7f0EUsRAA==

GET
H2 200 related.js Show response
ssl.p.jwpcdn.com/player/v/8.18.4/ 106 KB
24 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.18.4/related.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/PSSJZVRO-vG2mJbcu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e09b68632588396c28cfadd6fda5f86b0bd0e0119c955ea0ba8121c34c0fa37

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:49 GMT
content-encoding: gzip
age: 1593252
x-cache: HIT
content-length: 24438
via: 1.1 varnish
x-served-by: cache-hhn4072-HHN
last-modified: Fri, 15 Jan 2021 21:39:11 GMT
server: AmazonS3
x-timer: S1613506909.478615,VS0,VE0
etag: "3444ba72502987ef98fe56e85bec1ecd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 820175

GET
H2

200

DQ2Yjd5J-120.vtt Show response
assets-jpcust.jwpsrv.com/strips/
Redirect Chain

https://cdn.jwplayer.com/strips/DQ2Yjd5J-120.vtt
https://assets-jpcust.jwpsrv.com/strips/DQ2Yjd5J-120.vtt

5 KB
1 KB

100ms
96ms

XHR
text/vtt

2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-jpcust.jwpsrv.com/strips/DQ2Yjd5J-120.vtt
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5025336d1edb4c33d186ff577eb89d33cc8138dca56f3f3273657e941075a2c4

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:49 GMT
content-encoding: gzip
age: 421
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
access-control-max-age: 180
content-length: 938
x-served-by: cache-bwi5126-BWI, cache-hhn4030-HHN
access-control-allow-origin: *
last-modified: Mon, 18 Jan 2021 11:18:01 GMT
server: nginx
x-timer: S1613506910.612059,VS0,VE86
etag: "d445ac645fb4017d9cefa87ff44776f9"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/vtt
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 1, 0

Redirect headers

date: Tue, 16 Feb 2021 20:21:49 GMT
via: 1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: PRG50-C1
location: https://assets-jpcust.jwpsrv.com/strips/DQ2Yjd5J-120.vtt
x-cache: Miss from cloudfront
content-type: text/html
access-control-allow-origin: *
content-length: 178
x-amz-cf-id: FeUKONEQM7usi0PzLTsPe6tzTTNV5YKnQV_9Lfroe2-Abpr_CPZFeQ==

GET
H2

200

nx7qe81p-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://cdn.jwplayer.com/v2/media/PSSJZVRO/poster.jpg?width=720
https://assets-jpcust.jwpsrv.com/thumbnails/nx7qe81p-720.jpg

56 KB
56 KB

97ms
97ms

Image
image/jpeg

2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/nx7qe81p-720.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dd815ec21b627973b71f25caab033018fd26649b46a4402fb3ebf36e07e0179f

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:49 GMT
content-encoding: gzip
age: 200
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 57182
x-served-by: cache-bwi5125-BWI, cache-hhn4072-HHN
access-control-allow-origin: *
last-modified: Tue, 15 Dec 2020 13:40:54 GMT
server: nginx
x-timer: S1613506910.653038,VS0,VE91
etag: "662f9cc9ab7e7736bcddc39f472a8f67"
vary: Accept-Encoding
content-type: image/jpeg
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 1, 1

Redirect headers

date: Tue, 16 Feb 2021 20:21:49 GMT
via: 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: PRG50-C1
location: https://assets-jpcust.jwpsrv.com/thumbnails/nx7qe81p-720.jpg
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-cache: Miss from cloudfront
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
content-length: 0
x-amz-cf-id: pNHoVEfYEOUU9siL5vn07muvsBj0PLGVttK-GOQC65whrlmYqGGojQ==

GET
H2

200

rfaumry6-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://cdn.jwplayer.com/v2/media/DQ2Yjd5J/poster.jpg?width=720
https://assets-jpcust.jwpsrv.com/thumbnails/rfaumry6-720.jpg

49 KB
49 KB

101ms
100ms

Image
image/jpeg

2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/rfaumry6-720.jpg
Requested by: Host: secured.kraftgun.com
URL: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: edb636567453187de643d9ea326d6ed5489b91dab0e6f489fc2d73082483cabc

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:49 GMT
content-encoding: gzip
age: 200
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 49899
x-served-by: cache-bwi5150-BWI, cache-hhn4072-HHN
access-control-allow-origin: *
last-modified: Mon, 18 Jan 2021 11:17:29 GMT
server: nginx
x-timer: S1613506910.619943,VS0,VE91
etag: "2c79d8cb1524fad7b13dc279597fc175"
vary: Accept-Encoding
content-type: image/jpeg
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 1, 1

Redirect headers

date: Tue, 16 Feb 2021 20:21:49 GMT
via: 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: PRG50-C1
location: https://assets-jpcust.jwpsrv.com/thumbnails/rfaumry6-720.jpg
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-cache: Miss from cloudfront
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
content-length: 0
x-amz-cf-id: 1hYcv_fLLRvdhsWfGogp-1Cymy16LqhOTL51oN6NrDAPneMIuPJwBw==

GET
H2 200 click Show response
www.ghj65trk.com/sdk/ 85 B
435 B 139ms
139ms Fetch
application/json 34.107.168.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ghj65trk.com/sdk/click?effp=c6dcea405b0f72f26b8bb37b674db62a&_ef_transaction_id=&oid=1&affid=6&__cc=&async=json&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659
Requested by: Host: www.ghj65trk.com
URL: https://www.ghj65trk.com/scripts/sdk/everflow.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.168.177 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 177.168.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 729e2e219a5bc0a427923d35110d2bb689d2fde40c68ae01213b22dd71b48379

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:49 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secured.kraftgun.com
access-control-allow-credentials: true
x-eflow-request-id: c08b0a5d-3093-482a-890b-359c82ffc2df
alt-svc: clear
content-length: 85

OPTIONS
H2 204 views
__events.elfsight.com/events/ Frame 0
0 265ms
221ms Other 2606:4700:20::ac43:486a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://__events.elfsight.com/events/views

Protocol

Server

2606:4700:20::ac43:486a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://secured.kraftgun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 16 Feb 2021 20:21:49 GMT
x-powered-by: Express
access-control-allow-origin: https://secured.kraftgun.com
vary: Origin, Access-Control-Request-Headers
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: content-type
cf-cache-status: DYNAMIC
cf-request-id: 084e1aadcd0000c77948063000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2GYDKrjriiav79Jk3CFgqXun7oog0UmcZ0g%2BCwnj6gUDRrXUYraRnxv%2Bb6BsQg1FHyssxdjVIozes87Ppg%2BNpo0AdjhQogYLFXuE8E1NXX3fe7Mog1O60EdlWe%2BwJx0CUAw%3D"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 6229fa294e88c779-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 views
__events.elfsight.com/events/ 0
0 180ms
180ms Fetch 2606:4700:20::ac43:486a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://__events.elfsight.com/events/views

Requested by

Host: apps.elfsight.com
URL: https://apps.elfsight.com/p/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:486a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 16 Feb 2021 20:21:50 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H43t4MMRtEgmbafQh%2F2tS28Vbj0KEk91BJeyHDvIAyDuUBZjf8qz7ofTDPWbnyx7pTnujgiUHdy60WhAUy%2FXcb3ck84xofCANp7IMOCRbk5s4SZeKp5oV8K8j9UW6FqYc14%3D"}],"group":"cf-nel"}
access-control-allow-origin: https://secured.kraftgun.com
strict-transport-security: max-age=0
cf-ray: 6229fa2a89afc779-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084e1aae9b0000c779181ed000000001

GET
H2 200 facebook Show response
storage.elfsight.com/api/ 196 B
1 KB 507ms
476ms Fetch
application/json 2606:4700:20::681a:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://storage.elfsight.com/api/facebook?q=v8.0%2Fme%3Ffields%3Dname%252Clink%252Coverall_star_rating%252Crating_count&page_token=eyJpdiI6InNiNklVdkJoUURGOUNoMlJseFptNlE9PSIsInZhbHVlIjoiSFQ5aUhmalVhQVRjZWFEZHRhVmROSitXdW9uWlwvdHhpS1lZXC93RGtRNzBDd1RHdURpdW5FVk1vOTZBR05oNnlqWTRsWXpRWEMxRnh0aHNzUHhHSmR2VFlJYmJ2VHVkWjNnYTloRjZlcllPaTlyM2E1UEVJVThTaUljWXpMSkRxc2FyZW9HNlhHb2xIQ3VURENpS1VrVHJSNnFaMjhrMFROaGZhR2hxV1JxeHJJKzk1cVc4U2lMRlRtWlZjdk9OQlpSNFE3aXNYMVJUSTIrWEM5a1BCOGVPRXZyaE43TmllYkVwd25Yd2JxZmJyMFlZNUtUSnRZdENJTis2OTE0WGd3KzRPK09XZEI4a0p1ZndsNnd1c1ZuQT09IiwibWFjIjoiYWI0NTkwMjg0ZWIzMTdiY2RmNjEwNjFjYTRhOTUxMGU4YWNhYjZmMDc1NzY5N2MxNDUyNjYxNjQ3ZjAzZjA4NCJ9

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/apps/facebook-reviews/release/5b03c028-86aa-4646-a270-9919d2da8c48/app/facebook-reviews.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fa5e8ab420b5f265723ffdc53976e8c9914b25a32dd2b1f01d1cc1fc8964937

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-xss-protection: 1; mode=block
access-control-allow-methods: GET
strict-transport-security: max-age=0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084e1aadb200000bf14ea57000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rIVfnu7hoaP49kDdfkngr%2BVR813U8Yb5Rw6cf3PfnUqkaYNkPaNTz2%2FBsMZ5w32xPzteXWX%2BTnHeiEnkcVujFeLFEFOiU8KnT%2Bcl5PNPHSXi8e%2Fd5RgCmnWPRQPiIlOd4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://secured.kraftgun.com
vary: Accept-Encoding
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6229fa291c060bf1-AMS
access-control-allow-headers: DNT, Referer, Content-Type, Set-Cookie, x-csrf-token, x-socket-id

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=444674280268662&ev=Microdata&dl=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&rl=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&if=false&ts=1613506909769&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN%22%2C%22meta%3Akeywords%22%3A%22%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN%22%2C%22meta%3Adescription%22%3A%22%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=2&o=30&fbp=fb.1.1613506909265.157144895&it=1613506908922&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 16 Feb 2021 20:21:49 GMT

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
26 B 104ms
100ms Image
text/plain 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1347806861&e=e&n=1468203374455275&aid=Lhmy0L8rEem7A7ISMW1pEA&amp=0&at=1&c=-1&ccp=0&cp=0&d=2&eb=0&ed=10&emi=vtgp9e124dwj&i=0&id=PSSJZVRO&lsa=fail&mt=1&pbd=1&pbr=1&pgi=i05hw51478g7&ph=3&pid=vG2mJbcu&pii=0&pl=429&plc=1&pli=18a53bg1ypib&pp=hlsjs&ppm=VOD&prc=2&ps=4&pss=1&pt=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&pu=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&pv=8.18.4&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Meet%20The%20Strongest%20Massage%20Gun%20Ever%20-%20The%20Kraftgun%20Force!&tv=3.35.0&vb=0&vi=0&vl=90&wd=762&ab=0&cae=0&cb=1&cdid=botr_PSSJZVRO_vG2mJbcu_div&cme=0&dd=1&flc=0&fv=&ga=0&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FPSSJZVRO.m3u8&pbc=0&pd=2&pdr=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&plng=en-US&plt=1100&pni=0&po=0&pogt=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&sp=0&st=510&sa=1613506910862
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:50 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-hhn4072-HHN
x-cache: MISS
x-cache-hits: 0

GET
H2 204 ping.gif
ping-meta-prd.jwpltx.com/v1/jwplayer6/ 0
26 B 130ms
99ms Image
text/plain 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping-meta-prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1246529579&e=xapi&n=9725472766438399&aid=Lhmy0L8rEem7A7ISMW1pEA&emi=repgn319lzef&id=DQ2Yjd5J&pli=19d95pbrenqp&pv=8.18.4&tv=3.35.0&ed=10&prs=idle&pid=NZo33V7a&ph=3&sdk=0&xam=setup&xfmp=1&sa=1613506910862
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:50 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-hhn4072-HHN
x-cache: MISS
x-cache-hits: 0

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
82 B 103ms
100ms Image
text/plain 2a04:4e42:1b::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-879945509&e=e&n=2816458572351552&aid=Lhmy0L8rEem7A7ISMW1pEA&amp=0&at=1&c=-1&ccp=0&cp=0&d=2&eb=1&ed=10&emi=repgn319lzef&i=0&id=DQ2Yjd5J&lsa=fail&mt=1&pbd=1&pbr=1&pgi=i05hw51478g7&ph=3&pid=NZo33V7a&pii=0&pl=0&plc=1&pli=19d95pbrenqp&pp=hlsjs&ppm=VOD&prc=2&ps=4&pss=1&pt=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&pu=https%3A%2F%2Fsecured.kraftgun.com%2Fspecial-offer%2F%3Foid%3D1%26affid%3D6%26sub1%3D994%26sub2%3D%26sub3%3D690372%26sub4%3D1122336141%26sub5%3D916d64e0ab504fc99e8dc37757e76659%26oid2%3D6711%26dmn%3Dwww.vdksda.com&pv=8.18.4&pyc=0&s=0&sdk=0&stc=2&stpe=0&t=Final%2060056c4450cee9002ff34ba6%20944444&tv=3.35.0&vb=0&vi=0&vl=90&wd=0&ab=0&cae=0&cb=1&cdid=botr_DQ2Yjd5J_NZo33V7a_div&cme=0&dd=1&flc=0&fv=&ga=0&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FDQ2Yjd5J.m3u8&pbc=0&pd=2&pdr=https%3A%2F%2Fcirculationimpartial.com%2F1764065842ff79c1800%2FCOVDDD_qc602bdaaee10a4%2Fydqc%257CM21unJj%3D%257Cgd38v%257C2bqvo3%257C38obnrc%257C0%257C0000rfurnn%257CU%257CM21unJj%3D%257CPC%257C3colm1c%2Fp3yxAwNlLzEuLJIxAQR3L192oS9OL3EcqzHkqzkspJZ0&plng=en-US&plt=1100&pni=0&po=0&pogt=%24120%20Off%20-%20Limited%20Time%20Offer%20-%20KRAFTGUN&sp=0&st=510&sa=1613506910862
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:50 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-hhn4072-HHN
x-cache: MISS
x-cache-hits: 0

GET
H2 200 app.js Show response
static-v.tawk.to/709/ 503 KB
111 KB 49ms
46ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-v.tawk.to/709/app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5cd1205ed07d7e0c63924148/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a64587179f88ce099e304e1aba99e844db374d0b49c6db9fcdb79f18fa72c889

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://secured.kraftgun.com
Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 99627
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084e1ab293000017623e196000000001
last-modified: Fri, 15 Jan 2021 22:41:20 GMT
server: cloudflare
etag: W/"d4160b3dd3f8809cdee87d79588bd521"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6229fa30e8351762-FRA

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 2 KB
1011 B 460ms
458ms XHR
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5cd1205ed07d7e0c63924148&widgetId=default

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81baf169ef807d1f5c1f840a16d469f1b2d0576dc832e2f2deeb174e6f72cf6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
strict-transport-security: max-age=0; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084e1ab2e4000017627eb18000000001
x-served-by: visitor-application-preemptive-hdrh
server: cloudflare
etag: W/"1-7-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400, s-maxage=14400
cf-ray: 6229fa31695a1762-FRA

POST
H2 200 1613506910950 Show response
va.tawk.to/register/ 1 KB
2 KB 190ms
173ms XHR
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/register/1613506910950

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff45caf2a5a12a54464de55cf4ae3529e25e23fdd271d5a64d6120a1b3808aa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Feb 2021 20:21:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084e1ab2fa00004e5be0b2c000000001
x-served-by: visitor-application-preemptive-5v6w
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://secured.kraftgun.com
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 6229fa3189c44e5b-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
44 B 28ms
27ms Image
image/gif 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-996215059&cv=1&v=3&t=t&pid=359530654&rv=230&es=1&e=gtm.load&eid=20&u=C&tc=1&z=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 20:21:51 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 580F 7 KB
666 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 19:03:10 GMT
server: ESF
date: Tue, 16 Feb 2021 20:21:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Feb 2021 20:21:51 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 7A16 7 KB
620 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 19:10:11 GMT
server: ESF
date: Tue, 16 Feb 2021 20:21:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Feb 2021 20:21:51 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 7C22 7 KB
620 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 18:57:45 GMT
server: ESF
date: Tue, 16 Feb 2021 20:21:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Feb 2021 20:21:51 GMT

GET
H2 200 emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame 7C22 192 B
222 B 10ms
9ms Stylesheet
text/css 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 595362
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 152
etag: W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
x-served-by: cache-fra19125-FRA
date: Tue, 16 Feb 2021 20:21:51 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame 7C22 295 KB
53 KB 8ms
7ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 595362
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 53889
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
x-served-by: cache-fra19125-FRA
date: Tue, 16 Feb 2021 20:21:51 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
vsa72.tawk.to/s/ 101 B
306 B 454ms
452ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsa72.tawk.to/s/?k=602c295feb6b714e1be4f761&u=c3hkAe%2F7kK0CdHDBeHwq9GZEpWaw%2BWelkpU9Y2MA12TNfgmfGFP8ZAnk17%2FyDuyX&uv=2&a=5cd1205ed07d7e0c63924148&cver=0&pop=false&jv=709&asver=440440&ust=false&EIO=3&transport=polling&__t=NUiWPpJ

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de2c1447721143d4a022c18759ae0d4f28655a17de22bff8155f3b7de50bdef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:51 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://secured.kraftgun.com
access-control-allow-credentials: true
cf-ray: 6229fa348a244e5b-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 101
cf-request-id: 084e1ab4da00004e5baf366000000001

GET
H2 200 26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 7C22 413 B
516 B 6ms
6ms Image
image/png 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 595361
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 413
etag: W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
x-served-by: cache-fra19125-FRA
date: Tue, 16 Feb 2021 20:21:51 GMT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
vsa72.tawk.to/s/ 77 B
186 B 126ms
125ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92cefaef538203b3ad443b8779656f856aecd4ab06aa8c0fb3dc4cb871d5bdb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:52 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://secured.kraftgun.com
access-control-allow-credentials: true
cf-ray: 6229fa3769754e5b-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77
cf-request-id: 084e1ab6a200004e5be3ad8000000001

POST
H2 200 v3 Show response
va.tawk.to/log-performance/ 5 B
244 B 143ms
143ms XHR
text/html 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Feb 2021 20:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 084e1ab72100004e5b85324000000001
x-served-by: visitor-application-preemptive-z2rv
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://secured.kraftgun.com
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 6229fa383bb64e5b-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H2 200 / Show response
vsa72.tawk.to/s/ 4 B
89 B 565ms
565ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secured.kraftgun.com/special-offer/?oid=1&affid=6&sub1=994&sub2=&sub3=690372&sub4=1122336141&sub5=916d64e0ab504fc99e8dc37757e76659&oid2=6711&dmn=www.vdksda.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 20:21:52 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://secured.kraftgun.com
access-control-allow-credentials: true
cf-ray: 6229fa383bbb4e5b-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4
cf-request-id: 084e1ab72100004e5b93312000000001

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secured.kraftgun.com/	1970-01-19 16:11:47	Name: outbrain_cid_fetch Value: true
secured.kraftgun.com/	1970-01-19 20:30:58	Name: ubvs Value: 217.138.216.441614191670163470
.kraftgun.com/	1970-01-19 18:21:22	Name: _fbp Value: fb.1.1613506909265.157144895
secured.kraftgun.com/special-offer/	1969-12-31 23:59:59	Name: ubrs Value: weighted
.kraftgun.com/	1970-01-20 09:42:58	Name: _lc2_fpi Value: b915b628ebc1--01eyp834v0e0mtymn7bem7v2ab
.kraftgun.com/	1970-01-19 16:13:13	Name: _uetsid Value: 990ab820709411ebbf6e35ea2d061f70
secured.kraftgun.com/	1970-01-20 09:42:58	Name: _sp_id.a783 Value: 94037606-3524-4c77-a3b8-1311a002ef1e.1613506909.1.1613506909.1613506909.b7a3423b-684a-4f51-95fe-9a15dd791136
.kraftgun.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .kraftgun.com
.kraftgun.com/	1970-01-19 16:16:06	Name: ubvt Value: 217.138.216.441614191670163470
.kraftgun.com/	1970-01-19 16:35:10	Name: _uetvid Value: 990ae0b0709411ebbe8795e6422c1b72
secured.kraftgun.com/	1970-01-19 16:11:48	Name: _sp_ses.a783 Value: *
secured.kraftgun.com/special-offer/	1970-01-19 20:36:44	Name: ubpv Value: dp%2C9177cfcd-7d13-4f97-ad68-ae2e0b0577a9

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.taboola.com/libtrc/unip/1218832/tfa.js(Line 3) Message: Taboola Pixel: An error occurred while handling command '{"notify":"event","name":"add_to_cart","id":1218832,"tim":1613506908986}'. TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

92ab5d6997844ed5b484a962b8c15274.js.ubembed.com
__events.elfsight.com
a.quora.com
ajax.googleapis.com
amplify.outbrain.com
apps.elfsight.com
assets-jpcust.jwpsrv.com
assets.ubembed.com
b-code.liadm.com
bat.bing.com
bit.ly
builder-assets.unbounce.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.powerinboxedge.com
cdn.taboola.com
circulationimpartial.com
connect.facebook.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
embed.tawk.to
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
goduare.com
googleads.g.doubleclick.net
ping-meta-prd.jwpltx.com
prd.jwpltx.com
q.quora.com
rp.liadm.com
rp4.liadm.com
s.yimg.com
secured.kraftgun.com
ssl.p.jwpcdn.com
static-v.tawk.to
static.elfsight.com
storage.elfsight.com
tr.outbrain.com
track.rev-stripe.com
va.tawk.to
vsa72.tawk.to
www.facebook.com
www.ghj65trk.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.vdksda.com
104.108.145.107
109.232.225.44
13.84.54.237
142.250.185.66
151.101.113.131
151.101.113.2
163.172.70.120
18.196.95.178
199.232.137.44
2600:1f18:730:b140:28d8:9783:2a08:4b54
2600:9000:2127:4600:1d:11cf:5800:93a1
2600:9000:2127:5c00:1:a3fa:7cc0:93a1
2606:4700:10::6816:1983
2606:4700:20::681a:76b
2606:4700:20::ac43:486a
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:801::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::2004
2a00:1450:4001:812::200a
2a00:1450:4001:827::2008
2a00:1450:4001:82b::2003
2a02:26f0:12d::b819:ef73
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::626
2a04:4e42:3::621
3.230.50.184
34.102.170.20
34.107.168.177
34.199.213.67
35.173.63.32
65.9.20.23
65.9.20.72
65.9.91.213
65.9.94.126
67.199.248.10
70.42.32.95
02b3bb1f88fed173c3534d0da79d5059ca521dc7dd198966c93ecb0d05899d9d
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
109fad99353bbe333d48b73f4596496db0f58587547646eee5efeef9fc559d07
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114c86edc7d1cb27c3ffbe36a75538940cec1945a0dcd18886e46ff403ad25b9
11e4390972243444bef13a861d73eed252a6d4c9cc43e98a7e4e19bceb46bee8
146713f310842933dc62d2bed7f0eaaf8a9cf3cdf72fd37610ef51e58378c8dc
15d50926a491534630fd3014a812310fa2a9ee5f8c60236cdcfc366588f87ce3
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1da9819bcabac9e138d1f10c7d1c76f3da09e894f7a140ffb82e15710d877199
1dd065c2a10c5c9ab803c37299252f97e4fe7daa78734ad70600ab39e1de3da2
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
37db44090775a0db612e85eb879059ea05283db5af38eb665434b55399df8e1b
3a35b42068a61c55a20f5c9b684d040105ccfbac546a5459d47852159e00f0ab
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4521d2b355bcaaa69d8eb93b30eac99fb003bf5be52b2e89a21d9b7e4589a1e5
485684debae59368f4869b98b228c36719ba92fe983e42c66aea2a729c1b6f8e
4c616b0445de7236c857bbcff63e3236985202ead1d6676dd74b6151a5d88800
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
4e09b68632588396c28cfadd6fda5f86b0bd0e0119c955ea0ba8121c34c0fa37
4fa5e8ab420b5f265723ffdc53976e8c9914b25a32dd2b1f01d1cc1fc8964937
5025336d1edb4c33d186ff577eb89d33cc8138dca56f3f3273657e941075a2c4
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
51a5c52f86e1f5c17f703d83aea85809292aed00d81029344a6dc631c1bb2a26
54544a57dc63ce72cf56a42b10d09a10a4350da08675ddf343f4a9ac2f365ef3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55e05ce33fadaa42b4fea7b79cb849c3bc84329390cfd18fe373a8d2c799143c
562c176f75228c71c53f4634f48c5b1a486710c1fd527d87346032b7b0b31ec0
5649d503e735e57589c5024915adf84be454b0ba65b8486ebaa35ba7245efc88
57bfe1e2f003fe73760150f93bcabc700a196342d84a6fa4008f1b6b8e3d1911
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6447d29d06c0a6d7832a74892f0d2802a5b87cd3ffbb65b73bc280828790cfc9
64f7626a65bb8304d55454d4b8049040d0875269980147a3d6f2d5b2f14580fb
6654e48770de22777ac01873bbf8164bc4650880375aca22245f43d6cabae6ef
671d10f7c57123625a336067f3b4de6933b918cb54bc53b8f19c07c4d3fec119
676139110081858300e270e344848783134bb86a4957d009dbb35728076ca51e
6c57e3e2b22c5bf3cd60a9a7bb27fb9447b5dc632b7f2ae2401e611ba6a635c6
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
729e2e219a5bc0a427923d35110d2bb689d2fde40c68ae01213b22dd71b48379
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
805ecfd7d133a29af3e4aa9860423382673a4f7986e8c0ff7574eeeab3976fa9
81baf169ef807d1f5c1f840a16d469f1b2d0576dc832e2f2deeb174e6f72cf6a
83421646893781edf2a0e6138b64d269fca4cfe73201d2ba92252e2971d255f8
89ffbe9e6cde6f9a1887c2132dba300a9f57d3ceb3dcb4042947e0cd8fdf0f9e
8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
92cefaef538203b3ad443b8779656f856aecd4ab06aa8c0fb3dc4cb871d5bdb9
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
95ae25c936e35ab8dfe9eadaeb5854cf241279f4d7f72a954285e12bb5ee0212
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a28afcf4acdbf76fa66d2e70a5247503b4c4c8513f60fa502c030f188e610401
a5e7b25f9eab6976f2b436f3fd293903a4df424898ab60314c318c07dd51029c
a64587179f88ce099e304e1aba99e844db374d0b49c6db9fcdb79f18fa72c889
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
aef23deda339b41ec1128bd29fb926bd6b5317b06583cfe713da67ae9db605ba
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b21d841d8c418f185506ff91595be0acb8ac14e9ff8c129ba1a0a7138c11184b
bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755
be565e2df3f82b724d6914a93528679b6535ee17c2c47f98855dd7abbbbb86c6
c64b3c13cbec214d71d5bb65728b45743ff4defc44da055c2d0ce8b3d0aa7e72
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbb6455cb0bee893bfdad8ce1adb134523cfa2a371430626fd1f5a574db6f5a2
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d576307215d8210dc87ef40f71a4c2eb4f283d807179544dce9321ecd2117604
d630df8a89d2ec3c590c3b036b610c60fda3df53b3a4c81f3a9e5c94a0de5929
dd815ec21b627973b71f25caab033018fd26649b46a4402fb3ebf36e07e0179f
de2c1447721143d4a022c18759ae0d4f28655a17de22bff8155f3b7de50bdef6
de8c308c919da61b100f09671307cf1aa3914c150367e85228f7a30a8dae61b5
dfa05a5964f7993f83a296584170a7e49ace63db0891f1e53add0635e022bf6b
e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a
e1f14612916bca52fcd4e2df47e39fb08b1dab021cf0585f2279e35b2a542ecb
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e2c2b9e8410312875dba5cf3c3d5a2878552a2e02d1c4615420e556fa0707931
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed5969737902a6ab2815c64df0d19336fe38d3ed2e020e481fd3c90bc97dd520
edb636567453187de643d9ea326d6ed5489b91dab0e6f489fc2d73082483cabc
ee4b51d6f0cf0a7ea6cb3127cba01e10cecfcc1659b79925dc349f0d0d1d49bc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f1ebb16c09e1401b3a2488f0648b7081471d7b73353feb53f2528d0bb9281bd4
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f62f08f3ab60810f61bab547392133c2574341dd4cc752e84013aecaa8b13355
f6cb35768200fed66c189f15b5d753304edfc6c815f418b06c975a501c428ec7
f9423e6b6787be5118f00c71c19df2146fa7bc508f34d9e2d40cdff38b016306
fa0334ad54880f1b98c677b318932c51ab193a27291660371e013d49b44f7c67
fbddb5dc71dbc432fe3c0882955fd4942934d931ea1cf8ed3107b6f8e8f6c7c8
fca188bcda4577e136a5d6948b701cde91cb840cdfc751a3fb4504eaea2f0d46
fd45b619e0418c72eea1af4307871571d595d89cf88fb65b597390917c73bd1c
ff45caf2a5a12a54464de55cf4ae3529e25e23fdd271d5a64d6120a1b3808aa6

secured.kraftgun.com Open in urlscan Pro 18.196.95.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

115 Requests

98 %HTTPS

50 %IPv6

34 Domains

48 Subdomains

38 IPs

5 Countries

1519 kBTransfer

4413 kBSize

12 Cookies

2 Outgoing links

Page URL History

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secured.kraftgun.com Open in urlscan Pro
18.196.95.178 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

98 %
HTTPS

50 %
IPv6

34
Domains

48
Subdomains

38
IPs

5
Countries

1519 kB
Transfer

4413 kB
Size

12
Cookies

115 HTTP transactions
1 data transactions