ntqskdynsb.shop Open in urlscan Pro
104.21.85.42 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ntqskdynsb.shop/
Submission: On July 30 via api (July 30th 2024, 3:11:10 am UTC) from US — Scanned from US

Summary HTTP 128 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 43 IPs in 3 countries across 29 domains to perform 128 HTTP transactions. The main IP is 104.21.85.42, located in and belongs to CLOUDFLARENET, US. The main domain is ntqskdynsb.shop.
TLS certificate: Issued by WE1 on July 26th 2024. Valid for: 3 months.

This is the only time ntqskdynsb.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	104.21.85.42 104.21.85.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:251... 2600:9000:2510:bc00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
35	151.101.2.7 151.101.2.7	54113 (FASTLY) (FASTLY)
2	18.164.116.44 18.164.116.44	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:400d:c04::61	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:bdf::38 2620:1ec:bdf::38	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:100:a00b::a 2620:100:a00b::a	19750 (AS-CRITEO) (AS-CRITEO)
1	18.173.219.101 18.173.219.101	16509 (AMAZON-02) (AMAZON-02)
1	34.238.149.65 34.238.149.65	14618 (AMAZON-AES) (AMAZON-AES)
1 1	173.194.204.147 173.194.204.147	15169 (GOOGLE) (GOOGLE)
2	172.217.222.155 172.217.222.155	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:7809	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.139.33.128 108.139.33.128	16509 (AMAZON-02) (AMAZON-02)
2	2600:1408:ec0... 2600:1408:ec00:28e::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.225.63.11 13.225.63.11	16509 (AMAZON-02) (AMAZON-02)
1	18.210.229.244 18.210.229.244	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2606:4700:440... 2606:4700:4400::ac40:97ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:6ea0:e20... 2a02:6ea0:e200::17	60068 (CDN77 _) (CDN77 _)
2	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
2	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::ac40:965f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:400d:c07::71	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	172.217.222.97 172.217.222.97	15169 (GOOGLE) (GOOGLE)
1	18.173.219.114 18.173.219.114	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c04::9c	15169 (GOOGLE) (GOOGLE)
1	2620:100:a00b... 2620:100:a00b::12	19750 (AS-CRITEO) (AS-CRITEO)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
2	52.42.124.195 52.42.124.195	16509 (AMAZON-02) (AMAZON-02)
1 4	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
4	23.222.193.6 23.222.193.6	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.12.117.226 52.12.117.226	16509 (AMAZON-02) (AMAZON-02)
2	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	44.217.21.19 44.217.21.19	14618 (AMAZON-AES) (AMAZON-AES)
2	52.179.73.39 52.179.73.39	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	74.119.117.16 74.119.117.16	() ()
1	2620:100:a00b... 2620:100:a00b::26	() ()
128	43

6 104.21.85.42 (None, )

ASN13335 (CLOUDFLARENET, US)

ntqskdynsb.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2510:bc00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 151.101.2.7 (San Francisco, United States)

ASN54113 (FASTLY, US)

static.thriftbooks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.thriftbooks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.116.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-44.jfk50.r.cloudfront.net

consent.api.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c04::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:bdf::38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::a (United States)

ASN19750 (AS-CRITEO, US)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.219.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-101.jfk52.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.238.149.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-149-65.compute-1.amazonaws.com

dx.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.204.147 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: qb-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.222.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7809 (United States)

ASN13335 (CLOUDFLARENET, US)

js.appboycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.33.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-33-128.jfk50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:ec00:28e::1931 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-11.ewr53.r.cloudfront.net

tracker.marinsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.229.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-229-244.compute-1.amazonaws.com

18.210.229.244	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:97ee (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:e200::17 (Ashburn, United States)

ASN60068 (CDN77 _, GB)

tags.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:965f (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.iad-05.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c07::71 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.222.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.219.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-114.jfk52.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c04::9c (Morganton, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.42.124.195 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-124-195.us-west-2.compute.amazonaws.com

px.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.10.30 (Cyprus) 1 redirects

ASN203690 (RTB-HOUSE-ASH, CY)
PTR: ip-185-184-10-30.rtbhouse.net

us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.222.193.6 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-222-193-6.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.12.117.226 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-117-226.us-west-2.compute.amazonaws.com

gs.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.217.21.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-21-19.compute-1.amazonaws.com

arttrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.179.73.39 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.117.16 (None, )

ASN- ()

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::26 (None, )

ASN- ()

measurement-api.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	thriftbooks.com static.thriftbooks.com — Cisco Umbrella Rank: 155295 i.thriftbooks.com — Cisco Umbrella Rank: 149516	1 MB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	305 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1114 t.clarity.ms — Cisco Umbrella Rank: 8415 c.clarity.ms — Cisco Umbrella Rank: 1838	29 KB
6	ntqskdynsb.shop ntqskdynsb.shop	92 KB
5	creativecdn.com 1 redirects tags.creativecdn.com — Cisco Umbrella Rank: 7049 us.creativecdn.com — Cisco Umbrella Rank: 5026	3 KB
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 1235	3 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 534 c.bing.com — Cisco Umbrella Rank: 341	17 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 stats.g.doubleclick.net — Cisco Umbrella Rank: 252	529 B
4	mountain.com dx.mountain.com — Cisco Umbrella Rank: 8539 px.mountain.com — Cisco Umbrella Rank: 8773 gs.mountain.com — Cisco Umbrella Rank: 14631	9 KB
4	criteo.com dynamic.criteo.com — Cisco Umbrella Rank: 4315 gum.criteo.com — Cisco Umbrella Rank: 553 Failed sslwidget.criteo.com measurement-api.criteo.com	23 KB
3	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 2631 insight.adsrvr.org — Cisco Umbrella Rank: 1486 match.adsrvr.org — Cisco Umbrella Rank: 505	5 KB
3	osano.com cmp.osano.com — Cisco Umbrella Rank: 7730 consent.api.osano.com — Cisco Umbrella Rank: 13823	66 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 853	421 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	reddit.com pixel-config.reddit.com — Cisco Umbrella Rank: 3241 alb.reddit.com — Cisco Umbrella Rank: 1969	761 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
2	braze.com sdk.iad-05.braze.com — Cisco Umbrella Rank: 3003	1 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1950	8 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1561	13 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	74 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1417	25 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 10 analytics.google.com — Cisco Umbrella Rank: 238	24 B
2	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 7072	7 KB
1	arttrk.com arttrk.com — Cisco Umbrella Rank: 7454	131 B
1	media6degrees.com action.media6degrees.com — Cisco Umbrella Rank: 16532	606 B
1	dstillery.com 1 redirects action.dstillery.com — Cisco Umbrella Rank: 12871	522 B
1	marinsm.com tracker.marinsm.com — Cisco Umbrella Rank: 46651	321 B
1	appboycdn.com js.appboycdn.com — Cisco Umbrella Rank: 5555	51 KB
1	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 1932	57 KB
128	29

	Domain	Requested by
23	static.thriftbooks.com	ntqskdynsb.shop
12	i.thriftbooks.com	ntqskdynsb.shop
9	www.googletagmanager.com	cmp.osano.com ntqskdynsb.shop
6	ntqskdynsb.shop	ntqskdynsb.shop cmp.osano.com static.thriftbooks.com
4	ct.pinterest.com	s.pinimg.com cmp.osano.com
4	us.creativecdn.com	1 redirects ntqskdynsb.shop
3	bat.bing.com	cmp.osano.com ntqskdynsb.shop
2	dc.services.visualstudio.com	js.monitor.azure.com
2	c.clarity.ms	1 redirects
2	t.clarity.ms	js.monitor.azure.com
2	www.facebook.com	ntqskdynsb.shop
2	www.clarity.ms	cmp.osano.com
2	px.mountain.com	cmp.osano.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	cmp.osano.com www.google-analytics.com
2	sdk.iad-05.braze.com	js.appboycdn.com
2	use.fontawesome.com	cmp.osano.com use.fontawesome.com
2	www.redditstatic.com	cmp.osano.com www.redditstatic.com
2	connect.facebook.net	cmp.osano.com
2	s.pinimg.com	cmp.osano.com
2	googleads.g.doubleclick.net	ntqskdynsb.shop cmp.osano.com
2	widget.trustpilot.com	cmp.osano.com
2	consent.api.osano.com	cmp.osano.com
1	measurement-api.criteo.com	js.monitor.azure.com
1	sslwidget.criteo.com	cmp.osano.com
1	match.adsrvr.org	cmp.osano.com
1	insight.adsrvr.org	1 redirects
1	arttrk.com
1	c.bing.com	1 redirects
1	gs.mountain.com	cmp.osano.com
1	alb.reddit.com	ntqskdynsb.shop
1	pixel-config.reddit.com	www.redditstatic.com
1	gum.criteo.com	cmp.osano.com
1	analytics.google.com	www.googletagmanager.com
1	tags.creativecdn.com	cmp.osano.com
1	action.media6degrees.com	ntqskdynsb.shop
1	action.dstillery.com	1 redirects
1	tracker.marinsm.com	cmp.osano.com
1	js.adsrvr.org	cmp.osano.com
1	js.appboycdn.com	cmp.osano.com
1	www.google.com	1 redirects
1	dx.mountain.com	cmp.osano.com
1	dynamic.criteo.com	cmp.osano.com
1	js.monitor.azure.com	cmp.osano.com
1	cmp.osano.com	ntqskdynsb.shop
128	45

This site contains links to these domains. Also see Links.

Domain
www.thriftbooks.com
thriftbooks.cashstar.com
facebook.com
twitter.com
pinterest.com
thrift-books.tumblr.com
instagram.com

Subject Issuer	Validity	Valid
ntqskdynsb.shop WE1	`2024-07-26` - `2024-10-24`	3 months	crt.sh
*.osano.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
*.thriftbooks.com Go Daddy Secure Certificate Authority - G2	`2024-04-10` - `2025-05-12`	a year	crt.sh
*.api.osano.com Amazon RSA 2048 M03	`2023-09-27` - `2024-10-25`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
js.monitor.azure.com Microsoft Azure RSA TLS Issuing CA 04	`2024-05-22` - `2025-05-17`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
*.trustpilot.com Amazon RSA 2048 M03	`2024-01-03` - `2025-01-31`	a year	crt.sh
*.mountain.com Go Daddy Secure Certificate Authority - G2	`2024-05-23` - `2025-06-24`	a year	crt.sh
appboycdn.com E6	`2024-06-10` - `2024-09-08`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-08-07`	9 days	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.marinsm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-20` - `2025-04-20`	a year	crt.sh
18.210.229.244 Sectigo RSA Domain Validation Secure Server CA	`2024-01-24` - `2025-02-13`	a year	crt.sh
1589314308.rsc.cdn77.org R3	`2024-05-29` - `2024-08-27`	3 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-23` - `2024-11-18`	6 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
sdk.iad-05.braze.com WE1	`2024-06-17` - `2024-09-15`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-05-30` - `2024-11-26`	6 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2024-04-05` - `2025-04-30`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
adxcel-ec2.com Amazon RSA 2048 M01	`2023-09-18` - `2024-10-17`	a year	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 04	`2024-07-03` - `2025-06-28`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://ntqskdynsb.shop/
Frame ID: 52FBD6BDC8FEFDDA52E7F0471D809B7D
Requests: 118 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=491795f0000064000503e008
Frame ID: 42B9C70C4F6EB42443246D64E56B203D
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=ntqskdynsb.shop&origin=onetag&us_privacy=1-N-
Frame ID: 3A8B852151F412E8A788256BA035AF9B
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=iuykgbt&ref=https%3A%2F%2Fntqskdynsb.shop%2F&upid=fncjif3&upv=1.1.0
Frame ID: C3AD17BB28255D1A69D5929776FCB6A0
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 9BF7597A5AC479AF2DD843F0222ECB83
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New & Used Books | Buy Cheap Books Online at ThriftBooks

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Braze (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

js\.appboycdn\.com/web-sdk/([\d.]+)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Page Statistics

128
Requests

83 %
HTTPS

44 %
IPv6

29
Domains

45
Subdomains

43
IPs

3
Countries

1872 kB
Transfer

4279 kB
Size

51
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.thriftbooks.com/b/education-resources/
Title: ThriftBooks 4 Teachers™

Search URL Search Domain Scan URL

URL: https://www.thriftbooks.com/b/booktok/
Title: #BookTok

Search URL Search Domain Scan URL

URL: https://www.thriftbooks.com/b/book-clubs/
Title: Book Club Hub™

Search URL Search Domain Scan URL

URL: https://www.thriftbooks.com/b/most-popular-books-by-state-2023-fiction/
Title: Books by State®

Search URL Search Domain Scan URL

URL: https://www.thriftbooks.com/b/new-and-coming-soon/
Title: New & Coming Soon

Search URL Search Domain Scan URL

URL: https://www.thriftbooks.com/b/large-print/
Title: Large Print Books

Search URL Search Domain Scan URL

URL: https://thriftbooks.cashstar.com/store
Title: e-Gift Cards

Search URL Search Domain Scan URL

URL: https://thriftbooks.cashstar.com/store/recipient?locale=en-us
Title: e-Gift Cards

Search URL Search Domain Scan URL

URL: https://www.thriftbooks.com/b/book-bundles/
Title: Debuting, Book Bundles Quantities limited, shop now to save big

Search URL Search Domain Scan URL

URL: https://www.thriftbooks.com/blog/introducing-buyback/
Title: Introducing, ThriftBooks BuyBack Learn more about selling your books

Search URL Search Domain Scan URL

URL: https://facebook.com/thriftbooks
Title: Link to Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/thriftbooks/
Title: Link to Twitter

Search URL Search Domain Scan URL

URL: https://pinterest.com/thriftbooks/
Title: Link to Pinterest

Search URL Search Domain Scan URL

URL: https://thrift-books.tumblr.com/
Title: Link to Tumblr

Search URL Search Domain Scan URL

URL: https://instagram.com/thriftbooks/
Title: Link to Instagram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://www.google.com/pagead/landing?gcs=G111&gcd=13r3v3r3r5&tag_exp=95250752&rnd=237498038.1722309064&url=https%3A%2F%2Fntqskdynsb.shop%2F&dma=0&npa=0&gtm=45He47t0n715MSF27v6373732za200&auid=727178091.1722309064 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3v3r3r5&tag_exp=95250752&rnd=237498038.1722309064&url=https%3A%2F%2Fntqskdynsb.shop%2F&dma=0&npa=0&gtm=45He47t0n715MSF27v6373732za200&auid=727178091.1722309064

Request Chain 65

https://action.dstillery.com/orbserv/nsjs?adv=cl171502054107882&ns=8586&nc=ThriftBooks-Site-Visitor&ncv=69 HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl171502054107882&ns=8586&nc=ThriftBooks-Site-Visitor&ncv=69

Request Chain 92

https://us.creativecdn.com/tags/v2?type=json HTTP 307
https://us.creativecdn.com/tags/v2?type=json&tc=1

Request Chain 112

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=74982033907B4B8C99B5E1C0462C1A7D&RedC=c.clarity.ms&MXFR=034FAC878BF969FC3BA1B84B8FF9677A HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=74982033907B4B8C99B5E1C0462C1A7D&MUID=1EF57B6437BC6F2903746FA836026E92

Request Chain 120

https://insight.adsrvr.org/track/up?adv=iuykgbt&ref=https%3A%2F%2Fntqskdynsb.shop%2F&upid=fncjif3&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=iuykgbt&ref=https%3A%2F%2Fntqskdynsb.shop%2F&upid=fncjif3&upv=1.1.0

128 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
ntqskdynsb.shop/ 343 KB
74 KB 446ms
271ms Document
text/html 104.21.85.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ntqskdynsb.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.85.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

435907eeb44d2129d07914e4eedbc85e075a4680f4a8c4fbdb3f1e01c8321075

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-expose-headers: Request-Context
alt-svc: h3=":443"; ma=86400
backend-name: 67p76nAHuMJBmLDjaSYYf0--F_sigsci_waf
bluegreen: blue
cache-control: private, no-store, must-revalidate, no-cache, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8ab228b96d313707-MIA
content-encoding: br
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Tue, 30 Jul 2024 03:11:02 GMT
expires: Tue, 30 Jul 2024 03:11:02 GMT
fastly-ssl: 1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Bz4tsdqt%2FpI7FlNfPST16hqNBYPQuc3v6jA0oDACqElToNCx2hanYvDP5ZtCVk40U7bGn422aiplZL1Bak5NnbECIDTrpgc73PZe5qv2RYyZ2iQU6wUJ4j3zniJoG2oYl4%3D"}],"group":"cf-nel","max_age":604800}
request-context: appId=cid-v1:c94469ec-8052-40ab-adb5-6507651e43b2
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding, User-Agent
via: 1.1 varnish, 1.1 varnish
x-aspnetmvc-version: 5.2
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-ads-kdfw8210218-ADS, cache-dfw-kdfw8210023-DFW
x-timer: S1722309063.770673,VS0,VE82
x-ua-device: pc

GET
H2 200 osano.js Show response
cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/ 257 KB
65 KB 273ms
63ms Script
application/javascript 2600:9000:2510:bc00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js

Requested by

Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:bc00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

24090b98fec198eb273a95f100fcd9cfe8bf4fa6af0ddecb6aa695d7ebe3897a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 11:00:50 GMT
content-encoding: br
via: 1.1 cf549a03d4f209dc2ee52d1dd6cb3730.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P5
age: 58212
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 66155
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Mar 2024 20:19:19 GMT
server: CloudFront
etag: "1c33ace7a8ab369b3e047f522af00f9c"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: eGYRTZ85_5nWDleR4lCpyUI8kC39gDAOy8DkqWOVZVgbGr0WxyiqsA==

GET
H/1.1 200
OK homepage-vbid2-10392.css
static.thriftbooks.com/prod/style/ 174 KB
27 KB 199ms
32ms Stylesheet
text/css 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thriftbooks.com/prod/style/homepage-vbid2-10392.css
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ab1012572b2e2c5d914531d4d5ce17ed6082fe5254e27c3f348ddbf8b8de4d04

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:03 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Content-MD5: sKLiCfaDYCmj9RiYHNLyRA==
Age: 2321
X-Cache: HIT
Connection: keep-alive
Content-Length: 27268
X-Served-By: cache-mia-kmia1760081-MIA
x-ms-lease-status: unlocked
Last-Modified: Tue, 02 Jul 2024 00:06:57 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309063.123101,VS0,VE2
ETag: 0x8DC9A2AE3B4C926
Vary: Accept-Encoding
Content-Type: text/css
x-ms-request-id: 4e176331-301e-002e-3e99-ddd701000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H3 404 webVitals.js
ntqskdynsb.shop/scripts/ 0
0 92ms
91ms Script
text/html 104.21.85.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntqskdynsb.shop/scripts/webVitals.js
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:03 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LtVwg9mKfY9izXexgiY%2Bea8Q17YlV1vucHEmWYreqWvM%2FxZYvyyqvnqArMdETMN1R%2Fcl48q7GQIljP2cT%2F2PZbNIhQADya1yY89KRuY8nC3P2ie9jGgnuh%2Fn2hu54HIGxi0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8ab228bbaeff3707-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK tblogo-green_20200225.svg
static.thriftbooks.com/images/ 23 KB
7 KB 164ms
32ms Image
image/svg+xml 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.thriftbooks.com/images/tblogo-green_20200225.svg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6f677479da0322270e2f916c22e2ce2b231941f4b4da63669d42adcbf8706c9e

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:03 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Content-MD5: xtX5mEmeIkkUl0O0D5JjQw==
Age: 710
X-Cache: HIT
Connection: keep-alive
Content-Length: 6778
X-Served-By: cache-mia-kmia1760076-MIA
x-ms-lease-status: unlocked
Last-Modified: Thu, 04 Apr 2024 23:20:17 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309063.123474,VS0,VE0
ETag: 0x8DC54FDCA5441C4
Vary: Accept-Encoding
Content-Type: image/svg+xml
x-ms-request-id: ae1bbed7-a01e-0071-768d-dd633d000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 10840

GET
H/1.1 200
OK wishlist-grey.svg
static.thriftbooks.com/site_images/ 492 B
961 B 162ms
30ms Image
image/svg+xml 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.thriftbooks.com/site_images/wishlist-grey.svg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a7620a49c312b435e030ebfc5d2c68cc756aa4626ba46ef1519b8b552058ddab

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:03 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Content-MD5: /SS2KoC4UxZ3NXRrMNEB3g==
Age: 2311
X-Cache: HIT
Connection: keep-alive
Content-Length: 324
X-Served-By: cache-mia-kmia1760057-MIA
x-ms-lease-status: unlocked
Last-Modified: Thu, 04 Apr 2024 22:07:10 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309063.123002,VS0,VE0
ETag: 0x8DC54F393506C17
Vary: Accept-Encoding
Content-Type: image/svg+xml
x-ms-request-id: 942e5f5b-d01e-0026-6cd0-dccd0e000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 4

GET
H/1.1 200
OK dt-l_06daec4c.jpg
static.thriftbooks.com/general/ 24 KB
24 KB 31ms
31ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.thriftbooks.com/general/dt-l_06daec4c.jpg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d60c15b1151ab8e2df7296a64ea7cf3a2d5db74c03b07baacdea2169cab76063

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:03 GMT
Via: 1.1 varnish
Content-MD5: rAs3GIZ1UgBrlmJJ1LjEuQ==
Age: 3365
X-Cache: HIT
Connection: keep-alive
Content-Length: 24067
X-Served-By: cache-mia-kmia1760057-MIA
x-ms-lease-status: unlocked
Last-Modified: Fri, 19 Jul 2024 22:01:41 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309063.156694,VS0,VE0
ETag: 0x8DCA83E5F2F99BC
Content-Type: image/jpeg
x-ms-request-id: bf769a3f-501e-0038-2aa6-e121d6000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 795

GET
H/1.1 200
OK dt-m_f30972d8.jpg
static.thriftbooks.com/general/ 16 KB
17 KB 31ms
30ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.thriftbooks.com/general/dt-m_f30972d8.jpg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 19d335924c4acb12c835503efcc12ead763818c07699e5dacc96f6bd0a64cc3c

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:03 GMT
Via: 1.1 varnish
Content-MD5: 7CAx9APN442ftKKE0LESqA==
Age: 2136
X-Cache: HIT
Connection: keep-alive
Content-Length: 16481
X-Served-By: cache-mia-kmia1760076-MIA
x-ms-lease-status: unlocked
Last-Modified: Tue, 25 Jun 2024 22:42:21 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309063.159432,VS0,VE0
ETag: 0x8DC9568133C1F2E
Content-Type: image/jpeg
x-ms-request-id: de9272e3-f01e-0043-7ee9-e0634a000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 2

GET
H/1.1 200
OK dt-s_272a40ce.jpg
static.thriftbooks.com/general/ 14 KB
15 KB 32ms
32ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.thriftbooks.com/general/dt-s_272a40ce.jpg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fac502b529ce2296e8a39395195d77c70382ddcc4a7f6b2cc52b3eabc20a03d3

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:03 GMT
Via: 1.1 varnish
Content-MD5: i/HWTlLfHfCGwpYihHMgyQ==
Age: 3365
X-Cache: HIT
Connection: keep-alive
Content-Length: 14464
X-Served-By: cache-mia-kmia1760057-MIA
x-ms-lease-status: unlocked
Last-Modified: Sat, 20 Jul 2024 01:21:02 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309063.196468,VS0,VE1
ETag: 0x8DCA85A389663D8
Content-Type: image/jpeg
x-ms-request-id: 0f227311-801e-0004-6707-e00811000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H/1.1 200
OK dt-s_39988877.jpg
static.thriftbooks.com/general/ 10 KB
11 KB 33ms
32ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.thriftbooks.com/general/dt-s_39988877.jpg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7989da2ac9433a60156d9ccda7bed7c40b1b1418323d7d93fd57be5006ab6d41

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:03 GMT
Via: 1.1 varnish
Content-MD5: lHUqOb7rUzVKYJj6UtM+Sg==
Age: 612
X-Cache: HIT
Connection: keep-alive
Content-Length: 10241
X-Served-By: cache-mia-kmia1760081-MIA
x-ms-lease-status: unlocked
Last-Modified: Fri, 14 Jun 2024 18:29:42 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309063.443192,VS0,VE1
ETag: 0x8DC8C9FF56FACDE
Content-Type: image/jpeg
x-ms-request-id: 8b29c3b6-b01e-001f-3741-df3612000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK aboutthriftbooks_video_cover.png
static.thriftbooks.com/general/ 203 KB
203 KB 46ms
34ms Image
image/png 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.thriftbooks.com/general/aboutthriftbooks_video_cover.png
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 191ed6f4f18d3008d235cc587fe0b10f6d243d5937476a0d4d98c56524c375ee

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:03 GMT
Via: 1.1 varnish
Content-MD5: PYF1grEU0BvP2/Pnc6YRhA==
Age: 1995
X-Cache: HIT
Connection: keep-alive
Content-Length: 207395
X-Served-By: cache-mia-kmia1760076-MIA
x-ms-lease-status: unlocked
Last-Modified: Thu, 04 Apr 2024 22:56:01 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309063.453727,VS0,VE3
ETag: 0x8DC54FA663120DF
Content-Type: image/png
x-ms-request-id: 4efb0dc6-301e-002e-3ec0-ddd701000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK goDaddy.gif
static.thriftbooks.com/images/ 2 KB
3 KB 66ms
32ms Image
image/gif 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.thriftbooks.com/images/goDaddy.gif
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3f2254384ffeeb55579542eeab7cc44b36ac3cca357dff1d9aa2db6e58cbe6e1

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:03 GMT
Via: 1.1 varnish
Content-MD5: EZgq7FHXF7H4nLyQm5CZyA==
Age: 612
X-Cache: HIT
Connection: keep-alive
Content-Length: 2424
X-Served-By: cache-mia-kmia1760057-MIA
x-ms-lease-status: unlocked
Last-Modified: Thu, 04 Apr 2024 23:20:01 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309063.476734,VS0,VE0
ETag: 0x8DC54FDC097A67E
Content-Type: image/gif
x-ms-request-id: 944db921-401e-0034-63ae-cbb6de000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 2

GET
H/1.1 200
OK bundle.shared-vbid2-10392.js Show response
static.thriftbooks.com/prod/scripts/client/desktop/ 491 KB
126 KB 33ms
32ms Script
application/javascript 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thriftbooks.com/prod/scripts/client/desktop/bundle.shared-vbid2-10392.js
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ba96b562f89c1a4af7a49107d7cc62cb7b5a8fa86da2228031a9a070031bba56

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:03 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Content-MD5: psio8DvbHdL48UVsRMZrug==
Age: 1023
X-Cache: HIT
Connection: keep-alive
Content-Length: 128709
X-Served-By: cache-mia-kmia1760076-MIA
x-ms-lease-status: unlocked
Last-Modified: Tue, 02 Jul 2024 00:07:24 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309063.196985,VS0,VE2
ETag: 0x8DC9A2AF39B243C
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: e54910c8-301e-0073-7880-dedd85000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK bundle.main-vbid2-10392.js Show response
static.thriftbooks.com/prod/scripts/client/desktop/ 94 KB
21 KB 30ms
30ms Script
application/javascript 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thriftbooks.com/prod/scripts/client/desktop/bundle.main-vbid2-10392.js
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 14bf9d82d7bdbb9522ff2ce19bb627c17fb0a1f467ad01ef7f99e5d11b9a1dfc

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:03 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Content-MD5: DpRI5Se0A9NVjITgUSHzew==
Age: 612
X-Cache: HIT
Connection: keep-alive
Content-Length: 21306
X-Served-By: cache-mia-kmia1760057-MIA
x-ms-lease-status: unlocked
Last-Modified: Tue, 02 Jul 2024 00:07:24 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309063.236763,VS0,VE0
ETag: 0x8DC9A2AF384B429
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: 59ffd3af-b01e-0020-34d0-dcfeb1000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 2

GET
H3 404 swiper.min.js
ntqskdynsb.shop/Scripts/ 0
0 89ms
89ms Script
text/html 104.21.85.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntqskdynsb.shop/Scripts/swiper.min.js
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:03 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OdtSOvq%2FKjrKlFKuEPoqKwGDRoiv5t0UpRPJXRVxR1UvnGrEUj97HTL0RqT%2FRuEd2LuoQ7JFEGF6GmDpX7jYAywEt5MmodU8UfpefCLRXhph3NsQlRCXfEeFPpF4UqqHpfc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8ab228bd685f3707-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK bundle.home-vbid2-10392.js Show response
static.thriftbooks.com/prod/scripts/client/desktop/ 451 B
968 B 34ms
34ms Script
application/javascript 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thriftbooks.com/prod/scripts/client/desktop/bundle.home-vbid2-10392.js
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b78db0c77c8423d7f1e9b01c349f26c842bd2eb4cf3ee3702f665f8d0bb980d8

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:03 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Content-MD5: MzwzRfAm8vZMpS4vlH0tvg==
Age: 2555
X-Cache: HIT
Connection: keep-alive
Content-Length: 322
X-Served-By: cache-mia-kmia1760076-MIA
x-ms-lease-status: unlocked
Last-Modified: Tue, 02 Jul 2024 00:07:24 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309063.298436,VS0,VE1
ETag: 0x8DC9A2AF38F9F00
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: 5639c496-501e-0028-7620-dfe4be000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H/1.1 200
OK bundle.shared-vbid2-10392.js Show response
static.thriftbooks.com/prod/scripts/client/shared/ 782 B
1 KB 33ms
32ms Script
application/javascript 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thriftbooks.com/prod/scripts/client/shared/bundle.shared-vbid2-10392.js
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4aeca434f8b1d27bb8512c828d56e0c68bbe0467bcf2ab47931adc367e1b9caa

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:03 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Content-MD5: TRI/xqoqXSxwDvOp1wGK6Q==
Age: 150
X-Cache: HIT
Connection: keep-alive
Content-Length: 432
X-Served-By: cache-mia-kmia1760076-MIA
x-ms-lease-status: unlocked
Last-Modified: Tue, 02 Jul 2024 00:07:24 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309063.419669,VS0,VE1
ETag: 0x8DC9A2AF37D467D
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: 81f8a8d8-001e-0035-0d2d-cde902000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK bundle.track-vbid2-10392.js Show response
static.thriftbooks.com/prod/scripts/client/shared/ 6 KB
3 KB 31ms
30ms Script
application/javascript 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thriftbooks.com/prod/scripts/client/shared/bundle.track-vbid2-10392.js
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c49539510d1ac0a0267856f094d9a64b316e93325ee4350ba3ffc16fa15893d8

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:03 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Content-MD5: cSSVCYTHnyvIjuo6IozsJA==
Age: 2371
X-Cache: HIT
Connection: keep-alive
Content-Length: 2371
X-Served-By: cache-mia-kmia1760057-MIA
x-ms-lease-status: unlocked
Last-Modified: Tue, 02 Jul 2024 00:07:24 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309063.442952,VS0,VE0
ETag: 0x8DC9A2AF39508FE
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: 333de96d-301e-004c-3a17-e01526000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 8

OPTIONS
H2 200 record
consent.api.osano.com/ Frame 0
0 286ms
71ms Preflight
application/json 18.164.116.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.api.osano.com/record
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-44.jfk50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ntqskdynsb.shop
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 30 Jul 2024 03:11:03 GMT
via: 1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
x-amz-apigw-id: btL3PGT6oAMEQJQ=
x-amz-cf-id: -TMTOWQibhaoIhOlpfC-CVVaRgXsR3iIDqhjGJkGdUj2HyRX_C3BeQ==
x-amz-cf-pop: JFK50-P6
x-amzn-requestid: 688eb0a2-941d-40f1-a5bc-5a844b17417b
x-cache: Miss from cloudfront

POST
H2 204 record Show response
consent.api.osano.com/ 0
437 B 144ms
143ms XHR
text/plain 18.164.116.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.api.osano.com/record
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-44.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Jul 2024 03:11:03 GMT
via: 1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
x-amzn-trace-id: Root=1-66a859c7-0890881f6ffbeabd1a37bec0
x-amzn-requestid: 6053d5ba-c9e6-43d1-a2c3-94cabd70550e
x-cache: Miss from cloudfront
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
x-amz-apigw-id: btL3QEPLIAMEAVA=
access-control-allow-headers: Accept, Authorization, Content-Length, Content-Type, Origin, X-Requested-With
x-amz-cf-id: HQY-gx93PdhDenZi0dwv_JhLp8hWxULEL8gcdJSmr9NynNWFtm8SbQ==

GET
BLOB 200
OK 762855d3-1d71-43cc-a7c8-a6af3c5d9211
https://ntqskdynsb.shop/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ntqskdynsb.shop/762855d3-1d71-43cc-a7c8-a6af3c5d9211
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 359 KB
113 KB 226ms
60ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MSF27

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f469001ac86ad0eed37bd95a0c6d454fcea08aa17aa5fde94bafd27b1508729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 115401
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 30 Jul 2024 03:11:03 GMT

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ 120 KB
57 KB 1551ms
69ms Script
text/javascript 2620:1ec:bdf::38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136

Request headers

Referer: https://ntqskdynsb.shop/
Origin: https://ntqskdynsb.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:04 GMT
content-encoding: br
last-modified: Wed, 20 Mar 2024 17:31:27 GMT
x-ms-meta-aijssdkver: 2.8.18
vary: Accept-Encoding
x-azure-ref: 20240730T031104Z-17f499b9d948sxhjgk4pgcy1qn00000000gg00000000v9yp
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 35c32320-501e-002b-7f1e-de4013000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.18.min.js
x-fd-int-roxy-purgeid: 0

GET
H3 404 sp.js
ntqskdynsb.shop/scripts/ 0
0 90ms
89ms Script
text/html 104.21.85.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntqskdynsb.shop/scripts/sp.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.85.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:03 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ICJVlQ2g5XIOhzr0tY4xqbV8yqJDuWCoDOrvGeheuM5GRBrkAPf%2FuFNeTmHHWSk09KyfuqvH6oeeZkHATT%2FTcBppO%2F2Or1y0rvxKk4stQWZ7zkiJ2vINstc72TRU6%2BLkY4s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8ab228bea9473707-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
ntqskdynsb.shop/api/header/userinfo/ 280 B
1 KB 221ms
220ms XHR
application/json 104.21.85.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ntqskdynsb.shop/api/header/userinfo/?encodedPathname=%2F

Requested by

Host: static.thriftbooks.com
URL: https://static.thriftbooks.com/prod/scripts/client/desktop/bundle.shared-vbid2-10392.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.85.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca770cdcb96cae2aa9834e9dc82dacc6f3e3fa6bb0d2deea011085dddec262da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Tue, 30 Jul 2024 03:11:03 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: frame-ancestors 'self'
x-cache: MISS, MISS
x-ua-device: pc
bluegreen: blue
backend-name: 67p76nAHuMJBmLDjaSYYf0--F_sigsci_waf
alt-svc: h3=":443"; ma=86400
content-length: 307
request-context: appId=cid-v1:c94469ec-8052-40ab-adb5-6507651e43b2
x-served-by: cache-dfw-kdfw8210173-DFW, cache-dfw-kdfw8210173-DFW
pragma: no-cache
fastly-ssl: 1
server: cloudflare
x-timer: S1722309064.690408,VS0,VE129
vary: Accept-Encoding, User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q45qtVDa%2B1Y5Cs9mN0rEkihp1lGO%2BSxmX1Syu1t33vT0nw7F3o5QUXz5dMUn9OQ%2FqDYU%2BtdCOAHXuPIrr%2BuHDgCTkxyzeo0hpFNp%2B7AYnBN3L5hDUBJWPcHLsphSIZc0a%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: no-cache
accept-ranges: bytes
cf-ray: 8ab228bfba1a3707-MIA
expires: -1

GET
H/1.1 200
OK DT-S-264x144-plain_edb01c0e.jpg
static.thriftbooks.com/general/ 23 KB
23 KB 33ms
31ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.thriftbooks.com/general/DT-S-264x144-plain_edb01c0e.jpg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e95ad2ca395e9c8a83f0aae666eef22ae59df8aff26e0f7efe9cf3e4fb68ede4

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:03 GMT
Via: 1.1 varnish
Content-MD5: rg1QFPlX5WHZ8I7GzNdH3Q==
Age: 2244
X-Cache: HIT
Connection: keep-alive
Content-Length: 23052
X-Served-By: cache-mia-kmia1760076-MIA
x-ms-lease-status: unlocked
Last-Modified: Tue, 09 Apr 2024 23:06:37 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309064.652308,VS0,VE0
ETag: 0x8DC58E9B541A09A
Content-Type: image/jpeg
x-ms-request-id: b90e145c-601e-006e-1512-e0d039000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 3

GET
H/1.1 200
OK DT-S_264x144_9bbb4dc9.jpg
static.thriftbooks.com/general/ 28 KB
28 KB 35ms
32ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.thriftbooks.com/general/DT-S_264x144_9bbb4dc9.jpg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 008109b0d131d6357501dae77416dab1d3b0fdc7f283311df43a90818a4833db

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:03 GMT
Via: 1.1 varnish
Content-MD5: kQ731sfdxxJOQVBtph5RCg==
Age: 467
X-Cache: HIT
Connection: keep-alive
Content-Length: 28405
X-Served-By: cache-mia-kmia1760057-MIA
x-ms-lease-status: unlocked
Last-Modified: Tue, 09 Apr 2024 23:06:39 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309064.652457,VS0,VE1
ETag: 0x8DC58E9B6DBE529
Content-Type: image/jpeg
x-ms-request-id: f21b832a-501e-0007-0f13-cde975000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H/1.1 200
OK DT-S_36c46a29.jpg
static.thriftbooks.com/general/ 13 KB
14 KB 36ms
34ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.thriftbooks.com/general/DT-S_36c46a29.jpg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7ba9fbf93d03b54e7bd00c7117da4c6d14566fd03425edb84ac6445522c6800f

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:03 GMT
Via: 1.1 varnish
Content-MD5: 41gjPWYdQVFSN0UugvgTRw==
Age: 2997
X-Cache: HIT
Connection: keep-alive
Content-Length: 13258
X-Served-By: cache-mia-kmia1760081-MIA
x-ms-lease-status: unlocked
Last-Modified: Tue, 09 Apr 2024 23:06:36 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309064.652532,VS0,VE1
ETag: 0x8DC58E9B510865D
Content-Type: image/jpeg
x-ms-request-id: 29075efe-a01e-005e-33dc-e06ef6000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK DT-S_11effe5e.jpg
static.thriftbooks.com/general/ 13 KB
14 KB 36ms
34ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.thriftbooks.com/general/DT-S_11effe5e.jpg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2c12b91b720225fa357bdb8f934ed7e5284223ffa95b3c0ea946c770b2f53fe4

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:03 GMT
Via: 1.1 varnish
Content-MD5: sf9llxwwQ6LgVotosGugEw==
Age: 2681
X-Cache: HIT
Connection: keep-alive
Content-Length: 13776
X-Served-By: cache-mia-kmia1760062-MIA
x-ms-lease-status: unlocked
Last-Modified: Tue, 09 Apr 2024 23:06:38 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309064.652921,VS0,VE1
ETag: 0x8DC58E9B62BB71E
Content-Type: image/jpeg
x-ms-request-id: 569df163-001e-0057-6dc3-e02b25000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK LargePrint-teal_6288ec6b.jpg
static.thriftbooks.com/general/ 18 KB
18 KB 34ms
32ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.thriftbooks.com/general/LargePrint-teal_6288ec6b.jpg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a7798db667f2567f6c94e521c83155527a13eb0de01ec1ad421cb6ef0a576ef5

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:03 GMT
Via: 1.1 varnish
Content-MD5: 7X+z9daY0cmf1YLlDZ/2dw==
Age: 959
X-Cache: HIT
Connection: keep-alive
Content-Length: 17965
X-Served-By: cache-mia-kmia1760095-MIA
x-ms-lease-status: unlocked
Last-Modified: Tue, 09 Apr 2024 23:06:42 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309064.652969,VS0,VE1
ETag: 0x8DC58E9B88C1612
Content-Type: image/jpeg
x-ms-request-id: 7d71257e-c01e-0067-7f79-e195ea000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK DT-S_8525ae61.jpg
static.thriftbooks.com/general/ 14 KB
15 KB 70ms
30ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.thriftbooks.com/general/DT-S_8525ae61.jpg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 30df009b127ffaf0dff4034577f3de48191c32aef8e5d190ab1250deb3e363ff

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:03 GMT
Via: 1.1 varnish
Content-MD5: Wrx3dPwN4yNU9XVZKSH/IQ==
Age: 2245
X-Cache: HIT
Connection: keep-alive
Content-Length: 14596
X-Served-By: cache-mia-kmia1760076-MIA
x-ms-lease-status: unlocked
Last-Modified: Tue, 09 Apr 2024 23:06:40 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309064.691660,VS0,VE0
ETag: 0x8DC58E9B7354EE2
Content-Type: image/jpeg
x-ms-request-id: e7130133-801e-0014-4ea7-cbcd79000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 2

POST
H3 200 homepagesliders Show response
ntqskdynsb.shop/stateless/slider/ 57 KB
17 KB 240ms
236ms XHR
application/json 104.21.85.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ntqskdynsb.shop/stateless/slider/homepagesliders

Requested by

Host: static.thriftbooks.com
URL: https://static.thriftbooks.com/prod/scripts/client/desktop/bundle.shared-vbid2-10392.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.85.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33011b5a794b0acd4e44f2fe2bb2c2b271ea6b693ec492441880a521ca32dd85

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-cache-hits: 0, 0
date: Tue, 30 Jul 2024 03:11:03 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: frame-ancestors 'self'
x-cache: MISS, MISS
x-ua-device: pc
bluegreen: blue
backend-name: 67p76nAHuMJBmLDjaSYYf0--F_sigsci_waf
alt-svc: h3=":443"; ma=86400
content-length: 16791
request-context: appId=cid-v1:c94469ec-8052-40ab-adb5-6507651e43b2
x-served-by: cache-ads-kdfw8210200-ADS, cache-dfw-kdfw8210046-DFW
pragma: no-cache
fastly-ssl: 1
server: cloudflare
x-timer: S1722309064.759105,VS0,VE78
vary: Accept-Encoding, User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Vec3pD1rIVpsKCTUFBYtvoIwDWitQJXTq38BijUzM29bYzk7bFVlZZZstaY7yrjair4uxkCpT3GNFJyODW6%2BehXIOn1liQKPcR2shcIu2VVBFzIkQ%2BIKIzj7Wx%2BiKBshww%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
accept-ranges: bytes
cf-ray: 8ab228c00a483707-MIA
expires: -1

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 50 KB
21 KB 250ms
111ms Script
application/javascript 2620:100:a00b::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=16616

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ddb9c8ac8d671a83a9fac02e0c5f21a70e474e16efa45c32beb14d057b9af826

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 212ms
61ms Script
application/x-javascript 18.173.219.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.219.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-219-101.jfk52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:57:51 GMT
content-encoding: gzip
via: 1.1 a41c564554b07cc8611f5945b432513a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: JFK52-P1
age: 72794
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6759
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Oct 2023 12:27:20 GMT
server: AmazonS3
etag: "15864ce88fa79a3e954417d0c3396798"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 0t50MRkG5gdQc7Zi9W5BbZlQaR-AhTnH9Wpp4QiBHlxJNzgEQysUzw==

GET
H/1.1 200
OK spx Show response
dx.mountain.com/ 22 KB
6 KB 274ms
60ms Script
application/javascript 34.238.149.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=36834&tdr=&plh=https%3A%2F%2Fntqskdynsb.shop%2F&cb=99618995187328640term=value
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.149.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-149-65.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 49330f8652590e77b8e20350358ea3195f12eed447d1b8bfb6d7b3ba968d92c0

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:03 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
x-envoy-upstream-service-time: 2
be: spx-prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13r3v3r3r5&tag_exp=95250752&rnd=237498038.1722309064&url=https%3A%2F%2Fntqskdynsb.shop%2F&dma=0&npa=0&gtm=45He47t0n715MSF27v6373732za200&auid=7271...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3v3r3r5&tag_exp=95250752&rnd=237498038.1722309064&url=https%3A%2F%2Fntqskdynsb.shop%2F&dma=0&npa=0&gtm=45He47t0n715MSF27v6373732za...

42 B
65 B

150ms
53ms

Ping
image/gif

172.217.222.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3v3r3r5&tag_exp=95250752&rnd=237498038.1722309064&url=https%3A%2F%2Fntqskdynsb.shop%2F&dma=0&npa=0&gtm=45He47t0n715MSF27v6373732za200&auid=727178091.1722309064

Requested by

Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/

Protocol

Server

172.217.222.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 03:11:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Jul 2024 03:11:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3v3r3r5&tag_exp=95250752&rnd=237498038.1722309064&url=https%3A%2F%2Fntqskdynsb.shop%2F&dma=0&npa=0&gtm=45He47t0n715MSF27v6373732za200&auid=727178091.1722309064
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 appboy.min.js Show response
js.appboycdn.com/web-sdk/3.3/ 187 KB
51 KB 171ms
57ms Script
application/javascript 2606:4700::6810:7809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.appboycdn.com/web-sdk/3.3/appboy.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:7809 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfc530a1fa97b92375721b6bfcd4ae131dca7ddc02533fbc82ea34e601d96b82

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 24 May 2021 16:21:11 GMT
server: cloudflare
x-amz-request-id: 7YBQHCD068N1BVR4
age: 3434
etag: W/"b5d9aa197bed9ad31e11a96482e8a985"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 8ab228c23aaa3358-MIA
x-amz-id-2: zdN/1Bvak+mfnLp5tNI2ztnxsqnTKpS51WrSro74VCENJmIOtTncz9vVlW9asSFVBLQCQtZB2TQ=
expires: Tue, 30 Jul 2024 07:11:04 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 12 KB
5 KB 213ms
62ms Script
application/x-javascript 108.139.33.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.33.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-33-128.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Mon, 29 Jul 2024 18:28:09 GMT
Content-Encoding: gzip
Via: 1.1 c4ce298584668e99f320a46c88c4a04a.cloudfront.net (CloudFront)
Last-Modified: Fri, 07 Jun 2024 09:20:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P2
Age: 31376
ETag: W/"a7eb6794e868fe870db350518165c868"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: X4rhPTszJDSQb-eogqlsdQY5Du6AzHR7rXF497stxIv-5rSjv1pZLQ==

GET
BLOB 200
OK c2ae7332-32b7-4f30-be37-6c934c6c5220
https://ntqskdynsb.shop/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ntqskdynsb.shop/c2ae7332-32b7-4f30-be37-6c934c6c5220
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 8d4d7af8-7d6e-4c86-b1f9-5ea2ed8df8fa
https://ntqskdynsb.shop/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ntqskdynsb.shop/8d4d7af8-7d6e-4c86-b1f9-5ea2ed8df8fa
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 8186aa3b-2b98-42ae-9148-19c611078900
https://ntqskdynsb.shop/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ntqskdynsb.shop/8186aa3b-2b98-42ae-9148-19c611078900
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 9e5366a6-6792-47c3-9b65-5fdffea35f1f
https://ntqskdynsb.shop/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ntqskdynsb.shop/9e5366a6-6792-47c3-9b65-5fdffea35f1f
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK fffa0702-ab4b-4341-b366-6561dd00f127
https://ntqskdynsb.shop/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ntqskdynsb.shop/fffa0702-ab4b-4341-b366-6561dd00f127
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK c9552858-8fa9-4b08-86f3-aa12cbae8a93
https://ntqskdynsb.shop/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ntqskdynsb.shop/c9552858-8fa9-4b08-86f3-aa12cbae8a93
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 1d6a2aa6-6e0e-4c6f-b05d-660e60b73de4
https://ntqskdynsb.shop/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ntqskdynsb.shop/1d6a2aa6-6e0e-4c6f-b05d-660e60b73de4
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 940e2e71-a61d-4926-a2c5-f5ee8d7b060c
https://ntqskdynsb.shop/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ntqskdynsb.shop/940e2e71-a61d-4926-a2c5-f5ee8d7b060c
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK b34af247-72ef-4626-a9e7-c82ff0e7c80b
https://ntqskdynsb.shop/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ntqskdynsb.shop/b34af247-72ef-4626-a9e7-c82ff0e7c80b
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H/1.1 200
OK onyx_storm_200_98565357.jpg
static.thriftbooks.com/general/ 53 KB
54 KB 33ms
30ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.thriftbooks.com/general/onyx_storm_200_98565357.jpg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bdf5b4bce93e893e24eed0b24f772f07d20c137bb9a4018e7aae74eef865bdc6

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:04 GMT
Via: 1.1 varnish
Content-MD5: ltncQYOaZnKmGJj24uSQ9g==
Age: 2322
X-Cache: HIT
Connection: keep-alive
Content-Length: 54658
X-Served-By: cache-mia-kmia1760076-MIA
x-ms-lease-status: unlocked
Last-Modified: Mon, 08 Jul 2024 19:27:00 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309064.315499,VS0,VE0
ETag: 0x8DC9F83F0648CBC
Content-Type: image/jpeg
x-ms-request-id: 9357c8c3-101e-005b-2ba0-ddbc2d000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 3

GET
H/1.1 200
OK A342AB9B7A9858C2FC21AE98A53E939F25405531.jpeg
i.thriftbooks.com/api/imagehandler/s/ 34 KB
34 KB 147ms
30ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.thriftbooks.com/api/imagehandler/s/A342AB9B7A9858C2FC21AE98A53E939F25405531.jpeg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 41b6f98e814784e87d3bff6abfe1bb042e1d57ae4787d2ad4d6bd03172f08537

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Served-By: cache-bfi-krnt7300078-BFI, cache-mia-kmia1760066-MIA
Date: Tue, 30 Jul 2024 03:11:04 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 26, 8
Server: Kestrel
Age: 1689741
X-Timer: S1722309064.429999,VS0,VE0
X-Cache: HIT, HIT
Content-Type: image/jpeg
Cache-Control: public,max-age=2628000
Content-Disposition: inline; filename=A342AB9B7A9858C2FC21AE98A53E939F25405531.jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34621
Request-Context: appId=cid-v1:2dc7a6a9-562f-4ee1-8af9-34b782cebb1b

GET
H/1.1 200
OK 40AE78163479E83EE34138CB913DD00C4BD9995A.jpeg
i.thriftbooks.com/api/imagehandler/s/ 10 KB
11 KB 148ms
32ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.thriftbooks.com/api/imagehandler/s/40AE78163479E83EE34138CB913DD00C4BD9995A.jpeg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: ecd8b01694105e3eec289c765e6f61ba2ca847a59f4b0e2cd0a8732a5da7887a

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Served-By: cache-bfi-krnt7300102-BFI, cache-mia-kmia1760095-MIA
Date: Tue, 30 Jul 2024 03:11:04 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 599, 15
Server: Kestrel
Age: 1858574
X-Timer: S1722309064.430172,VS0,VE0
X-Cache: HIT, HIT
Content-Type: image/jpeg
Cache-Control: public,max-age=2628000
Content-Disposition: inline; filename=40AE78163479E83EE34138CB913DD00C4BD9995A.jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10529
Request-Context: appId=cid-v1:2dc7a6a9-562f-4ee1-8af9-34b782cebb1b

GET
H/1.1 200
OK 109C1C7E2C24845143AD1D4D6227953CAB1ED706.jpeg
i.thriftbooks.com/api/imagehandler/s/ 35 KB
36 KB 211ms
31ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.thriftbooks.com/api/imagehandler/s/109C1C7E2C24845143AD1D4D6227953CAB1ED706.jpeg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: cdb83c2f0b8fcc5639a941bd4e9361ed1e63fe5692ea68829b4465096fa179e5

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Served-By: cache-bfi-krnt7300072-BFI, cache-mia-kmia1760056-MIA
Date: Tue, 30 Jul 2024 03:11:04 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 867, 54
Server: Kestrel
Age: 223490
X-Timer: S1722309064.494089,VS0,VE0
X-Cache: HIT, HIT
Content-Type: image/jpeg
Cache-Control: public,max-age=2628000
Content-Disposition: inline; filename=109C1C7E2C24845143AD1D4D6227953CAB1ED706.jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35918
Request-Context: appId=cid-v1:2dc7a6a9-562f-4ee1-8af9-34b782cebb1b

GET
H/1.1 200
OK small_2f812f09.png
static.thriftbooks.com/general/ 45 KB
46 KB 32ms
31ms Image
image/png 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.thriftbooks.com/general/small_2f812f09.png
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4b2551cd29d9abe9575eccd4b1671176907310a7b6a33981f9107c752edfbff4

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:04 GMT
Via: 1.1 varnish
Content-MD5: jdJFn1HCfzvNN5Wk3l+2KA==
Age: 3077
X-Cache: HIT
Connection: keep-alive
Content-Length: 46380
X-Served-By: cache-mia-kmia1760057-MIA
x-ms-lease-status: unlocked
Last-Modified: Thu, 25 Jul 2024 16:53:22 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309064.315874,VS0,VE0
ETag: 0x8DCACCA4B515198
Content-Type: image/png
x-ms-request-id: c52f2662-e01e-0060-2f2f-dff989000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 2

GET
H/1.1 200
OK 69DCCBB2D73A01E4572EA2AA9A8B469803167A69.jpeg
i.thriftbooks.com/api/imagehandler/s/ 23 KB
24 KB 211ms
31ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.thriftbooks.com/api/imagehandler/s/69DCCBB2D73A01E4572EA2AA9A8B469803167A69.jpeg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 7f77def5f0950089cf4b686b3ef5cddb907bc9e5b70610ab41ed70dacf0b1d79

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Served-By: cache-bfi-kbfi7400094-BFI, cache-mia-kmia1760077-MIA
Date: Tue, 30 Jul 2024 03:11:04 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 1865, 0
Server: Kestrel
Age: 316105
X-Timer: S1722309064.494142,VS0,VE1
X-Cache: HIT, HIT
Content-Type: image/jpeg
Cache-Control: public,max-age=2628000
Content-Disposition: inline; filename=69DCCBB2D73A01E4572EA2AA9A8B469803167A69.jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23656
Request-Context: appId=cid-v1:2dc7a6a9-562f-4ee1-8af9-34b782cebb1b

GET
H/1.1 200
OK 7A5EBC93CD875C071C84E782229A772EEB207882.jpeg
i.thriftbooks.com/api/imagehandler/s/ 35 KB
35 KB 194ms
31ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.thriftbooks.com/api/imagehandler/s/7A5EBC93CD875C071C84E782229A772EEB207882.jpeg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 14f8e98dc155af1da36257e80c6f38bb0ba94349edb31efc977678e6c1e530cb

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Served-By: cache-bfi-kbfi7400086-BFI, cache-mia-kmia1760066-MIA
Date: Tue, 30 Jul 2024 03:11:04 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 314, 0
Server: Kestrel
Age: 1717836
X-Timer: S1722309064.477137,VS0,VE1
X-Cache: HIT, HIT
Content-Type: image/jpeg
Cache-Control: public,max-age=2628000
Content-Disposition: inline; filename=7A5EBC93CD875C071C84E782229A772EEB207882.jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35537
Request-Context: appId=cid-v1:2dc7a6a9-562f-4ee1-8af9-34b782cebb1b

GET
H/1.1 200
OK A43CE32A57283FA6E60AEE30E1C6DC3A9313DCA4.jpeg
i.thriftbooks.com/api/imagehandler/s/ 53 KB
53 KB 177ms
35ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.thriftbooks.com/api/imagehandler/s/A43CE32A57283FA6E60AEE30E1C6DC3A9313DCA4.jpeg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 83b99089a17a9d5a839b37b3119cf28afc310d5bbd9966fd5d98ae0a5835ee4e

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Served-By: cache-bfi-kbfi7400080-BFI, cache-mia-kmia1760040-MIA
Date: Tue, 30 Jul 2024 03:11:04 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 1232, 0
Server: Kestrel
Age: 476220
X-Timer: S1722309064.460374,VS0,VE1
X-Cache: HIT, HIT
Content-Type: image/jpeg
Cache-Control: public,max-age=2628000
Content-Disposition: inline; filename=A43CE32A57283FA6E60AEE30E1C6DC3A9313DCA4.jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54080
Request-Context: appId=cid-v1:2dc7a6a9-562f-4ee1-8af9-34b782cebb1b

GET
H/1.1 200
OK AF6370CC54728A1618A01F56281A45756EF41BA2.jpeg
i.thriftbooks.com/api/imagehandler/s/ 47 KB
48 KB 141ms
30ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.thriftbooks.com/api/imagehandler/s/AF6370CC54728A1618A01F56281A45756EF41BA2.jpeg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: afcc408ef24f9465f6e347b94ef9d549350b58f6d3bb3a1e39f18e1f993e1625

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Served-By: cache-bfi-krnt7300024-BFI, cache-mia-kmia1760056-MIA
Date: Tue, 30 Jul 2024 03:11:04 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 13, 10
Server: Kestrel
Age: 195865
X-Timer: S1722309064.429934,VS0,VE0
X-Cache: HIT, HIT
Content-Type: image/jpeg
Cache-Control: public,max-age=2628000
Content-Disposition: inline; filename=AF6370CC54728A1618A01F56281A45756EF41BA2.jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48623
Request-Context: appId=cid-v1:2dc7a6a9-562f-4ee1-8af9-34b782cebb1b

GET
H/1.1 200
OK B74F904421F2838E0B671D793403DB2D67E539FA.jpeg
i.thriftbooks.com/api/imagehandler/s/ 17 KB
18 KB 182ms
33ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.thriftbooks.com/api/imagehandler/s/B74F904421F2838E0B671D793403DB2D67E539FA.jpeg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: ea70350dc40d05d23aa597216415c5ba983143ff770ea58700ee2c85a7687f1c

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Served-By: cache-bfi-krnt7300063-BFI, cache-mia-kmia1760095-MIA
Date: Tue, 30 Jul 2024 03:11:04 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 1441, 0
Server: Kestrel
Age: 1179608
X-Timer: S1722309064.467240,VS0,VE3
X-Cache: HIT, HIT
Content-Type: image/jpeg
Cache-Control: public,max-age=2628000
Content-Disposition: inline; filename=B74F904421F2838E0B671D793403DB2D67E539FA.jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17525
Request-Context: appId=cid-v1:2dc7a6a9-562f-4ee1-8af9-34b782cebb1b

GET
H/1.1 200
OK 362E4104CAD2CE462782EF7CE234389C7060DBEA.jpeg
i.thriftbooks.com/api/imagehandler/s/ 29 KB
29 KB 143ms
31ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.thriftbooks.com/api/imagehandler/s/362E4104CAD2CE462782EF7CE234389C7060DBEA.jpeg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 750eac5fd8c80c475c17e3942903fa718301a9a49fd405b5c2aa331f0b600227

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Served-By: cache-bfi-krnt7300085-BFI, cache-mia-kmia1760049-MIA
Date: Tue, 30 Jul 2024 03:11:04 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 3866, 4
Server: Kestrel
Age: 2282122
X-Timer: S1722309064.430133,VS0,VE0
X-Cache: HIT, HIT
Content-Type: image/jpeg
Cache-Control: public,max-age=2628000
Content-Disposition: inline; filename=362E4104CAD2CE462782EF7CE234389C7060DBEA.jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29199
Request-Context: appId=cid-v1:2dc7a6a9-562f-4ee1-8af9-34b782cebb1b

GET
H/1.1 200
OK F0C4081165517ADC6700585B8174ABA710BBFD3E.jpeg
i.thriftbooks.com/api/imagehandler/s/ 38 KB
39 KB 145ms
30ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.thriftbooks.com/api/imagehandler/s/F0C4081165517ADC6700585B8174ABA710BBFD3E.jpeg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: b28bc5f5054f65a676e744e678b1f651ee87a8e5589e15f85fc45cd135d49e19

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Served-By: cache-bfi-kbfi7400113-BFI, cache-mia-kmia1760077-MIA
Date: Tue, 30 Jul 2024 03:11:04 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 6242, 2
Server: Kestrel
Age: 2465134
X-Timer: S1722309064.433327,VS0,VE0
X-Cache: HIT, HIT
Content-Type: image/jpeg
Cache-Control: public,max-age=2628000
Content-Disposition: inline; filename=F0C4081165517ADC6700585B8174ABA710BBFD3E.jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38996
Request-Context: appId=cid-v1:2dc7a6a9-562f-4ee1-8af9-34b782cebb1b

GET
H/1.1 200
OK 1AF727234C9DC5EC0F0D9F7A12BF49B00A9C3791.jpeg
i.thriftbooks.com/api/imagehandler/s/ 28 KB
28 KB 221ms
31ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.thriftbooks.com/api/imagehandler/s/1AF727234C9DC5EC0F0D9F7A12BF49B00A9C3791.jpeg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 63f7266f84bfb6c88960363c9ba3f6e75a7773a85c3ffde3ad1750f1d8b169c6

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Served-By: cache-bfi-krnt7300114-BFI, cache-mia-kmia1760095-MIA
Date: Tue, 30 Jul 2024 03:11:04 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 51, 0
Server: Kestrel
Age: 241457
X-Timer: S1722309065.508062,VS0,VE1
X-Cache: HIT, HIT
Content-Type: image/jpeg
Cache-Control: public,max-age=2628000
Content-Disposition: inline; filename=1AF727234C9DC5EC0F0D9F7A12BF49B00A9C3791.jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28379
Request-Context: appId=cid-v1:2dc7a6a9-562f-4ee1-8af9-34b782cebb1b

GET
H/1.1 200
OK 0C3AE1BA32A1133E09A1EDA9D78D20502B572741.jpeg
i.thriftbooks.com/api/imagehandler/s/ 30 KB
30 KB 187ms
31ms Image
image/jpeg 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.thriftbooks.com/api/imagehandler/s/0C3AE1BA32A1133E09A1EDA9D78D20502B572741.jpeg
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 31f36668c2418d59cd88ebdfb4f26ce68b421754d49cd916614c7160937d3c1b

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Served-By: cache-bfi-krnt7300109-BFI, cache-mia-kmia1760049-MIA
Date: Tue, 30 Jul 2024 03:11:04 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 58, 1316
Server: Kestrel
Age: 2281414
X-Timer: S1722309064.474457,VS0,VE0
X-Cache: HIT, HIT
Content-Type: image/jpeg
Cache-Control: public,max-age=2628000
Content-Disposition: inline; filename=0C3AE1BA32A1133E09A1EDA9D78D20502B572741.jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30275
Request-Context: appId=cid-v1:2dc7a6a9-562f-4ee1-8af9-34b782cebb1b

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 298ms
72ms Script
application/javascript 2600:1408:ec00:28e::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:ec00:28e::1931 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b4875b0fdafde57e054fd846053f25f22afbe89f3fc3adae15f01b0328d2f0e7

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
etag: "62a16567a3d56a4149035792551d5ebf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1882

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 296 KB
100 KB 60ms
59ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T0W870EHBL&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fcc41a055a9e89b09a46fb8ca80c0878fd467c41d8f5d185ac78263f3e58caeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102706
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 30 Jul 2024 03:11:04 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 206ms
58ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jul 2024 03:11:04 GMT
document-policy: force-load-at-top
x-fb-server-load: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=12, mss=1297, tbw=2789, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: sWJMevKdw80r6tQ+rBg6jWM0StiqrecTn+IGrgGs+kpD/NNbnJz2aia73Qw7nHarOILozAR9FFGVWhJfMQNyVg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 snl9t30fh0.js Show response
tracker.marinsm.com/tracker/async/ 0
321 B 289ms
60ms Script
text/javascript 13.225.63.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.marinsm.com/tracker/async/snl9t30fh0.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-11.ewr53.r.cloudfront.net
Software: Apache/2.4.6 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 10:26:32 GMT
via: 1.1 1654fbe9176188c45d0b894b1eaf5aa0.cloudfront.net (CloudFront)
server: Apache/2.4.6 (CentOS)
x-amz-cf-pop: EWR53-C1
age: 60272
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
cache-control: max-age=172800
x-marintrackerversion: 3
content-length: 0
x-amz-cf-id: AifBNWQqnUNheWD30QX1Aw1Kg4Nl81uV_FXN3a9cutvA7qK3Zhf_qA==
expires: Mon, 29 Jul 2024 10:29:25 GMT

GET
H/1.1 200
OK is Show response
18.210.229.244/ 32 B
437 B 228ms
60ms Fetch
text/plain 18.210.229.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://18.210.229.244/is
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=36834&tdr=&plh=https%3A%2F%2Fntqskdynsb.shop%2F&cb=99618995187328640term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.210.229.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-229-244.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 68ace0238292d2ea0bb3f8698d91614da143fda72fde0aedf4ed8a4e5e0a0cbc

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:04 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 32
x-application-context: application:prod:8080

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl171502054107882&ns=8586&nc=ThriftBooks-Site-Visitor&ncv=69
https://action.media6degrees.com/orbserv/nsjs?adv=cl171502054107882&ns=8586&nc=ThriftBooks-Site-Visitor&ncv=69

5 B
606 B

90ms
89ms

Script
text/html

2606:4700:4400::ac40:97ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl171502054107882&ns=8586&nc=ThriftBooks-Site-Visitor&ncv=69
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: H2
Server: 2606:4700:4400::ac40:97ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 03:11:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=ISO-8859-1
content-language: en-US
access-control-allow-origin: *
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
cf-ray: 8ab228c6ccaa3710-MIA

Redirect headers

location: https://action.media6degrees.com/orbserv/nsjs?adv=cl171502054107882&ns=8586&nc=ThriftBooks-Site-Visitor&ncv=69
access-control-allow-origin: *
date: Tue, 30 Jul 2024 03:11:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8ab228c5bbeb3710-MIA
content-type: text/html; charset=iso-8859-1

GET
H2 200 O2TzcokkEtP08zrP0IgW.js Show response
tags.creativecdn.com/ 4 KB
2 KB 266ms
66ms Script
application/javascript 2a02:6ea0:e200::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.creativecdn.com/O2TzcokkEtP08zrP0IgW.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:e200::17 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop: ashburnUSVA
date: Tue, 30 Jul 2024 03:11:04 GMT
content-encoding: gzip
age: 2
x-accel-date-max: 1721258333
x-guploader-uploadid: ACJd0NrLUZcg0BslqLDqCu1sgvtSPjL92MFIs04_6ilmGORh5eogV2HMqbQz8aRYjVPm7E3BbyVR_T50yQ
x-77-cache: HIT
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-age: 167
x-accel-date: 1722308897
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-77-nzt: EgwBbT1b5QH3pwAAAAwBnJI74gH3AQAAAA
x-accel-expires: @1722312489
x-77-age: 167
last-modified: Thu, 09 May 2024 16:58:11 GMT
server: CDN77-Turbo
etag: W/"78b3a4445c5c913a617366319a3ea25b"
x-77-nzt-ray: 0f63d41956d2ee63c859a866631bcd24
vary: Accept-Encoding
x-goog-hash: crc32c=yg8fAA==, md5=eLOkRFxckTphc2Yxmj6iWw==
x-goog-generation: 1715273891691750
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 4036
expires: Thu, 18 Jul 2024 00:18:50 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
13 KB 148ms
30ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 20 Jun 2024 19:23:03 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 12116

GET
H2 200 7f85a56ba4.css
use.fontawesome.com/ 1 KB
871 B 143ms
40ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/7f85a56ba4.css
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 00:57:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1322
etag: W/"8360eb270b919a1fb4776bc448d9ed14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iVjBbzKT%2BeTqCe83a%2BES5p562ieRo0qoq1%2BNdmAH50CHhyBzWRR4Kfnqq2L%2FLk0nADmy57saIPUqvlJemVMIgqbXyL6FZNKxdr5FhJT8BCC3GT6bomxgz4zH75TS5lVcB7WZwthzqZRitdRpQvtwACIJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 8ab228c52f3d8757-MIA
alt-svc: h3=":443"; ma=86400

POST
H2 201 / Show response
sdk.iad-05.braze.com/api/v3/data/ 2 KB
1 KB 140ms
138ms XHR
application/json 2606:4700:4400::ac40:965f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Requested by

Host: js.appboycdn.com
URL: https://js.appboycdn.com/web-sdk/3.3/appboy.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b7421b7a7c241f0da4c8629370043a7227e4c0e8a65c037095c3597534b7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: 9b697b56-3ad5-4d70-afb3-6bf89f582a03
Referer: https://ntqskdynsb.shop/
X-Braze-TriggersRequest: true
X-Requested-With: XMLHttpRequest
X-Braze-DataRequest: true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 30 Jul 2024 03:11:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: e3d2207e-039c-4de4-a239-d1bdaed14be5
x-runtime: 0.048896
server: cloudflare
etag: W/"05b7421b7a7c241f0da4c8629370043a"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
x-ratelimit-reset: 1722309066
access-control-max-age: 7200
x-ratelimit-limit: 500.0
cf-ray: 8ab228c679d83349-MIA
x-ratelimit-remaining: 475.0

OPTIONS
H2 200 /
sdk.iad-05.braze.com/api/v3/data/ Frame 0
0 245ms
94ms Preflight 2606:4700:4400::ac40:965f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://ntqskdynsb.shop
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 8ab228c5d9273349-MIA
content-encoding: gzip
date: Tue, 30 Jul 2024 03:11:04 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
BLOB 200
OK 130794f4-edcb-4a33-bef3-c257cb576520
https://ntqskdynsb.shop/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ntqskdynsb.shop/130794f4-edcb-4a33-bef3-c257cb576520
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 171ms
56ms Script
text/javascript 2607:f8b0:400d:c07::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jul 2024 02:22:32 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2912
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 30 Jul 2024 04:22:32 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 220ms
55ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 30 Jul 2024 03:11:03 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 81B5752F7EDC4AE89128A1763647FF58 Ref B: MIAEDGE1715 Ref C: 2024-07-30T03:11:04Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 60ms
59ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1008264088&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

a6ab76bf7b38db620d0f444459357310aeb71827fc6576627dc16d7a424a0e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93108
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 30 Jul 2024 03:11:04 GMT

GET
BLOB 200
OK 1edb0adf-66cd-46a6-bfc3-7d9a845503ca
https://ntqskdynsb.shop/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ntqskdynsb.shop/1edb0adf-66cd-46a6-bfc3-7d9a845503ca
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 index.html
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/ Frame 42B9 0
0 174ms
58ms Document
text/html 18.173.219.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=491795f0000064000503e008

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.219.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-219-114.jfk52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ntqskdynsb.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 71208
cache-control: max-age=86400
content-encoding: gzip
content-length: 3375
content-type: text/html
date: Mon, 29 Jul 2024 07:24:17 GMT
etag: "6cb2e554d1f9df083d1600334387460e"
last-modified: Mon, 22 Jul 2024 09:49:08 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 46a179b8ac401f1f1def1c8690577c3e.cloudfront.net (CloudFront)
x-amz-cf-id: _6kKsqYeO95ysGa8UkhJJyM5OxNcQ0b8lgxFhNWlmjliBaW7y_ll6g==
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 collect
analytics.google.com/g/ 0
0 209ms
79ms Fetch
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-T0W870EHBL&gtm=45je47t0v876675616z86373732za200zb6373732&_p=1722309063416&_gaz=1&gcs=G111&gcd=13r3v3r3r5&npa=0&dma=0&tag_exp=95250753&cid=934388571.1722309065&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722309064&sct=1&seg=0&dl=https%3A%2F%2Fntqskdynsb.shop%2F&dt=New%20%26%20Used%20Books%20%7C%20Buy%20Cheap%20Books%20Online%20at%20ThriftBooks&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2087
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T0W870EHBL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 03:11:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ntqskdynsb.shop
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 173ms
57ms Ping
text/plain 2607:f8b0:400d:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T0W870EHBL&cid=934388571.1722309065&gtm=45je47t0v876675616z86373732za200zb6373732&aip=1&dma=0&gcs=G111&gcd=13r3v3r3r5&npa=0&frm=0&tag_exp=95250753
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T0W870EHBL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c04::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 03:11:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ntqskdynsb.shop
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET syncframe
gum.criteo.com/ Frame 3A8B 0
0

GET
H2 200 syncframe
gum.criteo.com/ Frame 3A8B 0
0 170ms
59ms Document
text/html 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=ntqskdynsb.shop&origin=onetag&us_privacy=1-N-

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ntqskdynsb.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jul 2024 03:11:04 GMT
server: Kestrel
server-processing-duration-in-ticks: 331711
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 39ms
39ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/7f85a56ba4.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Referer: https://use.fontawesome.com/7f85a56ba4.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2539388
etag: W/"36082410df2ef7f83932219089dc1443"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L8UujJl86GU4dkdMQX%2Fo0FE0io9n9o1sxEbWTys0Apw9Vxy5c3iLjx6RbWjFLnU6kjV0TtS1GTqtPdPAKHgpNyBaMmRyjf3B70rNJ7mzc3Sh47s62T806vj5O3eQ5xGBlBlGu16XqVJdL8%2BvWESnUsjf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 8ab228c57f7c8757-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/a2_ezlyc8bmrv3n/ 3 B
124 B 129ms
31ms XHR
application/json 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/a2_ezlyc8bmrv3n/config
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:04 GMT
content-encoding: gzip
via: 1.1 varnish
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 27

GET
H2 200 a2_ezlyc8bmrv3n_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
699 B 104ms
42ms XHR
application/json 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_ezlyc8bmrv3n_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:04 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 97

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 127ms
31ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1722309064562&id=a2_ezlyc8bmrv3n&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=1020c9a2-e40c-4011-9cd3-728ea1d214e6&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:04 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 50ms
49ms Image
text/html 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-1008264088&v=3&t=t&pid=1628271645&cv=1&rv=47t0&tc=8&tag_exp=95250753&es=1&e=gtm.init_consent&eid=3&u=AAAAAIACAAAAAAAAAAAAAAAY&h=Ag&z=0

Requested by

Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:04 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 52ms
51ms Image
text/html 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-1008264088&v=3&t=t&pid=1628271645&cv=1&rv=47t0&tc=8&tag_exp=95250753&es=1&e=gtm.init&eid=4&u=AAAAAIACAAAAAAAAAAAAAAAY&h=Ag&tr=3ogtadsdatatos.3ogt1pdatav2.1ccdadsfirst.1ccdpreautopii.1ccdemform.1ccdadd1pdata.1ccdadslast&ti=2ogtadsdatatos.2ogt1pdatav2.2ccdadsfirst.2ccdpreautopii.2ccdemform.2ccdadd1pdata.2ccdadslast&z=0

Requested by

Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:04 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 54ms
52ms Image
text/html 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-1008264088&v=3&t=t&pid=1628271645&cv=1&rv=47t0&tc=8&tag_exp=95250753&es=1&e=gtag.config&eid=5&u=AAAAAIACAAAAAAAAAAAAAAAY&h=Ag&tr=1rep&ti=1rep&z=0

Requested by

Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:04 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 55ms
54ms Image
text/html 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-1008264088&v=3&t=t&pid=1628271645&cv=1&rv=47t0&tc=8&tag_exp=95250753&es=1&e=*&eid=6&u=AAAAAIAKAAAAACAAAAAAAAAY&h=Ag&epr=1siloed_AW&z=0

Requested by

Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:04 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 55ms
54ms Image
text/html 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-1008264088&v=3&t=t&pid=1628271645&cv=1&rv=47t0&tc=8&tag_exp=95250753&es=1&e=*&eid=10&u=AAAAAIAKAAAAACAAAAAAAAAY&h=Ag&z=0

Requested by

Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:04 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
1 KB 488ms
113ms Script
application/javascript 52.42.124.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=G-T0W870EHBL&ga_client_id=934388571.1722309065&shpt=New%20%26%20Used%20Books%20%7C%20Buy%20Cheap%20Books%20Online%20at%20ThriftBooks&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-T0W870EHBL%22%2C%22ga_client_id%22%3A%22934388571.1722309065%22%2C%22shpt%22%3A%22New%20%26%20Used%20Books%20%7C%20Buy%20Cheap%20Books%20Online%20at%20ThriftBooks%22%2C%22dcm_cid%22%3A%221722309064.1%22%2C%22mntnis%22%3A%22gjXygUlVV%2BGzdGQnOH9fPlbSPNESyYlQ%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A3%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1722309064.1&available_ga=%5B%7B%22id%22%3A%22G-T0W870EHBL%22%2C%22sess_id%22%3A%221722309064%22%7D%5D&hardcoded_ga=G-T0W870EHBL&dxver=4.0.0&shaid=36834&plh=https%3A%2F%2Fntqskdynsb.shop%2F&cb=99618995187328640term%3Dvalue&shcq=0&shpc=&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.42.124.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-124-195.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: df6fffc7c24b4763cde6cfc9426aebe793ea22dc435d85f859ffd106d029f034

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:05 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 1
connection: close

OPTIONS
H2 200 v2
us.creativecdn.com/tags/ Frame 0
0 196ms
53ms Preflight 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags/v2?type=json
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH, CY),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ntqskdynsb.shop
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://ntqskdynsb.shop
access-control-max-age: 3600
content-length: 0
date: Tue, 30 Jul 2024 03:11:04 GMT
vary: Origin

POST
H2

204

v2 Show response
us.creativecdn.com/tags/
Redirect Chain

https://us.creativecdn.com/tags/v2?type=json
https://us.creativecdn.com/tags/v2?type=json&tc=1

0
169 B

57ms
55ms

Fetch

185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags/v2?type=json&tc=1
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: H2
Server: 185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH, CY),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://ntqskdynsb.shop
vary: Origin
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

pragma: no-cache
date: Tue, 30 Jul 2024 03:11:05 GMT, Tue, 30 Jul 2024 03:11:05 GMT
access-control-max-age: 3600
vary: Origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin: https://ntqskdynsb.shop
access-control-allow-methods: GET, POST
location: https://us.creativecdn.com/tags/v2?type=json&tc=1
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK 2adf38d1-fd8c-4b0e-951d-2151b0bee793
https://ntqskdynsb.shop/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ntqskdynsb.shop/2adf38d1-fd8c-4b0e-951d-2151b0bee793
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 5e3dde77-9264-4338-8406-28080da69029
https://ntqskdynsb.shop/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ntqskdynsb.shop/5e3dde77-9264-4338-8406-28080da69029
Requested by: Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 405875469622819 Show response
connect.facebook.net/signals/config/ 70 KB
14 KB 121ms
120ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/405875469622819?v=2.9.162&r=stable&domain=ntqskdynsb.shop&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

326ed89109181bb7ed322d9c05bb481bbfe6b20a6e0d8f701b7d94e981811ff7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jul 2024 03:11:04 GMT
document-policy: force-load-at-top
x-fb-server-load: 22
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=66, mss=1297, tbw=64191, tp=-1, tpl=-1, uplat=63, ullat=0
pragma: public
x-fb-debug: bq53DeqQCgHnihPDXHZCeZygisaEH+ufIWeIyW0sw7kaLtXPqUepGm9hUWE7TBRaMMUkg4XSLvGZLPa3KFfQVA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
208 B 61ms
60ms XHR
text/plain 2607:f8b0:400d:c07::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1309383673&t=pageview&_s=1&dl=https%3A%2F%2Fntqskdynsb.shop%2F&ul=en-us&de=UTF-8&dt=New%20%26%20Used%20Books%20%7C%20Buy%20Cheap%20Books%20Online%20at%20ThriftBooks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgQABAAAAAC~&jid=583646809&gjid=489676451&cid=934388571.1722309065&tid=UA-2012106-1&_gid=1026092897.1722309065&_slc=1&gtm=45He47t0n715MSF27v6373732za200&cd6=0&gcs=G111&gcd=13r3v3r3r5&dma=0&tag_exp=95250752&z=185569447

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 03:11:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ntqskdynsb.shop
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 57ms
56ms XHR
text/plain 2607:f8b0:400d:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2012106-1&cid=934388571.1722309065&jid=583646809&gjid=489676451&_gid=1026092897.1722309065&_u=YCDAgQABAAAAAG~&z=1201053936

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Jul 2024 03:11:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ntqskdynsb.shop
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1008264088/ 43 B
62 B 58ms
57ms Script
text/javascript 172.217.222.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008264088/?random=1722309064648&cv=11&fst=1722309064648&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9117543730z86373732za201zb6373732&gcd=13r3v3r3r5&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fntqskdynsb.shop%2F&hn=www.googleadservices.com&frm=0&tiba=New%20%26%20Used%20Books%20%7C%20Buy%20Cheap%20Books%20Online%20at%20ThriftBooks&npa=0&us_privacy=1-N-&pscdl=noapi&auid=727178091.1722309064&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=ecomm_prodid%3Dnull%3Becomm_totalvalue%3Dnull%3Bads_data_redaction%3Dtrue&rfmt=3&fmt=4

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f155.1e100.net

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 03:11:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5188735.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 57ms
56ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5188735.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

80d72be0778b0b2964b7005b4c5c01aeed015a6b13443a13d38972dfa816fd0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Tue, 30 Jul 2024 03:11:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 634AFDAD973940A29F779A096D754E81 Ref B: MIAEDGE1715 Ref C: 2024-07-30T03:11:04Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 200 main.15f60036.js Show response
s.pinimg.com/ct/lib/ 80 KB
23 KB 61ms
60ms Script
application/javascript 2600:1408:ec00:28e::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.15f60036.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:ec00:28e::1931 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 64242620e74b79915f5014b875ae73457a4738c559ad8a8306f2afa846534ad5

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
etag: "8de095625367fc80faddb31d1c4af0e3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 23297

GET
H2 200 5188735 Show response
www.clarity.ms/tag/uet/ 877 B
1 KB 191ms
94ms Script
application/x-javascript 2620:1ec:bdf::38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5188735
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3cc33c0dca4f34f387f193b19a196f05043856b73b1b70e243dd26ca816ecccc

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
date: Tue, 30 Jul 2024 03:11:04 GMT
x-azure-ref: 20240730T031104Z-17f499b9d9466ctsn9ubzd6bu400000003mg000000013ysu
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 877
expires: -1

GET
H2 204 0
bat.bing.com/action/ 0
359 B 56ms
54ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5188735&tm=gtm002&Ver=2&mid=a6699d74-2487-4c78-b64c-2fd6e20c667d&sid=5b838a704e2111ef9d786f1f21d396f5&vid=5b83c8c04e2111efaca8e73360fd7ae1&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=New%20%26%20Used%20Books%20%7C%20Buy%20Cheap%20Books%20Online%20at%20ThriftBooks&p=https%3A%2F%2Fntqskdynsb.shop%2F&r=&lt=1251&evt=pageLoad&sv=1&cdb=ARoR&rn=288787

Requested by

Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Jul 2024 03:11:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 455ABDE09F52452D949D2791291DDFF0 Ref B: MIAEDGE1715 Ref C: 2024-07-30T03:11:04Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 321 B
704 B 265ms
66ms XHR
application/json 23.222.193.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614239063593&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1722309064833&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.15f60036.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.193.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-222-193-6.deploy.static.akamaitechnologies.com

Software

Resource Hash

27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.08c83017.1722309065.7c4769bd
x-envoy-upstream-service-time: 1
content-length: 186
x-pinterest-rid: 5538302506372124
pin-unauth: dWlkPU1HVm1NbVEzT0dNdFpqWXhZeTAwTjJNekxUZ3lZVFV0TXpJMlpHSTNNRFJsWVdSbA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ntqskdynsb.shop
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 24566c1eacfd475e71889db2e24a77832ef4e778
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
522 B 261ms
65ms Fetch
image/gif 23.222.193.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/v3/?tid=2614239063593&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fntqskdynsb.shop%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2215f60036%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1722309064836

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.15f60036.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.193.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-222-193-6.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:05 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.08c83017.1722309065.7c4769bc
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=600
content-length: 35
x-pinterest-rid: 4165193627140315
pragma: no-cache
referrer-policy: origin
content-type: image/gif
access-control-allow-origin: https://ntqskdynsb.shop
pinterest-version: 24566c1eacfd475e71889db2e24a77832ef4e778
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
269 B 175ms
57ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=405875469622819&ev=PageView&dl=https%3A%2F%2Fntqskdynsb.shop%2F&rl=&if=false&ts=1722309064856&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722309064850.24460000654901682&cs_est=true&ler=empty&cdl=API_unavailable&it=1722309064707&coo=false&rqm=GET

Requested by

Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1297, tbw=2818, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Jul 2024 03:11:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 268ms
152ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=405875469622819&ev=PageView&dl=https%3A%2F%2Fntqskdynsb.shop%2F&rl=&if=false&ts=1722309064856&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722309064850.24460000654901682&cs_est=true&ler=empty&cdl=API_unavailable&it=1722309064707&coo=false&rqm=FGET

Requested by

Host: ntqskdynsb.shop
URL: https://ntqskdynsb.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Tue, 30 Jul 2024 03:11:05 GMT
document-policy: force-load-at-top
x-fb-server-load: 32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397261108797332118", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=15, mss=1297, tbw=3131, tp=-1, tpl=-1, uplat=93, ullat=0
pragma: no-cache
x-fb-debug: 74LUe1UhFyBk2i9jdvlMfUgzXu6FfK8QXo8ixvAxoo/B0eTipeI01owKPUsNQR4EryDyXghuJt1j5Z0lOrjivg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397261108797332118"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.41/ 62 KB
26 KB 62ms
61ms Script
application/javascript 2620:1ec:bdf::38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.41/clarity.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:04 GMT
content-encoding: br
last-modified: Fri, 26 Jul 2024 23:49:00 GMT
etag: W/"0x8DCADCD85F8E42A"
vary: Accept-Encoding
x-azure-ref: 20240730T031104Z-17f499b9d9466ctsn9ubzd6bu400000003mg000000013yt7
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 8a1fe108-501e-0029-6897-e010af000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

OPTIONS
H2 200 v2
us.creativecdn.com/tags/ Frame 0
0 54ms
53ms Preflight 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags/v2?type=json&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH, CY),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ntqskdynsb.shop
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://ntqskdynsb.shop
access-control-max-age: 3600
content-length: 0
date: Tue, 30 Jul 2024 03:11:05 GMT
vary: Origin

GET
H/1.1 200
OK gs Show response
gs.mountain.com/ 144 B
733 B 500ms
113ms Script
application/javascript 52.12.117.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gs.mountain.com/gs
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.12.117.226 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-12-117-226.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 7734dc2b438b0cc3d73132d8bada614ef91edd88247cce09e212dda5e9b28631

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:05 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 144
x-application-context: application:prod:8080

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
279 B 299ms
159ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://ntqskdynsb.shop
Date: Tue, 30 Jul 2024 03:11:05 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
1 KB 346ms
131ms Script
application/javascript 52.42.124.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=G-T0W870EHBL&ga_client_id=934388571.1722309065&shpt=New%20%26%20Used%20Books%20%7C%20Buy%20Cheap%20Books%20Online%20at%20ThriftBooks&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-T0W870EHBL%22%2C%22ga_client_id%22%3A%22934388571.1722309065%22%2C%22shpt%22%3A%22New%20%26%20Used%20Books%20%7C%20Buy%20Cheap%20Books%20Online%20at%20ThriftBooks%22%2C%22dcm_cid%22%3A%221722309064.1%22%2C%22mntnis%22%3A%22gjXygUlVV%2BGzdGQnOH9fPlbSPNESyYlQ%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A3%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1722309064.1&available_ga=%5B%7B%22id%22%3A%22G-T0W870EHBL%22%2C%22sess_id%22%3A%221722309064%22%7D%5D&hardcoded_ga=G-T0W870EHBL&dxver=4.0.0&shaid=36834&plh=https%3A%2F%2Fntqskdynsb.shop%2F&shcq=0&shpc=&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue&cb=1722309065114791&shguid=4c23ff03-f0c2-3267-849d-e93ae8346034&shgts=1722309065619
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.42.124.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-124-195.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:05 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 20
connection: close

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=74982033907B4B8C99B5E1C0462C1A7D&RedC=c.clarity.ms&MXFR=034FAC878BF969FC3BA1B84B8FF9677A
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=74982033907B4B8C99B5E1C0462C1A7D&MUID=1EF57B6437BC6F2903746FA836026E92

42 B
442 B

52ms
52ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=74982033907B4B8C99B5E1C0462C1A7D&MUID=1EF57B6437BC6F2903746FA836026E92
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 03:11:06 GMT
last-modified: Tue, 25 Jun 2024 19:54:30 GMT
server: Microsoft-IIS/10.0
etag: "df9747e39c7da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 30 Jul 2024 03:11:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 03E9F109516D4FC68E3C153BFAACC981 Ref B: MIAEDGE1715 Ref C: 2024-07-30T03:11:06Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=74982033907B4B8C99B5E1C0462C1A7D&MUID=1EF57B6437BC6F2903746FA836026E92
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
2 KB 54ms
54ms Script
application/javascript 23.222.193.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/static/ct/token_create.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js

Protocol

Security

QUIC, , AES_256_GCM

Server

23.222.193.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-222-193-6.deploy.static.akamaitechnologies.com

Software

Resource Hash

cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.0cc83017.1722309066.b8b53011
etag: "19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
alt-svc: h3=":443"; ma=600
content-length: 2108
quic-version: 0x00000001

GET
H/1.1 200
OK /
arttrk.com/pixel/ 43 B
131 B 278ms
60ms Image
image/gif 44.217.21.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arttrk.com/pixel/?ad_log=referer&action=lead&pixid=c5c54f68-8ce1-4354-af50-2d68209c877a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.217.21.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-217-21-19.compute-1.amazonaws.com
Software: /
Resource Hash: 693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
BLOB 200
OK a45f0993-378c-493f-8d0d-205b7e52b41d
https://ntqskdynsb.shop/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ntqskdynsb.shop/a45f0993-378c-493f-8d0d-205b7e52b41d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK e71a4f28-03fb-41e1-a02a-bb1f6024eb89
https://ntqskdynsb.shop/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ntqskdynsb.shop/e71a4f28-03fb-41e1-a02a-bb1f6024eb89
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

POST
H2 206 track Show response
dc.services.visualstudio.com/v2/ 317 B
421 B 59ms
57ms XHR
application/json 52.179.73.39
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.179.73.39 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

ce2f5f717894e0800586a3fb5022ac8e8ea105d8a7dee912532b61d9a6fee7be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ntqskdynsb.shop/
Sdk-Context: appId
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Tue, 30 Jul 2024 03:11:06 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK favicon.ico
static.thriftbooks.com/images/ 4 KB
1 KB 32ms
31ms Other
image/x-icon 151.101.2.7
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thriftbooks.com/images/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.7 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2ee8c5930a6f0fa19a8ae796a772c74c3cab3b817e92f4679da612bfca4a714a

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Tue, 30 Jul 2024 03:11:06 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Content-MD5: MLW3Z+2JYwM30NaEAVCYxA==
Age: 1778
X-Cache: HIT
Connection: keep-alive
Content-Length: 650
X-Served-By: cache-mia-kmia1760057-MIA
x-ms-lease-status: unlocked
Last-Modified: Thu, 04 Apr 2024 23:19:59 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
X-Timer: S1722309066.090747,VS0,VE0
ETag: 0x8DC54FDBF988EE6
Vary: Accept-Encoding
Content-Type: image/x-icon
x-ms-request-id: e7131940-801e-0014-5da7-cbcd79000000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 2

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ Frame 0
0 706ms
109ms Preflight 52.179.73.39
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.179.73.39 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://ntqskdynsb.shop
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Tue, 30 Jul 2024 03:11:05 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

GET
H2

200

/
match.adsrvr.org/track/upb/ Frame C3AD
Redirect Chain

https://insight.adsrvr.org/track/up?adv=iuykgbt&ref=https%3A%2F%2Fntqskdynsb.shop%2F&upid=fncjif3&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=iuykgbt&ref=https%3A%2F%2Fntqskdynsb.shop%2F&upid=fncjif3&upv=1.1.0

0
0

78ms
57ms

Document
text/html

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=iuykgbt&ref=https%3A%2F%2Fntqskdynsb.shop%2F&upid=fncjif3&upv=1.1.0
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://ntqskdynsb.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 30 Jul 2024 03:11:06 GMT
server: Kestrel
vary: Accept-Encoding

Redirect headers

content-length: 265
date: Tue, 30 Jul 2024 03:11:06 GMT
location: https://match.adsrvr.org/track/upb/?adv=iuykgbt&ref=https%3A%2F%2Fntqskdynsb.shop%2F&upid=fncjif3&upv=1.1.0
server: Kestrel

GET
H2 200 ct.html
ct.pinterest.com/ Frame 9BF7 0
0 223ms
68ms Document
text/html 23.222.193.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.193.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-222-193-6.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://ntqskdynsb.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

akamai-grn: 0.08c83017.1722309066.7c478fce
alt-svc: h3=":443"; ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Tue, 30 Jul 2024 03:11:06 GMT
pinterest-version: 24566c1eacfd475e71889db2e24a77832ef4e778
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 1
x-pinterest-rid: 6439302561631642

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 57ms
57ms Image
text/html 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-1008264088&v=3&t=t&pid=1628271645&cv=1&rv=47t0&tc=8&tag_exp=95250753&es=1&e=gtm.load&eid=20&u=AgAAAIAKAAAAACAAAAAAAAAY&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:06 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
279 B 57ms
56ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://ntqskdynsb.shop
Date: Tue, 30 Jul 2024 03:11:07 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
BLOB 200
OK d758638f-ae99-4bb7-a212-45a089247cf8
https://ntqskdynsb.shop/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ntqskdynsb.shop/d758638f-ae99-4bb7-a212-45a089247cf8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 event Show response
sslwidget.criteo.com/ 3 KB
2 KB 223ms
66ms Script
application/x-javascript 74.119.117.16

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=16616&v=5.26.1&otl=1&p0=e%3Dvpg&adce=1&bundle=qA24p183RGN4WCUyRm9tTVlGZDBTcHFuOVo5MVFrb2ZuTjhuZGJoUEx1MWtDWEttM1dvTlNqTmhnNCUyRnIwbE5STE1oblAlMkJ1eERkaldFYWtqcldxN1lZYXJuRzh4c3cyQmRoczdaJTJGV1dYa21tYnBzTEZuSEl0MCUyRlIlMkZzM3hST3NiZHBGWiUyQmt6N0NSUExaJTJGZFFnbXp1MkRGRmJJdSUyQkNtZHR4dlJlcDJBVGJCNTkxS3lyRUUlM0Q&sc=%7B%22fbp%22%3A%22fb.1.1722309064850.24460000654901682%22%7D&tld=ntqskdynsb.shop&dy=1&fu=https%253A%252F%252Fntqskdynsb.shop%252F&ceid=769096f7-725a-4cf5-a9a9-cdc917af56fc&cs=1-N-&cv=1

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.16 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

45950435bb947ab4a463d0051e0c5befbacadaa3074d537c9b7138dcd1407a5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 03:11:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 9239656
timing-allow-origin: *
expires: 0

GET
H2 200 register-trigger
measurement-api.criteo.com/ 0
0 175ms
57ms Fetch 2620:100:a00b::26

General

Check archive.org

Show headers Download Go to

Full URL

https://measurement-api.criteo.com/register-trigger?partner_id=16616&uid=cbe5b380-81bb-4236-9d3f-9b35c2ac9ee1&event_name=ViewPage&islcc=0&amount_local=0&amount_euro=0&client_side_event_id=769096f7-725a-4cf5-a9a9-cdc917af56fc

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::26 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ntqskdynsb.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 03:11:08 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0","priority":"0"}],"debug_key":"12098376875656514386","debug_reporting":true,"aggregatable_values":{},"aggregatable_source_registration_time":"include"}
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://ntqskdynsb.shop
access-control-allow-credentials: true
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=ntqskdynsb.shop&origin=onetag&us_privacy=1-N-

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ntqskdynsb.shop/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: vohymvrgn4krx1njcgyjye4l
ntqskdynsb.shop/	1970-01-20 22:25:10	Name: snow_session Value: 15c79e0b-6d41-4614-a532-89114c248b40
ntqskdynsb.shop/	1970-01-21 08:01:09	Name: TIdent Value: d263cb4585fd4788acd4327fd610e97e
ntqskdynsb.shop/	1969-12-31 23:59:59	Name: ShowEmailSignupModal Value: 1
ntqskdynsb.shop/	1970-01-20 23:09:47	Name: CartIdentifier Value: 7017f6708f1e491fb08b44083f72643e
.ntqskdynsb.shop/	1970-01-21 00:34:45	Name: _gcl_au Value: 1.1.727178091.1722309064
.ntqskdynsb.shop/	1970-01-21 07:11:06	Name: ab.storage.sessionId.9b697b56-3ad5-4d70-afb3-6bf89f582a03 Value: %7B%22g%22%3A%2225de3edc-a31f-6e8f-c04c-fc8dc36d6140%22%2C%22e%22%3A1722310864398%2C%22c%22%3A1722309064399%2C%22l%22%3A1722309064399%7D
.ntqskdynsb.shop/	1970-01-21 07:11:06	Name: ab.storage.deviceId.9b697b56-3ad5-4d70-afb3-6bf89f582a03 Value: %7B%22g%22%3A%2229344654-b110-8eb6-d466-249814b608e3%22%2C%22c%22%3A1722309064401%2C%22l%22%3A1722309064401%7D
.ntqskdynsb.shop/	1970-01-21 08:01:09	Name: _ga_T0W870EHBL Value: GS1.1.1722309064.1.0.1722309064.60.0.0
.ntqskdynsb.shop/	1970-01-21 00:34:45	Name: _rdt_uuid Value: 1722309064555.1020c9a2-e40c-4011-9cd3-728ea1d214e6
ntqskdynsb.shop/	1970-01-21 07:10:09	Name: __rtbh.lid Value: %7B%22eventType%22%3A%22lid%22%2C%22id%22%3A%22dU07DLVLNxiDrFOVoIk4%22%7D
.criteo.com/	1970-01-21 07:46:45	Name: uid Value: cbe5b380-81bb-4236-9d3f-9b35c2ac9ee1
.criteo.com/	1970-01-21 07:46:45	Name: receive-cookie-deprecation Value: 1
.ntqskdynsb.shop/	1970-01-21 08:01:09	Name: _ga Value: GA1.2.934388571.1722309065
.ntqskdynsb.shop/	1970-01-20 22:26:35	Name: _gid Value: GA1.2.1026092897.1722309065
.ntqskdynsb.shop/	1970-01-20 22:25:09	Name: _dc_gtm_UA-2012106-1 Value: 1
.doubleclick.net/	1970-01-21 08:01:09	Name: IDE Value: AHWqTUms1ZMtvT84JxaySVFEPpiobQe3cSJjHb1Om2C6SrtYuJff5CfxOww2Y9CT
.ntqskdynsb.shop/	1970-01-20 22:26:35	Name: _uetsid Value: 5b838a704e2111ef9d786f1f21d396f5
.ntqskdynsb.shop/	1970-01-21 07:46:45	Name: _uetvid Value: 5b83c8c04e2111efaca8e73360fd7ae1
.media6degrees.com/	1970-01-21 02:44:21	Name: clid Value: 2shf26g01171sgh9mxbdjn36000000015v010v01701
.media6degrees.com/	1970-01-21 02:44:21	Name: sglst Value: 44yc001r01ntbq8ne
.media6degrees.com/	1970-01-21 02:44:21	Name: acs Value: 014020i0j0k1shf26gxzt10xzt10xzt10
.ntqskdynsb.shop/	1970-01-21 00:34:45	Name: _fbp Value: fb.1.1722309064850.24460000654901682
.bing.com/	1970-01-21 07:46:45	Name: MUID Value: 1EF57B6437BC6F2903746FA836026E92
.bat.bing.com/	1970-01-20 22:35:13	Name: MR Value: 0
.ntqskdynsb.shop/	1970-01-21 07:54:33	Name: cto_bundle Value: qA24p183RGN4WCUyRm9tTVlGZDBTcHFuOVo5MVFrb2ZuTjhuZGJoUEx1MWtDWEttM1dvTlNqTmhnNCUyRnIwbE5STE1oblAlMkJ1eERkaldFYWtqcldxN1lZYXJuRzh4c3cyQmRoczdaJTJGV1dYa21tYnBzTEZuSEl0MCUyRlIlMkZzM3hST3NiZHBGWiUyQmt6N0NSUExaJTJGZFFnbXp1MkRGRmJJdSUyQkNtZHR4dlJlcDJBVGJCNTkxS3lyRUUlM0Q
www.clarity.ms/	1970-01-21 07:10:45	Name: CLID Value: 90764c1ce34b4bf885045cf023c4e2ba.20240730.20250730
ntqskdynsb.shop/	1970-01-21 07:10:45	Name: ai_user Value: 0yJxSkOCesHSIN53GrW3Yj\|2024-07-30T03:11:05.041Z
.creativecdn.com/	1970-01-21 07:10:45	Name: g Value: j5BJ4sTGAabPAwSLXrp9_1722309065015
.creativecdn.com/	1970-01-21 07:10:45	Name: c Value: j5BJ4sTGAabPAwSLXrp9_O2TzcokkEtP08zrP0IgW_1722309065015
.creativecdn.com/	1970-01-21 07:10:45	Name: ts Value: 1722309065
ntqskdynsb.shop/	1970-01-20 22:25:10	Name: ai_session Value: 9oUetklt42d6AJpEEUDpwU\|1722309065047\|1722309065047
.ntqskdynsb.shop/	1970-01-21 07:10:45	Name: _clck Value: 11be1r4%7C2%7Cfnw%7C0%7C1672
.pinterest.com/	1970-01-21 07:10:45	Name: ar_debug Value: 1
.ntqskdynsb.shop/	1970-01-21 07:10:45	Name: _pin_unauth Value: dWlkPU1HVm1NbVEzT0dNdFpqWXhZeTAwTjJNekxUZ3lZVFV0TXpJMlpHSTNNRFJsWVdSbA
.mountain.com/	1970-01-21 07:10:45	Name: guid Value: 5bb35060-4e21-11ef-b19a-51817659982a
.ntqskdynsb.shop/	1970-01-20 22:26:35	Name: _clsk Value: 1k00umq%7C1722309065494%7C1%7C0%7Ct.clarity.ms%2Fcollect
.px.mountain.com/	1970-01-21 07:10:45	Name: tt Value: H4sIAAAAAAAAAKtWKlOyMqoFAP609q8HAAAA
.c.bing.com/	1970-01-20 22:35:13	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:46:45	Name: SRM_B Value: 1EF57B6437BC6F2903746FA836026E92
.adsrvr.org/	1970-01-21 07:10:45	Name: TDID Value: 42eabc52-413f-423b-8241-aade52e4146b
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:46:45	Name: MUID Value: 1EF57B6437BC6F2903746FA836026E92
.c.clarity.ms/	1970-01-20 22:35:13	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 22:25:09	Name: ANONCHK Value: 0
.adnxs.com/	1970-01-21 08:01:09	Name: receive-cookie-deprecation Value: 1
.rubiconproject.com/	1970-01-21 07:10:45	Name: audit_p Value: 1\|4ekBxeNHkWejhyy2rV19e3vs+2BkRPcICQ56bfV/YB+bz16xSA9sXQPbM5DouSFinQtpWl8Qb4SM1KxoLazIt9i2Wk5FrGos0XY24Ec+XLuGn1UZIe/8+eAez77ilMVTuKQlM/MWOY5D6hYBizFHORQwOXNofbEsweJ0Jmvi3i5bOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.rubiconproject.com/	1970-01-21 07:10:45	Name: khaos Value: LZ7UCLBF-20-A8S3
.rubiconproject.com/	1970-01-21 07:10:45	Name: khaos_p Value: LZ7UCLBF-20-A8S3
.rubiconproject.com/	1970-01-21 07:10:45	Name: audit Value: 1\|4ekBxeNHkWejhyy2rV19e3vs+2BkRPcICQ56bfV/YB+bz16xSA9sXQPbM5DouSFinQtpWl8Qb4SM1KxoLazIt9i2Wk5FrGos0XY24Ec+XLuGn1UZIe/8+eAez77ilMVTuKQlM/MWOY5D6hYBizFHORQwOXNofbEsweJ0Jmvi3i5bOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.adsrvr.org/	1970-01-21 07:10:45	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIjIn0lOmTmD0QBRIWCgdydWJpY29uEgsIurf5j-mTmD0QBRIXCghhcHBuZXh1cxILCKzW-Y_pk5g9EAUYBSACKAMyCwiY9fu8_5OYPRAFQg8iDQgBEgkKBXRpZXIzEAFaB2l1eWtnYnRgAQ..

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ntqskdynsb.shop/scripts/webVitals.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ntqskdynsb.shop/Scripts/swiper.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ntqskdynsb.shop/scripts/sp.js Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://cmp.osano.com/16CObGTHXExy73yEY/d16a2cf0-c130-44d7-8512-3ed9616f7bc9/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

action.dstillery.com
action.media6degrees.com
alb.reddit.com
analytics.google.com
arttrk.com
bat.bing.com
c.bing.com
c.clarity.ms
cmp.osano.com
connect.facebook.net
consent.api.osano.com
ct.pinterest.com
dc.services.visualstudio.com
dx.mountain.com
dynamic.criteo.com
googleads.g.doubleclick.net
gs.mountain.com
gum.criteo.com
i.thriftbooks.com
insight.adsrvr.org
js.adsrvr.org
js.appboycdn.com
js.monitor.azure.com
match.adsrvr.org
measurement-api.criteo.com
ntqskdynsb.shop
pixel-config.reddit.com
px.mountain.com
s.pinimg.com
sdk.iad-05.braze.com
sslwidget.criteo.com
static.thriftbooks.com
stats.g.doubleclick.net
t.clarity.ms
tags.creativecdn.com
tracker.marinsm.com
us.creativecdn.com
use.fontawesome.com
widget.trustpilot.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.redditstatic.com
gum.criteo.com
104.21.85.42
108.139.33.128
13.225.63.11
151.101.129.140
151.101.2.7
151.101.65.140
172.217.222.155
172.217.222.97
173.194.204.147
18.164.116.44
18.173.219.101
18.173.219.114
18.210.229.244
185.184.10.30
20.110.205.119
20.114.189.70
2001:4860:4802:36::181
23.222.193.6
2600:1408:ec00:28e::1931
2600:9000:2510:bc00:3:b7e:8940:93a1
2606:4700:3036::6815:1b98
2606:4700:4400::ac40:965f
2606:4700:4400::ac40:97ee
2606:4700::6810:7809
2607:f8b0:400d:c04::61
2607:f8b0:400d:c04::9c
2607:f8b0:400d:c07::71
2620:100:a00b::12
2620:100:a00b::26
2620:100:a00b::a
2620:1ec:bdf::38
2620:1ec:c11::237
2a02:6ea0:e200::17
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
2a04:4e42:600::396
34.238.149.65
35.71.131.137
44.217.21.19
52.12.117.226
52.179.73.39
52.42.124.195
74.119.117.16
008109b0d131d6357501dae77416dab1d3b0fdc7f283311df43a90818a4833db
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
05b7421b7a7c241f0da4c8629370043a7227e4c0e8a65c037095c3597534b7f9
14bf9d82d7bdbb9522ff2ce19bb627c17fb0a1f467ad01ef7f99e5d11b9a1dfc
14f8e98dc155af1da36257e80c6f38bb0ba94349edb31efc977678e6c1e530cb
191ed6f4f18d3008d235cc587fe0b10f6d243d5937476a0d4d98c56524c375ee
19d335924c4acb12c835503efcc12ead763818c07699e5dacc96f6bd0a64cc3c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
24090b98fec198eb273a95f100fcd9cfe8bf4fa6af0ddecb6aa695d7ebe3897a
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341
2c12b91b720225fa357bdb8f934ed7e5284223ffa95b3c0ea946c770b2f53fe4
2ee8c5930a6f0fa19a8ae796a772c74c3cab3b817e92f4679da612bfca4a714a
30df009b127ffaf0dff4034577f3de48191c32aef8e5d190ab1250deb3e363ff
31f36668c2418d59cd88ebdfb4f26ce68b421754d49cd916614c7160937d3c1b
326ed89109181bb7ed322d9c05bb481bbfe6b20a6e0d8f701b7d94e981811ff7
33011b5a794b0acd4e44f2fe2bb2c2b271ea6b693ec492441880a521ca32dd85
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3cc33c0dca4f34f387f193b19a196f05043856b73b1b70e243dd26ca816ecccc
3f2254384ffeeb55579542eeab7cc44b36ac3cca357dff1d9aa2db6e58cbe6e1
41b6f98e814784e87d3bff6abfe1bb042e1d57ae4787d2ad4d6bd03172f08537
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09
435907eeb44d2129d07914e4eedbc85e075a4680f4a8c4fbdb3f1e01c8321075
45950435bb947ab4a463d0051e0c5befbacadaa3074d537c9b7138dcd1407a5f
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
49330f8652590e77b8e20350358ea3195f12eed447d1b8bfb6d7b3ba968d92c0
4aeca434f8b1d27bb8512c828d56e0c68bbe0467bcf2ab47931adc367e1b9caa
4b2551cd29d9abe9575eccd4b1671176907310a7b6a33981f9107c752edfbff4
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69
63f7266f84bfb6c88960363c9ba3f6e75a7773a85c3ffde3ad1750f1d8b169c6
64242620e74b79915f5014b875ae73457a4738c559ad8a8306f2afa846534ad5
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
68ace0238292d2ea0bb3f8698d91614da143fda72fde0aedf4ed8a4e5e0a0cbc
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f469001ac86ad0eed37bd95a0c6d454fcea08aa17aa5fde94bafd27b1508729
6f677479da0322270e2f916c22e2ce2b231941f4b4da63669d42adcbf8706c9e
750eac5fd8c80c475c17e3942903fa718301a9a49fd405b5c2aa331f0b600227
7734dc2b438b0cc3d73132d8bada614ef91edd88247cce09e212dda5e9b28631
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7989da2ac9433a60156d9ccda7bed7c40b1b1418323d7d93fd57be5006ab6d41
7ba9fbf93d03b54e7bd00c7117da4c6d14566fd03425edb84ac6445522c6800f
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7f77def5f0950089cf4b686b3ef5cddb907bc9e5b70610ab41ed70dacf0b1d79
80d72be0778b0b2964b7005b4c5c01aeed015a6b13443a13d38972dfa816fd0b
83b99089a17a9d5a839b37b3119cf28afc310d5bbd9966fd5d98ae0a5835ee4e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d
a6ab76bf7b38db620d0f444459357310aeb71827fc6576627dc16d7a424a0e83
a7620a49c312b435e030ebfc5d2c68cc756aa4626ba46ef1519b8b552058ddab
a7798db667f2567f6c94e521c83155527a13eb0de01ec1ad421cb6ef0a576ef5
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab1012572b2e2c5d914531d4d5ce17ed6082fe5254e27c3f348ddbf8b8de4d04
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
afcc408ef24f9465f6e347b94ef9d549350b58f6d3bb3a1e39f18e1f993e1625
b28bc5f5054f65a676e744e678b1f651ee87a8e5589e15f85fc45cd135d49e19
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b4875b0fdafde57e054fd846053f25f22afbe89f3fc3adae15f01b0328d2f0e7
b78db0c77c8423d7f1e9b01c349f26c842bd2eb4cf3ee3702f665f8d0bb980d8
ba96b562f89c1a4af7a49107d7cc62cb7b5a8fa86da2228031a9a070031bba56
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136
bdf5b4bce93e893e24eed0b24f772f07d20c137bb9a4018e7aae74eef865bdc6
bfc530a1fa97b92375721b6bfcd4ae131dca7ddc02533fbc82ea34e601d96b82
c49539510d1ac0a0267856f094d9a64b316e93325ee4350ba3ffc16fa15893d8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca770cdcb96cae2aa9834e9dc82dacc6f3e3fa6bb0d2deea011085dddec262da
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
cdb83c2f0b8fcc5639a941bd4e9361ed1e63fe5692ea68829b4465096fa179e5
ce2f5f717894e0800586a3fb5022ac8e8ea105d8a7dee912532b61d9a6fee7be
d60c15b1151ab8e2df7296a64ea7cf3a2d5db74c03b07baacdea2169cab76063
ddb9c8ac8d671a83a9fac02e0c5f21a70e474e16efa45c32beb14d057b9af826
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df6fffc7c24b4763cde6cfc9426aebe793ea22dc435d85f859ffd106d029f034
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48
e95ad2ca395e9c8a83f0aae666eef22ae59df8aff26e0f7efe9cf3e4fb68ede4
ea70350dc40d05d23aa597216415c5ba983143ff770ea58700ee2c85a7687f1c
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ecd8b01694105e3eec289c765e6f61ba2ca847a59f4b0e2cd0a8732a5da7887a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5
fac502b529ce2296e8a39395195d77c70382ddcc4a7f6b2cc52b3eabc20a03d3
fcc41a055a9e89b09a46fb8ca80c0878fd467c41d8f5d185ac78263f3e58caeb

ntqskdynsb.shop Open in urlscan Pro 104.21.85.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

128 Requests

83 %HTTPS

44 %IPv6

29 Domains

45 Subdomains

43 IPs

3 Countries

1872 kBTransfer

4279 kBSize

51 Cookies

15 Outgoing links

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ntqskdynsb.shop Open in urlscan Pro
104.21.85.42 Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

83 %
HTTPS

44 %
IPv6

29
Domains

45
Subdomains

43
IPs

3
Countries

1872 kB
Transfer

4279 kB
Size

51
Cookies

128 HTTP transactions
0 data transactions