urlscan.io logo urlscan.io
SecurityTrails logo

rd.bizrate.com Open in urlscan Pro
34.160.194.93  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.notexistslime.scotianbank.com/
Effective URL: https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%...
Submission: On December 11 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 17 domains to perform 51 HTTP transactions. The main IP is 34.160.194.93, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is rd.bizrate.com. The Cisco Umbrella rank of the primary domain is 57405.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 4th 2024. Valid for: a year.
This is the only time rd.bizrate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 104.247.82.52 206834 (TEAMINTER...)
1 13.33.251.117 16509 (AMAZON-02)
1 2 54.82.7.206 14618 (AMAZON-AES)
1 1 18.164.116.33 16509 (AMAZON-02)
1 104.21.112.1 13335 (CLOUDFLAR...)
1 52.116.53.146 36351 (SOFTLAYER)
1 3 34.160.194.93 396982 (GOOGLE-CL...)
2 142.250.80.104 15169 (GOOGLE)
2 57.144.180.128 32934 (FACEBOOK)
4 150.171.27.10 8075 (MICROSOFT...)
2 69.147.92.12 14777 (YAHOO)
3 142.250.80.68 15169 (GOOGLE)
2 142.250.65.226 15169 (GOOGLE)
2 142.250.176.194 15169 (GOOGLE)
6 57.144.180.1 32934 (FACEBOOK)
2 52.72.192.139 14618 (AMAZON-AES)
1 7 172.67.69.68 13335 (CLOUDFLAR...)
51 17
4    104.247.82.52 (Canada)

ASN206834 (TEAMINTERNET-CA-AS Team Internet AG, DE)
www.notexistslime.scotianbank.com
1    13.33.251.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-251-117.jfk50.r.cloudfront.net
d38psrni17bvxu.cloudfront.net
2    54.82.7.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-7-206.compute-1.amazonaws.com
ernus-dop.com
1    18.164.116.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-33.jfk50.r.cloudfront.net
fillooncristives.com
1    104.21.112.1 (None, )

ASN13335 (CLOUDFLARENET, US)
zulemen.com
1    52.116.53.146 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 92.35.7434.ip4.static.sl-reverse.com
clkdeals.com
3    34.160.194.93 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.194.160.34.bc.googleusercontent.com
go.shopyourlikes.com
rd.bizrate.com
2    142.250.80.104 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f8.1e100.net
www.googletagmanager.com
2    57.144.180.128 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-03-lga3.fbcdn.net
connect.facebook.net
4    150.171.27.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    69.147.92.12 (Ashburn, United States)

ASN14777 (YAHOO, US)
PTR: e2.ycpi.vip.dca.yahoo.com
s.yimg.com
3    142.250.80.68 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f4.1e100.net
www.google.com
2    142.250.65.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
googleads.g.doubleclick.net
2    142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
td.doubleclick.net
6    57.144.180.1 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-03-lga3.facebook.com
www.facebook.com
2    52.72.192.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-192-139.compute-1.amazonaws.com
sp.analytics.yahoo.com
7    172.67.69.68 (United States)

ASN13335 (CLOUDFLARENET, US)
www.slewo.com
Apex Domain
Subdomains		 Transfer
7 slewo.com
www.slewo.com
3 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
6 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
td.doubleclick.net — Cisco Umbrella Rank: 182
6 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 359
16 KB
4 scotianbank.com
www.notexistslime.scotianbank.com
3 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
417 B
2 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1654
921 B
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 768
8 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
78 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
91 KB
2 bizrate.com
rd.bizrate.com — Cisco Umbrella Rank: 57405
15 KB
2 ernus-dop.com
ernus-dop.com
4 KB
1 shopyourlikes.com
go.shopyourlikes.com — Cisco Umbrella Rank: 284455
419 B
1 clkdeals.com
clkdeals.com — Cisco Umbrella Rank: 206255
302 B
1 zulemen.com
zulemen.com
1 KB
1 fillooncristives.com
fillooncristives.com
628 B
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
1 KB
51 17
Domain Requested by
7 www.slewo.com 1 redirects rd.bizrate.com
6 www.facebook.com rd.bizrate.com
4 bat.bing.com rd.bizrate.com
bat.bing.com
4 www.notexistslime.scotianbank.com d38psrni17bvxu.cloudfront.net
www.notexistslime.scotianbank.com
3 www.google.com www.googletagmanager.com
rd.bizrate.com
2 sp.analytics.yahoo.com rd.bizrate.com
2 td.doubleclick.net www.googletagmanager.com
2 googleads.g.doubleclick.net www.googletagmanager.com
2 s.yimg.com rd.bizrate.com
s.yimg.com
2 connect.facebook.net rd.bizrate.com
connect.facebook.net
2 www.googletagmanager.com rd.bizrate.com
www.googletagmanager.com
2 rd.bizrate.com zulemen.com
rd.bizrate.com
2 ernus-dop.com 1 redirects www.notexistslime.scotianbank.com
1 go.shopyourlikes.com 1 redirects
1 clkdeals.com zulemen.com
1 zulemen.com ernus-dop.com
1 fillooncristives.com 1 redirects
1 d38psrni17bvxu.cloudfront.net www.notexistslime.scotianbank.com
51 18

This site contains no links.

Subject Issuer Validity Valid
www.notexistslime.scotianbank.com
R10		 2024-11-27 -
2025-02-25		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
ernus-dop.com
Amazon RSA 2048 M02		 2024-11-22 -
2025-12-22		 a year crt.sh
zulemen.com
WE1		 2024-11-13 -
2025-02-11		 3 months crt.sh
www.clkdeals.com
Sectigo RSA Domain Validation Secure Server CA		 2024-12-02 -
2025-12-29		 a year crt.sh
*.bizrate.com
Sectigo RSA Domain Validation Secure Server CA		 2024-09-04 -
2025-10-05		 a year crt.sh
*.google-analytics.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-19 -
2024-12-18		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-12-09 -
2025-01-29		 2 months crt.sh
www.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-07-30 -
2025-01-22		 6 months crt.sh
slewo.com
WE1		 2024-12-09 -
2025-03-09		 3 months crt.sh

This page contains 4 frames:

Frame: https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051
Frame ID: D064F45E706EC965B56EE078F460F8AD
Requests: 48 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1070533785?random=1733896590558&cv=11&fst=1733896590558&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ca0v871670244za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttp%253A%252F%252Fwww.slewo.com%253Futm_source%253Dpangora%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_medium%253Dcpc%2526utm_campaign%253Dproduct%26mid%3D297868%26dMid%3D297868%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3D64f0b08b094ff5c933e2bb5fa61ffd59%26af_id%3D726125%26af_rid%3D90926105895%26af_permalink_id%3D389b64df4ee9aff11de0b1e73fb21904ca1b3cc7%26cobrand%3D1%26af_placement_id%3D910662%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2993&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1397596937.1733896591&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: C7B1BEC0F43E0F82DE63230BAD7CAC79
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1070533785?random=1733896590593&cv=11&fst=1733896590593&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ca0v871670244za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttp%253A%252F%252Fwww.slewo.com%253Futm_source%253Dpangora%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_medium%253Dcpc%2526utm_campaign%253Dproduct%26mid%3D297868%26dMid%3D297868%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3D64f0b08b094ff5c933e2bb5fa61ffd59%26af_id%3D726125%26af_rid%3D90926105895%26af_permalink_id%3D389b64df4ee9aff11de0b1e73fb21904ca1b3cc7%26cobrand%3D1%26af_placement_id%3D910662%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2993&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1397596937.1733896591&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Becomm_pagetype%3Dproduct%3Becomm_prodid%3D
Frame ID: F9C3F6809F03B614CF1B3C522D2AA17C
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Frd.bizrate.com
Frame ID: 84903B5A694328DC07036530DC572B3E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.notexistslime.scotianbank.com/ Page URL
  2. https://ernus-dop.com/zclkvisitor/a84c8d54-b784-11ef-b7cd-12d042afb45f/85aefdc2-9ed0-48aa-922d-60f... Page URL
  3. https://ernus-dop.com/zclkredirect?visitid=a84c8d54-b784-11ef-b7cd-12d042afb45f&type=js&browserWid... HTTP 302
    https://fillooncristives.com/zp-redirect?target=https%3A%2F%2Fzulemen.com%2FadServe%2Faff%3Fcmpid%3D54123... HTTP 302
    https://zulemen.com/adServe/aff?cmpid=541237&pid=457974&subid=wbvk4ctoqo2bkl7636ltcs50&ap1=1511&... Page URL
  4. https://go.shopyourlikes.com/pi/389b64df4ee9aff11de0b1e73fb21904ca1b3cc7?afId=726125&afCreativeId=2993&af... HTTP 302
    https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIR... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

51
Requests

80 %
HTTPS

0 %
IPv6

17
Domains

18
Subdomains

17
IPs

4
Countries

229 kB
Transfer

772 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.notexistslime.scotianbank.com/ Page URL
  2. https://ernus-dop.com/zclkvisitor/a84c8d54-b784-11ef-b7cd-12d042afb45f/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=b0e678b0-53cd-11ef-a7aa-0affd04c9415 Page URL
  3. https://ernus-dop.com/zclkredirect?visitid=a84c8d54-b784-11ef-b7cd-12d042afb45f&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
    https://fillooncristives.com/zp-redirect?target=https%3A%2F%2Fzulemen.com%2FadServe%2Faff%3Fcmpid%3D541237%26pid%3D457974%26subid%3Dwbvk4ctoqo2bkl7636ltcs50%26ap1%3D1511%26dp1%3D1511%26dp2%3D1511&caid=4a1a3b9f-2dc9-4cbd-972d-85eb6e3952b5&zpid=a84c8d54-b784-11ef-b7cd-12d042afb45f&cid=wbvk4ctoqo2bkl7636ltcs50&rt=R&ts=1733896587404&hash=BP1zOI9lFPKY2CE7kBqzQgjo2mWi3Vecf7gqujeZt6w HTTP 302
    https://zulemen.com/adServe/aff?cmpid=541237&pid=457974&subid=wbvk4ctoqo2bkl7636ltcs50&ap1=1511&dp1=1511&dp2=1511 Page URL
  4. https://go.shopyourlikes.com/pi/389b64df4ee9aff11de0b1e73fb21904ca1b3cc7?afId=726125&afCreativeId=2993&afCampaignId=MF&afPlacementId=910662&afRid=90926105895 HTTP 302
    https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://ernus-dop.com/zclkredirect?visitid=a84c8d54-b784-11ef-b7cd-12d042afb45f&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
  • https://fillooncristives.com/zp-redirect?target=https%3A%2F%2Fzulemen.com%2FadServe%2Faff%3Fcmpid%3D541237%26pid%3D457974%26subid%3Dwbvk4ctoqo2bkl7636ltcs50%26ap1%3D1511%26dp1%3D1511%26dp2%3D1511&caid=4a1a3b9f-2dc9-4cbd-972d-85eb6e3952b5&zpid=a84c8d54-b784-11ef-b7cd-12d042afb45f&cid=wbvk4ctoqo2bkl7636ltcs50&rt=R&ts=1733896587404&hash=BP1zOI9lFPKY2CE7kBqzQgjo2mWi3Vecf7gqujeZt6w HTTP 302
  • https://zulemen.com/adServe/aff?cmpid=541237&pid=457974&subid=wbvk4ctoqo2bkl7636ltcs50&ap1=1511&dp1=1511&dp2=1511
Request Chain 34
  • http://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product HTTP 307
  • https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product HTTP 302
  • https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.notexistslime.scotianbank.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.notexistslime.scotianbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.247.82.52 , Canada, ASN206834 (TEAMINTERNET-CA-AS Team Internet AG, DE),
Reverse DNS
Software
Caddy nginx /
Resource Hash
41955a99bc5d0a407f103b1c307f50d2e6669fca36016523df9c3bf7c35a75b8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

accept-ch
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
accept-ch-lifetime
30
alt-svc
h3=":8443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 11 Dec 2024 05:56:26 GMT
server
Caddy nginx
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_FGrdFl1yEfegym0IqJZLUln/3Uk6DqwZ0o6+hmQ0ixdMliNshOjF3HUYimpYORH8X87RV0I+99fn5KBT4vXqrQ==
x-buckets
bucket011,bucket088,bucket089,bucket077
x-domain
scotianbank.com
x-language
english
x-pcrew-blocked-reason
x-pcrew-ip-organization
Verizon Internet Services
x-redirect
zeropark_zeroclick
x-subdomain
www.notexistslime
x-template
tpl_CleanPeppermintBlack_twoclick
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: www.notexistslime.scotianbank.com
URL: https://www.notexistslime.scotianbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.251.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-251-117.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://www.notexistslime.scotianbank.com/

Response headers

etag
"65fc1e7b-448"
age
42327
via
1.1 2bfd6688fc2f119397b69ac2ba4187b8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1096
x-amz-cf-id
kDJL5vRqjpL3CnDrotORYAhBfjqYuRXlQX67QNvSSZldbe4cJB8d2A==
date
Tue, 10 Dec 2024 18:10:59 GMT
content-type
application/javascript
last-modified
Thu, 21 Mar 2024 11:48:11 GMT
server
nginx
x-amz-cf-pop
JFK50-P10
track.php
www.notexistslime.scotianbank.com/ 		0
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.notexistslime.scotianbank.com/track.php?domain=scotianbank.com&toggle=browserjs&uid=MTczMzg5NjU4NS44NDc4OmRmZTMwMjE5NzI5YWU0MzUwYjBmMjlhZmUwYmMwNzk2NjdjN2VhM2U3NTI2M2Y2YzFkODg4Nzk0NTIxODA1OGU6Njc1OTI5ODljZWY4Zg%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.247.82.52 , Canada, ASN206834 (TEAMINTERNET-CA-AS Team Internet AG, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

viewport-width
1600
ect
4g
Referer
https://www.notexistslime.scotianbank.com/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
rtt
100
downlink
10

Response headers

content-encoding
gzip
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime
30
x-custom-track
browserjs
access-control-allow-origin
*
alt-svc
h3=":8443"; ma=2592000
date
Wed, 11 Dec 2024 05:56:26 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Caddy, nginx
ls.php
www.notexistslime.scotianbank.com/ 		16 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.notexistslime.scotianbank.com/ls.php?t=6759298a&token=4e7781798e4d757bdc8102950f73168568176958
Requested by
Host: www.notexistslime.scotianbank.com
URL: https://www.notexistslime.scotianbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.247.82.52 , Canada, ASN206834 (TEAMINTERNET-CA-AS Team Internet AG, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

viewport-width
1600
ect
4g
Referer
https://www.notexistslime.scotianbank.com/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
rtt
100
downlink
10

Response headers

access-control-max-age
86400
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
access-control-allow-methods
POST, OPTIONS
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_K+57CsOxR8z5Cwx9EtHsIAViVjSvTPZ2HguGfo1Baa4AiMXIZLP67iTCRsKKuuoctbVXKbY/plhT1U10vLXUpg==
accept-ch-lifetime
30
x-log-success
6759298a1f0edc2b5f0869b0
access-control-allow-origin
alt-svc
h3=":8443"; ma=2592000
date
Wed, 11 Dec 2024 05:56:26 GMT
charset
utf-8
content-type
text/javascript;charset=UTF-8
server
Caddy, nginx
track.php
www.notexistslime.scotianbank.com/ 		0
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.notexistslime.scotianbank.com/track.php?click=272ef7d7091898f0a4a906de0201588d2eb8b427&domain=scotianbank.com&uid=MTczMzg5NjU4NS44NDc4OmRmZTMwMjE5NzI5YWU0MzUwYjBmMjlhZmUwYmMwNzk2NjdjN2VhM2U3NTI2M2Y2YzFkODg4Nzk0NTIxODA1OGU6Njc1OTI5ODljZWY4Zg%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTEsYnVja2V0MDg4LGJ1Y2tldDA4OSxidWNrZXQwNzd8fHx8fHw2NzU5Mjk4OWNlZjQ3fHx8MTczMzg5NjU4Ni4xMDQxfGU1MTMyYTE4M2EzNzY1NTI1MmNkOWU4ZWE1NjhlYTExMDk0OGU0M2V8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw0ZTc3ODE3OThlNGQ3NTdiZGM4MTAyOTUwZjczMTY4NTY4MTc2OTU4fDB8fDB8MHx8fHw%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.247.82.52 , Canada, ASN206834 (TEAMINTERNET-CA-AS Team Internet AG, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

viewport-width
1600
ect
4g
Referer
https://www.notexistslime.scotianbank.com/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
rtt
100
downlink
10

Response headers

x-view-match
true
content-encoding
gzip
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime
30
x-custom-track
none
access-control-allow-origin
*
alt-svc
h3=":8443"; ma=2592000
date
Wed, 11 Dec 2024 05:56:26 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Caddy, nginx
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
ernus-dop.com/zclkvisitor/a84c8d54-b784-11ef-b7cd-12d042afb45f/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ernus-dop.com/zclkvisitor/a84c8d54-b784-11ef-b7cd-12d042afb45f/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=b0e678b0-53cd-11ef-a7aa-0affd04c9415
Requested by
Host: www.notexistslime.scotianbank.com
URL: https://www.notexistslime.scotianbank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.7.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-7-206.compute-1.amazonaws.com
Software
/
Resource Hash
696f85c208d87693f84d901eb2d3950b8fb7eae245fc6addbf7c00c3a974adc1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://www.notexistslime.scotianbank.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
3088
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Wed, 11 Dec 2024 05:56:27 GMT
aff
zulemen.com/adServe/
Redirect Chain
  • https://ernus-dop.com/zclkredirect?visitid=a84c8d54-b784-11ef-b7cd-12d042afb45f&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
  • https://fillooncristives.com/zp-redirect?target=https%3A%2F%2Fzulemen.com%2FadServe%2Faff%3Fcmpid%3D541237%26pid%3D457974%26subid%3Dwbvk4ctoqo2bkl7636ltcs50%26ap1%3D1511%26dp1%3D1511%26dp2%3D1511&c...
  • https://zulemen.com/adServe/aff?cmpid=541237&pid=457974&subid=wbvk4ctoqo2bkl7636ltcs50&ap1=1511&dp1=1511&dp2=1511
771 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zulemen.com/adServe/aff?cmpid=541237&pid=457974&subid=wbvk4ctoqo2bkl7636ltcs50&ap1=1511&dp1=1511&dp2=1511
Requested by
Host: ernus-dop.com
URL: https://ernus-dop.com/zclkvisitor/a84c8d54-b784-11ef-b7cd-12d042afb45f/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=b0e678b0-53cd-11ef-a7aa-0affd04c9415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24c6b22b89978e431d02b682e735fb830453228aa8abc0d53d3a5d8c1a022ea9

Request headers

Referer
https://ernus-dop.com/zclkvisitor/a84c8d54-b784-11ef-b7cd-12d042afb45f/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=b0e678b0-53cd-11ef-a7aa-0affd04c9415
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f033b4dde4fc3eb-EWR
content-encoding
zstd
content-type
text/html;charset=ISO-8859-1
date
Wed, 11 Dec 2024 05:56:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h1AT9AX55ZE14qKNaBisdWOQhvGxBwYUD%2B02pd889XrEbxlFKbMO2jvRMl%2BcL25xyHQh7ebtGHRbfaCvuajo9hUEd4kWm6NT%2BQNIJ3UIObcCU%2FtISDRaEzci%2FztBOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=21896&min_rtt=8729&rtt_var=13811&sent=7&recv=8&lost=0&retrans=0&sent_bytes=3960&recv_bytes=2376&delivery_rate=500399&cwnd=255&unsent_bytes=0&cid=202fe7ba2e1fb2f3&ts=103&x=0"
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Wed, 11 Dec 2024 05:56:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://zulemen.com/adServe/aff?cmpid=541237&pid=457974&subid=wbvk4ctoqo2bkl7636ltcs50&ap1=1511&dp1=1511&dp2=1511
pragma
no-cache
server
nginx
via
1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-amz-cf-id
A3cUprXdfFsP-hFme9QJyjv4jN84Q9IhBw_PydJ5QmMW6e7XNXTXcA==
x-amz-cf-pop
JFK50-P6
x-cache
Miss from cloudfront
track
clkdeals.com/adServe/ 		49 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clkdeals.com/adServe/track?subid=90926105895&prdid=2750&price=0
Requested by
Host: zulemen.com
URL: https://zulemen.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.116.53.146 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
92.35.7434.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer

Response headers

Cache-Control
no-cache
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin
*
Content-Length
49
Date
Wed, 11 Dec 2024 05:56:28 GMT
Content-Type
image/gif
Server
nginx
Primary Request rd2
rd.bizrate.com/
Redirect Chain
  • https://go.shopyourlikes.com/pi/389b64df4ee9aff11de0b1e73fb21904ca1b3cc7?afId=726125&afCreativeId=2993&afCampaignId=MF&afPlacementId=910662&afRid=90926105895
  • https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidT...
14 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993
Requested by
Host: zulemen.com
URL: https://zulemen.com/adServe/aff?cmpid=541237&pid=457974&subid=wbvk4ctoqo2bkl7636ltcs50&ap1=1511&dp1=1511&dp2=1511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.194.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.194.160.34.bc.googleusercontent.com
Software
/
Resource Hash
1b7be92e30acae773007cb3159923ce4d73a523bcfd6372865ac71ffe74a91af

Request headers

Referer
https://zulemen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-language
en-US
content-type
text/html;charset=UTF-8
date
Wed, 11 Dec 2024 05:56:29 GMT
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 05:56:28 GMT
location
https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993
via
1.1 google
js
www.googletagmanager.com/gtag/ 		254 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1070533785
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
07412da3ac9297be7de731246304fb3d310884579e4afcec50be142fcf12ad98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 11 Dec 2024 05:56:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 05:56:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 11 Dec 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
92876
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		239 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.144.180.128 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-lga3.fbcdn.net
Software
/
Resource Hash
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-FKSnvyx0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 11 Dec 2024 05:56:30 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-FKSnvyx0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=14, mss=1392, tbw=2969, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
tDeJhmWhPlWQaITNSih99uMedgZhYyz9Dy9iioO0hMxUS+V2BegYetwSNkHd+1zLlhjEhPnxsjzS2aoUiUXo2A==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62212
x-xss-protection
0
origin-agent-cluster
?1
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6E5AA1D896E749EA9A49182C7B3AF78B Ref B: PHL30EDGE0406 Ref C: 2024-12-11T05:56:30Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Wed, 11 Dec 2024 05:56:30 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
ytc.js
s.yimg.com/wi/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.147.92.12 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
e2.ycpi.vip.dca.yahoo.com
Software
ATS /
Resource Hash
aebe8df81ee2ba5bc51e3abc322910ee5122a0ac06edfbcf7a04e1659d17dc9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers

content-encoding
gzip
etag
"bc033c3a83e1880e480086bf11ac0b0a-df"
x-amz-version-id
5HsDWpm4ZbPfEUvUg7HPM8RCfDfmGF6v
age
18
date
Wed, 11 Dec 2024 05:56:13 GMT
last-modified
Tue, 10 Dec 2024 07:07:30 GMT
vary
Origin, Accept-Encoding
x-amz-expiration
expiry-date="Thu, 15 Jan 2026 00:00:00 GMT", rule-id="oath-standard-lifecycle"
content-type
application/javascript
x-amz-id-2
03NjkNeUJhgofdKRvXiW/V1iQ1KhtuWdbsBC1HaEn7N9HdQUI0Mf9UQQ9usbyrvT7zYL67QFmWagPYwX68jiWseXs2yhM1Wj
strict-transport-security
max-age=31536000
x-amz-replication-status
COMPLETED
ats-carp-promotion
1
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
VFZH3W986SVWYDZE
accept-ranges
bytes
content-length
6826
server
ATS
x-amz-server-side-encryption
AES256
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Frd.bizrate.com%2Frd2&scrsrc=www.googletagmanager.com&frm=0&rnd=1080221958.1733896591&auid=1397596937.1733896591&navt=n&npa=0&gtm=45be4ca0v871670244za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1733896590573&tfd=1594&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1070533785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070533785/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070533785/?random=1733896590558&cv=11&fst=1733896590558&bg=ffffff&guid=ON&async=1&gtm=45be4ca0v871670244za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttp%253A%252F%252Fwww.slewo.com%253Futm_source%253Dpangora%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_medium%253Dcpc%2526utm_campaign%253Dproduct%26mid%3D297868%26dMid%3D297868%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3D64f0b08b094ff5c933e2bb5fa61ffd59%26af_id%3D726125%26af_rid%3D90926105895%26af_permalink_id%3D389b64df4ee9aff11de0b1e73fb21904ca1b3cc7%26cobrand%3D1%26af_placement_id%3D910662%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2993&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1397596937.1733896591&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1070533785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
dfa8970fddb71892cc11fdbaa6fe2756c6bb7a1143e9ee5338311ddc3e71544e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2512
date
Wed, 11 Dec 2024 05:56:30 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
1070533785
td.doubleclick.net/td/rul/ Frame C7B1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/1070533785?random=1733896590558&cv=11&fst=1733896590558&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ca0v871670244za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttp%253A%252F%252Fwww.slewo.com%253Futm_source%253Dpangora%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_medium%253Dcpc%2526utm_campaign%253Dproduct%26mid%3D297868%26dMid%3D297868%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3D64f0b08b094ff5c933e2bb5fa61ffd59%26af_id%3D726125%26af_rid%3D90926105895%26af_permalink_id%3D389b64df4ee9aff11de0b1e73fb21904ca1b3cc7%26cobrand%3D1%26af_placement_id%3D910662%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2993&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1397596937.1733896591&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1070533785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rd.bizrate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
546
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Dec 2024 05:56:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070533785/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070533785/?random=1733896590593&cv=11&fst=1733896590593&bg=ffffff&guid=ON&async=1&gtm=45be4ca0v871670244za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttp%253A%252F%252Fwww.slewo.com%253Futm_source%253Dpangora%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_medium%253Dcpc%2526utm_campaign%253Dproduct%26mid%3D297868%26dMid%3D297868%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3D64f0b08b094ff5c933e2bb5fa61ffd59%26af_id%3D726125%26af_rid%3D90926105895%26af_permalink_id%3D389b64df4ee9aff11de0b1e73fb21904ca1b3cc7%26cobrand%3D1%26af_placement_id%3D910662%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2993&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1397596937.1733896591&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Becomm_pagetype%3Dproduct%3Becomm_prodid%3D&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1070533785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
65bceb1226696509119f222f0ab581cdd10614c405f263711b582f0cc4f0f9d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2530
date
Wed, 11 Dec 2024 05:56:31 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
1070533785
td.doubleclick.net/td/rul/ Frame F9C3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/1070533785?random=1733896590593&cv=11&fst=1733896590593&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ca0v871670244za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttp%253A%252F%252Fwww.slewo.com%253Futm_source%253Dpangora%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_medium%253Dcpc%2526utm_campaign%253Dproduct%26mid%3D297868%26dMid%3D297868%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3D64f0b08b094ff5c933e2bb5fa61ffd59%26af_id%3D726125%26af_rid%3D90926105895%26af_permalink_id%3D389b64df4ee9aff11de0b1e73fb21904ca1b3cc7%26cobrand%3D1%26af_placement_id%3D910662%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2993&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1397596937.1733896591&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Becomm_pagetype%3Dproduct%3Becomm_prodid%3D
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1070533785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rd.bizrate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
546
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Dec 2024 05:56:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sw_iframe.html
www.googletagmanager.com/static/service_worker/4c30/ Frame 8490 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Frd.bizrate.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1070533785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f8.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

accept-ranges
bytes
age
456023
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Dec 2024 23:16:08 GMT
expires
Fri, 05 Dec 2025 23:16:08 GMT
last-modified
Tue, 03 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
10135448.json
s.yimg.com/wi/config/ 		2 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10135448.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.147.92.12 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
e2.ycpi.vip.dca.yahoo.com
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=3600
age
3475
ats-carp-promotion
1, 1
access-control-allow-methods
GET
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
WM5FC6C8E2F7W7AN
access-control-allow-origin
*
content-length
2
date
Wed, 11 Dec 2024 04:58:36 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server
ATS
x-amz-id-2
R9ME3rkQO9MUo3E5SXxe3yoT5+AZCXPJ8zgWJTcUfvq/ScRPyGTrw0F88vQ1/z8aek5G+B3uIfiLTvBl0sfESiovmhOBZWJpqWY0BWtIBsI=
17135630.js
bat.bing.com/p/action/ 		363 B
420 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/17135630.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a650a6db5a37651a4bccfef6ef98d8f20256546a874d2cb43268c6792f4e7003
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7C43A3056FFD4663992EC06876115427 Ref B: PHL30EDGE0406 Ref C: 2024-12-11T05:56:30Z
x-cache
CONFIG_NOCACHE
date
Wed, 11 Dec 2024 05:56:30 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
1593772137433234
connect.facebook.net/signals/config/ 		70 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1593772137433234?v=2.9.178&r=stable&domain=rd.bizrate.com&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.144.180.128 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-lga3.fbcdn.net
Software
/
Resource Hash
49440437edffd0923b0e0b121269f67eea94e3ab4a9ed5ce5884723a22bdce65
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-nWUwfYx4' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 11 Dec 2024 05:56:30 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-nWUwfYx4' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=63, mss=1392, tbw=67855, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
N4KYsBeDpVc4V2NKOgWwie0c3Sf5PPsN9+UQ1NHkLPd/G1VxZY18XQwp8raSUccL1o3SWRqTP3w+MZTcDEvVgQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
14423
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1593772137433234&ev=PageView&dl=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttp%253A%252F%252Fwww.slewo.com%253Futm_source%253Dpangora%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_medium%253Dcpc%2526utm_campaign%253Dproduct%26mid%3D297868%26dMid%3D297868%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3D64f0b08b094ff5c933e2bb5fa61ffd59%26af_id%3D726125%26af_rid%3D90926105895%26af_permalink_id%3D389b64df4ee9aff11de0b1e73fb21904ca1b3cc7%26cobrand%3D1%26af_placement_id%3D910662%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2993&rl=&if=false&ts=1733896590733&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1733896590727.934317881658423686&ler=empty&cdl=API_unavailable&it=1733896590667&coo=false&rqm=GET
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.144.180.1 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1392, tbw=3048, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 11 Dec 2024 05:56:31 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1593772137433234&ev=PageView&dl=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttp%253A%252F%252Fwww.slewo.com%253Futm_source%253Dpangora%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_medium%253Dcpc%2526utm_campaign%253Dproduct%26mid%3D297868%26dMid%3D297868%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3D64f0b08b094ff5c933e2bb5fa61ffd59%26af_id%3D726125%26af_rid%3D90926105895%26af_permalink_id%3D389b64df4ee9aff11de0b1e73fb21904ca1b3cc7%26cobrand%3D1%26af_placement_id%3D910662%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2993&rl=&if=false&ts=1733896590733&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1733896590727.934317881658423686&ler=empty&cdl=API_unavailable&it=1733896590667&coo=false&rqm=FGET
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.144.180.1 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-lga3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447029153882172777"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 11 Dec 2024 05:56:31 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
C4/ZqYHcD1rgWUskrQogUDYC2zulIzE68DY+B4th+oLWAoDCL5MpgflHph0Igll0NojbsmK/eoceWRSBkj31uw==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447029153882172777", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=12, mss=1392, tbw=3429, tp=-1, tpl=-1, uplat=40, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1593772137433234&ev=AddToCart&dl=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttp%253A%252F%252Fwww.slewo.com%253Futm_source%253Dpangora%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_medium%253Dcpc%2526utm_campaign%253Dproduct%26mid%3D297868%26dMid%3D297868%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3D64f0b08b094ff5c933e2bb5fa61ffd59%26af_id%3D726125%26af_rid%3D90926105895%26af_permalink_id%3D389b64df4ee9aff11de0b1e73fb21904ca1b3cc7%26cobrand%3D1%26af_placement_id%3D910662%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2993&rl=&if=false&ts=1733896590737&cd[content_type]=product&cd[content_ids]=%5B%22%22%5D&cd[contents]=%5B%7B%22id%22%3A%22%22%2C%22quantity%22%3A1%7D%5D&sw=1600&sh=1200&v=2.9.178&r=stable&ec=1&o=4126&fbp=fb.1.1733896590727.934317881658423686&ler=empty&cdl=API_unavailable&it=1733896590667&coo=false&rqm=GET
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.144.180.1 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1392, tbw=3048, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 11 Dec 2024 05:56:31 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1593772137433234&ev=AddToCart&dl=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttp%253A%252F%252Fwww.slewo.com%253Futm_source%253Dpangora%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_medium%253Dcpc%2526utm_campaign%253Dproduct%26mid%3D297868%26dMid%3D297868%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3D64f0b08b094ff5c933e2bb5fa61ffd59%26af_id%3D726125%26af_rid%3D90926105895%26af_permalink_id%3D389b64df4ee9aff11de0b1e73fb21904ca1b3cc7%26cobrand%3D1%26af_placement_id%3D910662%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2993&rl=&if=false&ts=1733896590737&cd[content_type]=product&cd[content_ids]=%5B%22%22%5D&cd[contents]=%5B%7B%22id%22%3A%22%22%2C%22quantity%22%3A1%7D%5D&sw=1600&sh=1200&v=2.9.178&r=stable&ec=1&o=4126&fbp=fb.1.1733896590727.934317881658423686&ler=empty&cdl=API_unavailable&it=1733896590667&coo=false&rqm=FGET
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.144.180.1 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-lga3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447029154428141750"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x2dc3eb429887d6db","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["2373352069371247","3114348905257804","1963217530466888","2827538557295273","1983822965077482","2151099548290581","2015959715167344","2525113154167818","1330001643791670","2131635900237118","3369135923127198","2656753164352707","2148932381849462"]},"debug_reporting":true,"debug_key":"2170077712260504193"}
date
Wed, 11 Dec 2024 05:56:31 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
smNIZI4a/z1k5B3kkz6b2LZ1JqFQ+AFCYgzNLyfOBw6Nc01JPW61kwuvNfjF8AwgYRrDRh5oty0CKjMTiCo88g==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447029154428141750", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=12, mss=1392, tbw=6635, tp=-1, tpl=-1, uplat=52, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1593772137433234&ev=ViewContent&dl=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttp%253A%252F%252Fwww.slewo.com%253Futm_source%253Dpangora%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_medium%253Dcpc%2526utm_campaign%253Dproduct%26mid%3D297868%26dMid%3D297868%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3D64f0b08b094ff5c933e2bb5fa61ffd59%26af_id%3D726125%26af_rid%3D90926105895%26af_permalink_id%3D389b64df4ee9aff11de0b1e73fb21904ca1b3cc7%26cobrand%3D1%26af_placement_id%3D910662%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2993&rl=&if=false&ts=1733896590739&cd[content_type]=product&cd[content_ids]=%5B%22%22%5D&cd[contents]=%5B%7B%22id%22%3A%22%22%2C%22mid%22%3A%22%22%2C%22atom%22%3A%22%22%7D%5D&sw=1600&sh=1200&v=2.9.178&r=stable&ec=2&o=4126&fbp=fb.1.1733896590727.934317881658423686&ler=empty&cdl=API_unavailable&it=1733896590667&coo=false&rqm=GET
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.144.180.1 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1392, tbw=3048, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 11 Dec 2024 05:56:31 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1593772137433234&ev=ViewContent&dl=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttp%253A%252F%252Fwww.slewo.com%253Futm_source%253Dpangora%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_medium%253Dcpc%2526utm_campaign%253Dproduct%26mid%3D297868%26dMid%3D297868%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3D64f0b08b094ff5c933e2bb5fa61ffd59%26af_id%3D726125%26af_rid%3D90926105895%26af_permalink_id%3D389b64df4ee9aff11de0b1e73fb21904ca1b3cc7%26cobrand%3D1%26af_placement_id%3D910662%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2993&rl=&if=false&ts=1733896590739&cd[content_type]=product&cd[content_ids]=%5B%22%22%5D&cd[contents]=%5B%7B%22id%22%3A%22%22%2C%22mid%22%3A%22%22%2C%22atom%22%3A%22%22%7D%5D&sw=1600&sh=1200&v=2.9.178&r=stable&ec=2&o=4126&fbp=fb.1.1733896590727.934317881658423686&ler=empty&cdl=API_unavailable&it=1733896590667&coo=false&rqm=FGET
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.144.180.1 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-lga3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447029154024080468"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xcdc2144bc2647021","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["2556602934440668","4418324728240215","3438712916184357","4227035220705080","3020971428030370","2686678368072281","2200571416722963","2160043304072408","2937428109619683","2561341990573937","2887550168005809","1952054464922712","1987056398083954","2682800525123947","2759178580789267","2186719994684362","3343522359019564","2043917292392164","1984457715009469","3390721084339742"]},"debug_reporting":true,"debug_key":"3849497446286112889"}
date
Wed, 11 Dec 2024 05:56:31 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447029154024080468", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
FjIpWN0XTltBWBZk7PfNTBAAXH1wpeCYo9w8AP700GG/w6ro+nXkHQHg4cZEcuN2DlNUlp3gd6OJIM2jZyuTrQ==
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=12, mss=1392, tbw=7970, tp=-1, tpl=-1, uplat=59, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
0
bat.bing.com/action/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17135630&Ver=2&mid=e38b4249-57ae-4cb0-ba55-6e605cc76009&bo=1&sid=ab31bfd0b78411efa5dba30d04d5a61a&vid=ab31b5d0b78411ef81990dfb4a184bc0&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttp%253A%252F%252Fwww.slewo.com%253Futm_source%253Dpangora%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_medium%253Dcpc%2526utm_campaign%253Dproduct%26mid%3D297868%26dMid%3D297868%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3D64f0b08b094ff5c933e2bb5fa61ffd59%26af_id%3D726125%26af_rid%3D90926105895%26af_permalink_id%3D389b64df4ee9aff11de0b1e73fb21904ca1b3cc7%26cobrand%3D1%26af_placement_id%3D910662%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2993&r=&lt=1201&evt=pageLoad&sv=1&cdb=AQAQ&rn=589922
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DA72CD23E5A142A29B0756BE9128AB17 Ref B: PHL30EDGE0406 Ref C: 2024-12-11T05:56:30Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Wed, 11 Dec 2024 05:56:30 GMT
0
bat.bing.com/action/ 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17135630&Ver=2&mid=e38b4249-57ae-4cb0-ba55-6e605cc76009&bo=2&sid=ab31bfd0b78411efa5dba30d04d5a61a&vid=ab31b5d0b78411ef81990dfb4a184bc0&vids=0&msclkid=N&pagetype=searchresults&p=https%3A%2F%2Frd.bizrate.com%2Frd2&sw=1600&sh=1200&sc=24&evt=custom&cdb=AQAQ&rn=721921
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6EF422DAF5174A6E921BA216252A41DF Ref B: PHL30EDGE0406 Ref C: 2024-12-11T05:56:30Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Wed, 11 Dec 2024 05:56:30 GMT
/
www.google.com/pagead/1p-user-list/1070533785/ 		42 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1070533785/?random=1733896590558&cv=11&fst=1733893200000&bg=ffffff&guid=ON&async=1&gtm=45be4ca0v871670244za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttp%253A%252F%252Fwww.slewo.com%253Futm_source%253Dpangora%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_medium%253Dcpc%2526utm_campaign%253Dproduct%26mid%3D297868%26dMid%3D297868%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3D64f0b08b094ff5c933e2bb5fa61ffd59%26af_id%3D726125%26af_rid%3D90926105895%26af_permalink_id%3D389b64df4ee9aff11de0b1e73fb21904ca1b3cc7%26cobrand%3D1%26af_placement_id%3D910662%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2993&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1397596937.1733896591&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7d5CqSnJ-JwfOEMLKLpPCqVxOAS0NIbw&random=2854737863&rmt_tld=0&ipr=y
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 11 Dec 2024 05:56:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/1070533785/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1070533785/?random=1733896590593&cv=11&fst=1733893200000&bg=ffffff&guid=ON&async=1&gtm=45be4ca0v871670244za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttp%253A%252F%252Fwww.slewo.com%253Futm_source%253Dpangora%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_medium%253Dcpc%2526utm_campaign%253Dproduct%26mid%3D297868%26dMid%3D297868%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3D64f0b08b094ff5c933e2bb5fa61ffd59%26af_id%3D726125%26af_rid%3D90926105895%26af_permalink_id%3D389b64df4ee9aff11de0b1e73fb21904ca1b3cc7%26cobrand%3D1%26af_placement_id%3D910662%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2993&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1397596937.1733896591&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Becomm_pagetype%3Dproduct%3Becomm_prodid%3D&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7d5Vq_qLzKu1guTIHfSuRmykEGmsJ2VA&random=44814121&rmt_tld=0&ipr=y
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 11 Dec 2024 05:56:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
sp.pl
sp.analytics.yahoo.com/ 		43 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2011%20Dec%202024%2005%3A56%3A31%20GMT&n=10&.yp=10135448&f=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttp%253A%252F%252Fwww.slewo.com%253Futm_source%253Dpangora%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_medium%253Dcpc%2526utm_campaign%253Dproduct%26mid%3D297868%26dMid%3D297868%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3D64f0b08b094ff5c933e2bb5fa61ffd59%26af_id%3D726125%26af_rid%3D90926105895%26af_permalink_id%3D389b64df4ee9aff11de0b1e73fb21904ca1b3cc7%26cobrand%3D1%26af_placement_id%3D910662%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2993&enc=UTF-8&yv=1.16.5&tagmgr=gtm
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.72.192.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-192-139.compute-1.amazonaws.com
Software
ATS/9.1.10.144 /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers

content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
cache-control
no-cache, no-store, private, must-revalidate
pragma
no-cache
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options
nosniff
via
http/1.1 traffic_server (ApacheTrafficServer/9.1.10.144)
expires
Wed, 11 Dec 2024 05:56:31 GMT
accept-ranges
bytes
referrer-policy
strict-origin-when-cross-origin
content-length
43
date
Wed, 11 Dec 2024 05:56:31 GMT
content-type
image/gif
server
ATS/9.1.10.144
x-frame-options
DENY
sp.pl
sp.analytics.yahoo.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10135448&f=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttp%253A%252F%252Fwww.slewo.com%253Futm_source%253Dpangora%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_medium%253Dcpc%2526utm_campaign%253Dproduct%26mid%3D297868%26dMid%3D297868%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3D64f0b08b094ff5c933e2bb5fa61ffd59%26af_id%3D726125%26af_rid%3D90926105895%26af_permalink_id%3D389b64df4ee9aff11de0b1e73fb21904ca1b3cc7%26cobrand%3D1%26af_placement_id%3D910662%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2993&enc=UTF-8&yv=1.16.5&et=custom&ea=ViewProduct&product_id=&tagmgr=gtm
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.72.192.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-192-139.compute-1.amazonaws.com
Software
ATS/9.1.10.144 /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://rd.bizrate.com/

Response headers

content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
cache-control
no-cache, no-store, private, must-revalidate
pragma
no-cache
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options
nosniff
via
http/1.1 traffic_server (ApacheTrafficServer/9.1.10.144)
expires
Wed, 11 Dec 2024 05:56:31 GMT
accept-ranges
bytes
referrer-policy
strict-origin-when-cross-origin
content-length
43
date
Wed, 11 Dec 2024 05:56:31 GMT
content-type
image/gif
server
ATS/9.1.10.144
x-frame-options
DENY
interstitial-redirect-publisher-min-javascript-abtest-remarketing
rd.bizrate.com/em/ 		43 B
167 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rd.bizrate.com/em/interstitial-redirect-publisher-min-javascript-abtest-remarketing
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.194.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.194.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Content-Type
text/plain;charset=UTF-8
Referer
https://rd.bizrate.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 google
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Wed, 11 Dec 2024 05:56:30 GMT
content-type
image/gif
/
www.slewo.com/
Redirect Chain
  • http://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product
  • https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product
  • https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src self https: http: data: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.slewo.com%3Futm_source%3Dpangora%26cnxclid%3DSZ_REDIRECT_ID%26utm_medium%3Dcpc%26utm_campaign%3Dproduct&mid=297868&dMid=297868&tokenId=18P&bId=314&bidType=11&a=64f0b08b094ff5c933e2bb5fa61ffd59&af_id=726125&af_rid=90926105895&af_permalink_id=389b64df4ee9aff11de0b1e73fb21904ca1b3cc7&cobrand=1&af_placement_id=910662&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2993
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f033b64682ec472-EWR
content-encoding
zstd
content-security-policy
default-src self https: http: data: blob: 'unsafe-inline' 'unsafe-eval';
content-type
text/html; charset=UTF-8
date
Wed, 11 Dec 2024 05:56:32 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://data.slewo.com>; rel=preconnect <https://www.slewo.com/static/font/slewoFontIco.woff2?v=1.8>; rel=preload; as=font; crossorigin=anonymous,<https://www.slewo.com/static/gfx/site/slewo.svg>; rel=preload; as=image,<https://www.slewo.com/static/css/style.min.css?v=1733839799>; rel=preload; as=style,<https://www.slewo.com/static/js/error.min.js?v=1733840115>; rel=preload; as=script,<https://www.slewo.com/static/js/slewo_crit.min.js?v=1733840115>; rel=preload; as=script,<https://www.slewo.com/static/gfx/banner/slewo_home/dolcevita.min.jpg>; rel=preload; as=image,<https://www.slewo.com/image/artikel26/BlackWood-Dolce-Vita-II-Wildeiche-Massivholzbett_100014545-17294215.avif?v=0179>; rel=preload; as=image,<https://www.slewo.com/image/artikel26/3S-Frankenmoebel-Eclipse-II-Epoxid-Wildeiche-Esstisch_100022346-17291700.avif?v=bf21>; rel=preload; as=image,<https://www.slewo.com/image/artikel26/Massivholz-Vancouver-1-Wildeiche-Schwebebalkenbett_100011248-547919.avif?v=c5cb>; rel=preload; as=image,<https://www.slewo.com/image/artikel1/BlackWood-Dolce-Vita-II-BLACK-EDITION-Massivholzbett_100022684-17293484.avif?v=4992>; rel=preload; as=image,<https://www.slewo.com/image/artikel1/BlackWood-Dolce-Vita-II-Wildeiche-Massivholzbett_100014545-547744.avif>; rel=preload; as=image,<https://www.slewo.com/image/artikel1/BlackWood-Table4YOU-Austin-Black-Edition-Wildeiche-Massivholztisch_100022685-17294139.avif?v=6cb3>; rel=preload; as=image,<https://www.slewo.com/image/artikel1/BlackWood-Dolce-Vita-I-Wildeiche-Massivholzbett_100006973-17292338.avif?v=4ca0>; rel=preload; as=image,<https://www.slewo.com/image/artikel1/Massivholz-Wickie-Bett_100022718-17293943.avif?v=f7dd>; rel=preload; as=image,<https://www.slewo.com/image/artikel1/BlackWood-Dolce-Vita-IV-Wildeiche-Massivholzbett_100016328-547855.avif?v=db4b>; rel=preload; as=image
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
geolocation=self, microphone=self, camera=self
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TVFtfAARpda%2BVjvLT%2FCVae2D%2FqZXhLOv%2BX4iMitXCpn8czcuxbjxOsGv3j4vdw2htU0aL3zeem6Q1cTfIsgCkZOcfESQAbxZvt%2BPOp0mHEaFbnsBpV0j2Zs0xbzBOX0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=14281&min_rtt=8375&rtt_var=11469&sent=84&recv=43&lost=0&retrans=0&sent_bytes=68018&recv_bytes=4384&delivery_rate=8199426&cwnd=266&unsent_bytes=0&cid=c18a385a69bdf5ca&ts=507&x=0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f033b624e14c472-EWR
content-security-policy
default-src self https: http: data: blob: 'unsafe-inline' 'unsafe-eval';
content-type
text/html; charset=UTF-8
date
Wed, 11 Dec 2024 05:56:32 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
geolocation=self, microphone=self, camera=self
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cYMUzxsf36nBi10brmuBueMGolWd98yZP7xVYFMlM7rFE9alh%2FzYn8C6dwuBIfR57C%2FLLGdMrv8cauMgqAVZ1JK0Y4rtJVivLj7iN9A9HB4hmdjjlgi48RIWDNG8vWE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=15083&min_rtt=8375&rtt_var=13152&sent=81&recv=41&lost=0&retrans=0&sent_bytes=66668&recv_bytes=4234&delivery_rate=8199426&cwnd=264&unsent_bytes=0&cid=c18a385a69bdf5ca&ts=357&x=0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
slewoFontIco.woff2
www.slewo.com/static/font/ 		5 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.slewo.com/static/font/slewoFontIco.woff2?v=1.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4f949a39412d7d94a12afa7abd9960899f69cb7cf21777822cf90cfca41b7f8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://www.slewo.com
Referer
https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051

Response headers

cf-cache-status
HIT
etag
"6756cd8d-1538"
age
90287
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=at5WmZ8cN%2FzgVFTkZtz8IIH%2FeSy%2B3uCw9QZv2Fv4E%2F0sZk5J0sGw19sXH0xx7I%2FsabFi61PdnjxCd5uSK42oyfy32nZg1KU4Kd9vLRs%2FzVHN16AtSGJc0MrJOiO31TQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 09 Dec 2025 11:02:06 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=9909&min_rtt=8522&rtt_var=4491&sent=67&recv=10&lost=0&retrans=0&sent_bytes=54325&recv_bytes=4234&delivery_rate=513602&cwnd=255&unsent_bytes=0&cid=c18a385a69bdf5ca&ts=116&x=0"
date
Wed, 11 Dec 2024 05:56:31 GMT
content-type
application/font-woff2
last-modified
Mon, 09 Dec 2024 10:59:25 GMT
vary
Accept-Encoding
cache-control
max-age=31536000, public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f033b629e6fc472-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
5432
server
cloudflare
slewo.svg
www.slewo.com/static/gfx/site/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slewo.com/static/gfx/site/slewo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcdd606d679dd26dff5b4e201fad2671affda4f30f2276d683e8f38b8f898f91
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"672a43eb-158c"
age
983923
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dQ2PRoM345ODOb0uVfI9NDeS6YQMeV1ZG97wZ9LLZFVa3E29Tf0Vj5mYIhhrhxbdQHkTwSeejc7FNa%2B2r5mwuN%2BgBCWoFIWyNSLY0IKq%2F0O4XlT4oBkVDGJ0ve%2Fxl58%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 03:09:25 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=9909&min_rtt=8522&rtt_var=4491&sent=35&recv=10&lost=0&retrans=0&sent_bytes=22409&recv_bytes=4234&delivery_rate=513602&cwnd=255&unsent_bytes=0&cid=c18a385a69bdf5ca&ts=113&x=0"
date
Wed, 11 Dec 2024 05:56:31 GMT
content-type
image/svg+xml
last-modified
Tue, 05 Nov 2024 16:12:27 GMT
vary
Accept-Encoding
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f033b629e73c472-EWR
access-control-allow-origin
*
server
cloudflare
style.min.css
www.slewo.com/static/css/ 		83 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.slewo.com/static/css/style.min.css?v=1733839799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
096ca51b901a9142352e8aaaf5e5eaae0ac9080e0c811c6bf94d6815a60fb5c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67584bb7-14d51"
age
41050
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8vg5%2BZyPjFxmZP56xQBKoRTlREpJZ4ocIYv9k9S935Dzk7hw3ra0iZPChy7YL4bYX032cu7jDrb%2BEHiTh0aUQ5nnq%2BdGlHpyaaIltpkzQvwUB8xN7ksoUrun8rgBswo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 14:10:06 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=9909&min_rtt=8522&rtt_var=4491&sent=42&recv=10&lost=0&retrans=0&sent_bytes=26221&recv_bytes=4234&delivery_rate=513602&cwnd=255&unsent_bytes=0&cid=c18a385a69bdf5ca&ts=114&x=0"
date
Wed, 11 Dec 2024 05:56:31 GMT
content-type
text/css
last-modified
Tue, 10 Dec 2024 14:09:59 GMT
vary
Accept-Encoding
cache-control
max-age=31536000, public, public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f033b629e6ec472-EWR
access-control-allow-origin
*
server
cloudflare
error.min.js
www.slewo.com/static/js/ 		781 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.slewo.com/static/js/error.min.js?v=1733840115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7d6be17d48a6861e8a920a051c8f1b5f1ade830cb5bbb4de0f2944321388d0d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67584cf2-30d"
age
41050
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V9JGb9ZABg7LKjWr6LGotYZOdCgdLyYAf69WXwDqJ69Ffw%2Bpvd3vqFe1pd2ui3cWKHLkK%2B5%2B%2FN0Us0w41x1HCj43eRaxW3pViYJ7W6Td0Y7tAVngpJUzS2fO%2BUAZJUI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 14:15:18 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=9909&min_rtt=8522&rtt_var=4491&sent=39&recv=10&lost=0&retrans=0&sent_bytes=25116&recv_bytes=4234&delivery_rate=513602&cwnd=255&unsent_bytes=0&cid=c18a385a69bdf5ca&ts=114&x=0"
date
Wed, 11 Dec 2024 05:56:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Dec 2024 14:15:14 GMT
vary
Accept-Encoding
cache-control
max-age=31536000, public, public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f033b629e70c472-EWR
access-control-allow-origin
*
server
cloudflare
slewo_crit.min.js
www.slewo.com/static/js/ 		13 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.slewo.com/static/js/slewo_crit.min.js?v=1733840115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c67eab9fc3188dbdeb5498c48700d6dcc2ffaccb654df9db484a7409c88bc4a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67584cf2-344d"
age
41050
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Di3q0jL3%2FbVEWUsFHPKhCDLueJBe%2FHVJJJ8HexLD8bhWbHu%2FR%2Fr6BKMFycgRRBCXbluEtVAYTv5uczwgx%2FvftCphXyqSf9NorF2xW970kotvhhY%2BDgQYxBK%2FUFRFJdw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 14:15:18 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=9909&min_rtt=8522&rtt_var=4491&sent=58&recv=10&lost=0&retrans=0&sent_bytes=45975&recv_bytes=4234&delivery_rate=513602&cwnd=255&unsent_bytes=0&cid=c18a385a69bdf5ca&ts=114&x=0"
date
Wed, 11 Dec 2024 05:56:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Dec 2024 14:15:14 GMT
vary
Accept-Encoding
cache-control
max-age=31536000, public, public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f033b629e72c472-EWR
access-control-allow-origin
*
server
cloudflare
dolcevita.min.jpg
www.slewo.com/static/gfx/banner/slewo_home/ 		0
0
BlackWood-Dolce-Vita-II-Wildeiche-Massivholzbett_100014545-17294215.avif
www.slewo.com/image/artikel26/ 		0
0
3S-Frankenmoebel-Eclipse-II-Epoxid-Wildeiche-Esstisch_100022346-17291700.avif
www.slewo.com/image/artikel26/ 		0
0
Massivholz-Vancouver-1-Wildeiche-Schwebebalkenbett_100011248-547919.avif
www.slewo.com/image/artikel26/ 		0
0
BlackWood-Dolce-Vita-II-BLACK-EDITION-Massivholzbett_100022684-17293484.avif
www.slewo.com/image/artikel1/ 		0
0
BlackWood-Dolce-Vita-II-Wildeiche-Massivholzbett_100014545-547744.avif
www.slewo.com/image/artikel1/ 		0
0
BlackWood-Table4YOU-Austin-Black-Edition-Wildeiche-Massivholztisch_100022685-17294139.avif
www.slewo.com/image/artikel1/ 		0
0
BlackWood-Dolce-Vita-I-Wildeiche-Massivholzbett_100006973-17292338.avif
www.slewo.com/image/artikel1/ 		0
0
Massivholz-Wickie-Bett_100022718-17293943.avif
www.slewo.com/image/artikel1/ 		0
0
BlackWood-Dolce-Vita-IV-Wildeiche-Massivholzbett_100016328-547855.avif
www.slewo.com/image/artikel1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.slewo.com
URL
https://www.slewo.com/static/gfx/banner/slewo_home/dolcevita.min.jpg
Domain
www.slewo.com
URL
https://www.slewo.com/image/artikel26/BlackWood-Dolce-Vita-II-Wildeiche-Massivholzbett_100014545-17294215.avif?v=0179
Domain
www.slewo.com
URL
https://www.slewo.com/image/artikel26/3S-Frankenmoebel-Eclipse-II-Epoxid-Wildeiche-Esstisch_100022346-17291700.avif?v=bf21
Domain
www.slewo.com
URL
https://www.slewo.com/image/artikel26/Massivholz-Vancouver-1-Wildeiche-Schwebebalkenbett_100011248-547919.avif?v=c5cb
Domain
www.slewo.com
URL
https://www.slewo.com/image/artikel1/BlackWood-Dolce-Vita-II-BLACK-EDITION-Massivholzbett_100022684-17293484.avif?v=4992
Domain
www.slewo.com
URL
https://www.slewo.com/image/artikel1/BlackWood-Dolce-Vita-II-Wildeiche-Massivholzbett_100014545-547744.avif
Domain
www.slewo.com
URL
https://www.slewo.com/image/artikel1/BlackWood-Table4YOU-Austin-Black-Edition-Wildeiche-Massivholztisch_100022685-17294139.avif?v=6cb3
Domain
www.slewo.com
URL
https://www.slewo.com/image/artikel1/BlackWood-Dolce-Vita-I-Wildeiche-Massivholzbett_100006973-17292338.avif?v=4ca0
Domain
www.slewo.com
URL
https://www.slewo.com/image/artikel1/Massivholz-Wickie-Bett_100022718-17293943.avif?v=f7dd
Domain
www.slewo.com
URL
https://www.slewo.com/image/artikel1/BlackWood-Dolce-Vita-IV-Wildeiche-Massivholzbett_100016328-547855.avif?v=db4b

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Domain/Path Name / Value
.fillooncristives.com/ Name: cc-v4
Value: 07i2zGl3cD3tQwxESKF3XL5qOdJfQCyHRJLVcTDSIElSGws9T%2Ba%2BifBJYz5lWJt9EwZtM6KWXKlXfa3M%2BcFwkUGMTS%2FoVDzf3qJWoasa%2BmwR0qw2SIHCIWz3IlcM9yj3S3p33CDXAamFa3m8yU%2Fijg%3D%3D
zulemen.com/ Name: rhid
Value: 83855206195
.bizrate.com/ Name: sessionid
Value: 887351276860856589
.bizrate.com/ Name: _data
Value: _time%3A%3Astart_time%3D1733896589%3Btimestamp%3D1733896589%7Ctracker%3A%3Ahtcnt%3D1%3Brf%3Daf1%3Brf2%3D%3Bvsc%3Ddau%3Baf_id%3D726125%3Baf_assettype_id%3D14%3Baf_creative_id%3D2993%3Baf_placement_id%3D910662%3Baf_placement_id_txt%3D910662%7Cdnt%3A%3Aon%3D0%3Bsrc%3D0
.bizrate.com/ Name: redirect_data
Value: eyJvIjpbXSwibSI6WzI5Nzg2OF0sImMiOltdLCJiIjpbXX0=
.bizrate.com/ Name: roi_cookie
Value: 17338965899520032848413601113008005%7C297868
.bizrate.com/ Name: roi_mid_attr
Value: 297868%3A297868
.bizrate.com/ Name: _gcl_au
Value: 1.1.1397596937.1733896591
.bizrate.com/ Name: _fbp
Value: fb.1.1733896590727.934317881658423686
.bizrate.com/ Name: _uetsid
Value: ab31bfd0b78411efa5dba30d04d5a61a
.bizrate.com/ Name: _uetvid
Value: ab31b5d0b78411ef81990dfb4a184bc0
.bat.bing.com/ Name: MR
Value: 0
.bing.com/ Name: MUID
Value: 07E64F958EF86B510EE25AC78F3A6A1A
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.yahoo.com/ Name: A3
Value: d=AQABBI8pWWcCEKlTZDhnDI0cipAZvdytywoFEgEBAQF7WmdjZ9wr0iMA_eMAAA&S=AQAAAp60Ebie2X6F7PcyYfl4zHc
www.slewo.com/ Name: googtrans
Value: %2Fde%2Fde
.slewo.com/ Name: googtrans
Value: %2Fde%2Fde
.slewo.com/ Name: SLEWO_CLIENT_ID
Value: fjcr099lsdmq80dgdvs98drc8t
.bing.com/ Name: MSPTC
Value: lWcFQfG5sE-Eaz8lArdTynJgaxvIFd0nJ4bEiVI38B0

16 Console Messages

Source Level URL
Text
rendering warning URL: https://ernus-dop.com/zclkvisitor/a84c8d54-b784-11ef-b7cd-12d042afb45f/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=b0e678b0-53cd-11ef-a7aa-0affd04c9415
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0302602DC2B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript warning URL: https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051
Message:
The resource https://www.slewo.com/static/css/style.min.css?v=1733839799 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051
Message:
The resource https://www.slewo.com/static/font/slewoFontIco.woff2?v=1.8 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051
Message:
The resource https://www.slewo.com/static/gfx/site/slewo.svg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051
Message:
The resource https://www.slewo.com/static/js/slewo_crit.min.js?v=1733840115 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051
Message:
The resource https://www.slewo.com/static/js/error.min.js?v=1733840115 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051
Message:
The resource https://www.slewo.com/image/artikel1/Massivholz-Wickie-Bett_100022718-17293943.avif?v=f7dd was preloaded using link preload in Early Hints but not used within a few seconds from the window's load event.
javascript warning URL: https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051
Message:
The resource https://www.slewo.com/image/artikel26/BlackWood-Dolce-Vita-II-Wildeiche-Massivholzbett_100014545-17294215.avif?v=0179 was preloaded using link preload in Early Hints but not used within a few seconds from the window's load event.
javascript warning URL: https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051
Message:
The resource https://www.slewo.com/image/artikel26/Massivholz-Vancouver-1-Wildeiche-Schwebebalkenbett_100011248-547919.avif?v=c5cb was preloaded using link preload in Early Hints but not used within a few seconds from the window's load event.
javascript warning URL: https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051
Message:
The resource https://www.slewo.com/image/artikel26/3S-Frankenmoebel-Eclipse-II-Epoxid-Wildeiche-Esstisch_100022346-17291700.avif?v=bf21 was preloaded using link preload in Early Hints but not used within a few seconds from the window's load event.
javascript warning URL: https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051
Message:
The resource https://www.slewo.com/image/artikel1/BlackWood-Dolce-Vita-IV-Wildeiche-Massivholzbett_100016328-547855.avif?v=db4b was preloaded using link preload in Early Hints but not used within a few seconds from the window's load event.
javascript warning URL: https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051
Message:
The resource https://www.slewo.com/static/gfx/banner/slewo_home/dolcevita.min.jpg was preloaded using link preload in Early Hints but not used within a few seconds from the window's load event.
javascript warning URL: https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051
Message:
The resource https://www.slewo.com/image/artikel1/BlackWood-Table4YOU-Austin-Black-Edition-Wildeiche-Massivholztisch_100022685-17294139.avif?v=6cb3 was preloaded using link preload in Early Hints but not used within a few seconds from the window's load event.
javascript warning URL: https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051
Message:
The resource https://www.slewo.com/image/artikel1/BlackWood-Dolce-Vita-II-Wildeiche-Massivholzbett_100014545-547744.avif was preloaded using link preload in Early Hints but not used within a few seconds from the window's load event.
javascript warning URL: https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051
Message:
The resource https://www.slewo.com/image/artikel1/BlackWood-Dolce-Vita-I-Wildeiche-Massivholzbett_100006973-17292338.avif?v=4ca0 was preloaded using link preload in Early Hints but not used within a few seconds from the window's load event.
javascript warning URL: https://www.slewo.com/?utm_source=pangora&cnxclid=17338965899520032848413601113008005&utm_medium=cpc&utm_campaign=product&scid=9464051
Message:
The resource https://www.slewo.com/image/artikel1/BlackWood-Dolce-Vita-II-BLACK-EDITION-Massivholzbett_100022684-17293484.avif?v=4992 was preloaded using link preload in Early Hints but not used within a few seconds from the window's load event.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
clkdeals.com
connect.facebook.net
d38psrni17bvxu.cloudfront.net
ernus-dop.com
fillooncristives.com
go.shopyourlikes.com
googleads.g.doubleclick.net
rd.bizrate.com
s.yimg.com
sp.analytics.yahoo.com
td.doubleclick.net
www.facebook.com
www.google.com
www.googletagmanager.com
www.notexistslime.scotianbank.com
www.slewo.com
zulemen.com
www.slewo.com
104.21.112.1
104.247.82.52
13.33.251.117
142.250.176.194
142.250.65.226
142.250.80.104
142.250.80.68
150.171.27.10
172.67.69.68
18.164.116.33
34.160.194.93
52.116.53.146
52.72.192.139
54.82.7.206
57.144.180.1
57.144.180.128
69.147.92.12
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
07412da3ac9297be7de731246304fb3d310884579e4afcec50be142fcf12ad98
096ca51b901a9142352e8aaaf5e5eaae0ac9080e0c811c6bf94d6815a60fb5c3
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
1b7be92e30acae773007cb3159923ce4d73a523bcfd6372865ac71ffe74a91af
24c6b22b89978e431d02b682e735fb830453228aa8abc0d53d3a5d8c1a022ea9
41955a99bc5d0a407f103b1c307f50d2e6669fca36016523df9c3bf7c35a75b8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49440437edffd0923b0e0b121269f67eea94e3ab4a9ed5ce5884723a22bdce65
65bceb1226696509119f222f0ab581cdd10614c405f263711b582f0cc4f0f9d2
696f85c208d87693f84d901eb2d3950b8fb7eae245fc6addbf7c00c3a974adc1
a650a6db5a37651a4bccfef6ef98d8f20256546a874d2cb43268c6792f4e7003
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
aebe8df81ee2ba5bc51e3abc322910ee5122a0ac06edfbcf7a04e1659d17dc9c
b7d6be17d48a6861e8a920a051c8f1b5f1ade830cb5bbb4de0f2944321388d0d
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
c67eab9fc3188dbdeb5498c48700d6dcc2ffaccb654df9db484a7409c88bc4a1
dcdd606d679dd26dff5b4e201fad2671affda4f30f2276d683e8f38b8f898f91
dfa8970fddb71892cc11fdbaa6fe2756c6bb7a1143e9ee5338311ddc3e71544e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4f949a39412d7d94a12afa7abd9960899f69cb7cf21777822cf90cfca41b7f8